#!/bin/bash
#
# Univention Server
#  network script: modify resolv.conf
#
# Like what you see? Join us!
# https://www.univention.com/about-us/careers/vacancies/
#
# Copyright 2009-2023 Univention GmbH
#
# https://www.univention.de/
#
# All rights reserved.
#
# The source code of this program is made available
# under the terms of the GNU Affero General Public License version 3
# (GNU AGPL V3) as published by the Free Software Foundation.
#
# Binary versions of this program provided by Univention to you as
# well as other copyrighted, protected or trademarked materials like
# Logos, graphics, fonts, specific documentations and configurations,
# cryptographic keys etc. are subject to a license agreement between
# you and Univention and not subject to the GNU AGPL V3.
#
# In the case you use this program under the terms of the GNU AGPL V3,
# the program is provided in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU Affero General Public License for more details.
#
# You should have received a copy of the GNU Affero General Public
# License with the Debian GNU/Linux or Univention distribution in file
# /usr/share/common-licenses/AGPL-3; if not, see
# <https://www.gnu.org/licenses/>.

. /etc/network/ucs-network-tools
ucs_ignore_interface

eval "$(univention-config-registry shell)"

. /usr/share/univention-lib/all.sh

if [ -n "$nameserver_option_timeout" ] && ! grep -q -s timeout /etc/resolv.conf
then
	echo "options timeout:$nameserver_option_timeout" >> /etc/resolv.conf
fi

case "$(ucr get interfaces/${IFACE}/type)" in
dhcp) ;;
*) exit 0 ;;
esac

is_ns ()
{
	local server="$1"
	eval "$(ucr shell dns/forwarder1 dns/forwarder2 dns/forwarder3 nameserver1 nameserver2 nameserver3)"

	if	[ "$dns_forwarder1" = "$server" ] || [ "$dns_forwarder2" = "$server" ] || [ "$dns_forwarder3" = "$server" ] || \
		[ "$nameserver1" = "$server" ] || [ "$nameserver2" = "$server" ] || [ "$nameserver3" = "$server" ]; then
		return 0
	else
		return 1
	fi
}

# On a joined DNS server the DHCP nameserver should be converted to a dns/forwarder.
# But at least one nameserver must be configured via ucr and nameserver/external
# must not be set to true
if	[ -e /var/univention-join/joined ] && is_domain_controller && \
	[ -n "$nameserver1" -o -n "$nameserver2" -o -n "$nameserver3" ] && \
	! is_ucr_true "nameserver/external"
then
	need_restart=false
	i=1
	while read key ns
	do
		[ "$key" = nameserver ] || continue
		if ! is_ns "$ns"
		then
			ucr set "dns/forwarder$i=$ns" >/dev/null
			need_restart=true
		fi
		i=$((i+1))
	done </etc/resolv.conf
	"$need_restart" && invoke-rc.d bind9 reload
	ucr commit /etc/resolv.conf
else
	# Add the local configured nameserver to the resolv.conf

	# The given nameserver via DHCP should be the default nameserver, so split the
	# current resolv.conf
	tempdir=$(mktemp -d)
	trap "rm -rf '$tempdir'" EXIT
	grep -v ^nameserver /etc/resolv.conf >"${tempdir}/resolv.conf"
	grep ^nameserver /etc/resolv.conf >"${tempdir}/nameserver_dhcp"
	touch "${tempdir}/nameserver_local"
	for i in $(seq 1 3); do
		dns="nameserver$i"
		if [ -n "${!dns}" ]; then
			# Don't add the local nameservers twice
			if ! grep -q -s "nameserver *${!dns}\$" "${tempdir}/nameserver_local"; then
				echo "nameserver ${!dns}" >> "${tempdir}/nameserver_local"
			fi
		fi
	done

	# Build resolv.conf
	cat "${tempdir}/resolv.conf" "${tempdir}/nameserver_local" >/etc/resolv.conf
	# Don't add the DHCP nameservers twice
	awk '/^nameserver/{print $2}' <"${tempdir}/nameserver_dhcp" | while read ns; do
			if ! grep -q -s "nameserver *${ns}\$" /etc/resolv.conf; then
				echo "nameserver $ns" >>/etc/resolv.conf
			fi
	done
fi

exit 0
