#!/bin/bash

set_admin_password() {

PASSWORD="admin"
CONFIRM=""
while [ "$PASSWORD" != "$CONFIRM" ];
do
PASSWORD=$(/usr/bin/dialog --no-cancel --backtitle "Set admin password" --insecure --passwordbox "Please enter a new password for IssabelPBX user 'admin'" 10 70 3>&1 1>&2 2>&3)
CONFIRM=$(/usr/bin/dialog --no-cancel --backtitle "Set admin password" --insecure --passwordbox "Please confirm the password for IssabelPBX user 'admin'" 10 70 3>&1 1>&2 2>&3)

if [ "$PASSWORD" != "$CONFIRM" ];
then
   /usr/bin/dialog --backtitle 'Set admin password' --msgbox 'Password and confirmation do not match, please try again' 10 70
fi


RESULT=$(echo $PASSWORD | cracklib-check)
ARR=(${RESULT//:/})
RESULT2=$(printf "%s " "${ARR[@]:1}")

if [ "$RESULT2" != "OK " ]; then
    /usr/bin/dialog --title "Warning" --backtitle "Set admin password" --yesno "Insecure password: $RESULT2\n\nAre you sure you want to continue?" 7 70
    RESPONSE=$?
    case $RESPONSE in
        1) CONFIRM="aa$PASSWORD"
    esac
fi

done

}

BLA_braille_whitespace=( 0.2 ⣾ ⣽ ⣻ ⢿ ⡿ ⣟ ⣯ ⣷ )
BLA::play_loading_animation_loop() {
  while true ; do
    for frame in "${BLA_active_loading_animation[@]}" ; do
      printf "\r%s" "${frame}"
      sleep "${BLA_loading_animation_frame_interval}"
    done
  done
}

BLA::start_loading_animation() {
  BLA_active_loading_animation=( "${@}" )
  # Extract the delay between each frame from array BLA_active_loading_animation
  BLA_loading_animation_frame_interval="${BLA_active_loading_animation[0]}"
  unset "BLA_active_loading_animation[0]"
  tput civis # Hide the terminal cursor
  BLA::play_loading_animation_loop &
  BLA_loading_animation_pid="${!}"
}

BLA::stop_loading_animation() {
  kill "${BLA_loading_animation_pid}" &> /dev/null
  printf "\n"
  tput cnorm # Restore the terminal cursor
}

trap BLA::stop_loading_animation SIGINT

clear
echo -n "   Preparing installation..."

BLA::start_loading_animation "${BLA_braille_whitespace[@]}"

apt -y update >/dev/null 2>&1

which dialog >/dev/null
if [ $? -eq 1 ]; then
        apt -y install dialog >/dev/null 2>&1
        if [ $? != 0 ]; then
                echo "Error while trying to install dialog"
                exit 1
        fi
fi

which gnupg2 >/dev/null
if [ $? -eq 1 ]; then
        apt -y install gnupg2 >/dev/null 2>&1
        if [ $? != 0 ]; then
                echo "Error while trying to install gnupg2"
                exit 1
        fi
fi

which curl >/dev/null
if [ $? -eq 1 ]; then
        apt -y install curl >/dev/null 2>&1
        if [ $? != 0 ]; then
                echo "Error while trying to install curl"
                exit 1
        fi
fi

BLA::stop_loading_animation

dialog --title "Issabel Installation" --yesno "This will install IssabelPBX and related tools into your system. Do you want to proceed?"  10 50

if [ $? -eq 1 ]; then
        clear;
        exit 0;
fi

language=$((dialog --backtitle "Issabel" --no-tags \
--radiolist "Select the base language for IssabelPBX:" 10 60 10 \
 en_EN "English" "ON" \
 es_ES "Español" "" \
 > /dev/tty) 2>&1)

set_admin_password

dialog --infobox "Please wait" 10 75

# Disable Firewall

if [ -f /usr/sbin/iptables ]; then
/usr/sbin/iptables -F >/dev/null 2>&1
/usr/sbin/iptables -X >/dev/null 2>&1
fi

if [ -f /usr/sbin/ufw ]; then
/usr/sbin/ufw disable >/dev/null 2>&1
fi

# Enable non free and contrib repos
sed -i '/^deb /s/main$/main contrib non-free/g' /etc/apt/sources.list

# Install Issabel key
curl -s http://repo.issabel.org/issabel/RPM-GPG-KEY-Issabel | apt-key add - >/dev/null 2>&1

# Issabel repository and preference
cat <<EOF >/etc/apt/preferences.d/preferences
Package: *
Pin: origin repo.issabel.org
Pin-Priority: 1001
EOF

cat <<EOF >/etc/apt/sources.list.d/issabel.list
deb http://repo.issabel.org/debian bullseye main
EOF

apt -y update >/dev/null 2>&1

# Package installation
FILES="curl wget jq pv asterisk asterisk-doc asterisk-opus"
FILES="$FILES git apache2 php php-pear php-mysql php-db php-curl php-sqlite3 php-apcu php-mbstring gettext"
FILES="$FILES unixodbc odbcinst unixodbc-dev"
FILES="$FILES mariadb-server mariadb-client libmariadb-dev"
FILES="$FILES cockpit net-tools dialog locales-all libwww-perl"
FILES="$FILES mpg123 fail2ban"
FILES="$FILES libttspico-utils cracklib-runtime"
total=($FILES)

dialog --title "Installing" --gauge "Installing..." 10 75 < <(
i=0
for A in $FILES
do
        n=${#total[@]}
        PCT=$(( 100*(++i)/n ))
        cat <<EOF
XXX
$PCT
Installing package "$A"...
XXX
EOF
    apt -y install $A >/dev/null 2>&1
done
)



#apt -y install asterisk asterisk-doc asterisk-opus
#apt -y install git apache2 php php-pear php-mysql php-db php-curl php-sqlite3 php-apcu php-mbstring gettext
#apt -y install unixodbc odbcinst unixodbc-dev
#apt -y install mariadb-server mariadb-client libmariadb-dev
#apt -y install cockpit net-tools dialog locales-all libwww-perl wget
#apt -y install mpg123 fail2ban
#apt -y install libttspico-utils cracklib-runtime

# Asterisk modules soft link for Ubuntu 22

if [ -d /usr/lib/x86_64-linux-gnu/asterisk/modules ]; then
    mkdir /usr/lib/asterisk  >/dev/null 2>&1
    ln -s /usr/lib/x86_64-linux-gnu/asterisk/modules /usr/lib/asterisk  >/dev/null 2>&1
fi


# Redirect to /admin for web root
if [ -f /var/www/html/index.html ]; then
    mv /var/www/html/index.html /var/www/html/index.html.bak  >/dev/null 2>&1
fi

cat <<EOF > /var/www/html/index.html
<html>
<head>
<meta http-equiv="refresh" content="0; url=/admin">
</head>
<body></body>
</html>
EOF

# Apache Configuration
sed -i -e "s/www-data/asterisk/" /etc/apache2/envvars
echo "<Directory /var/www/html/pbxapi>" >/etc/apache2/conf-available/pbxapi.conf
echo "    AllowOverride All" >>/etc/apache2/conf-available/pbxapi.conf
echo "</Directory>" >>/etc/apache2/conf-available/pbxapi.conf
ln -s /etc/apache2/conf-available/pbxapi.conf /etc/apache2/conf-enabled  >/dev/null 2>&1
a2enmod rewrite >/dev/null 2>&1

# Enable SSL
a2enmod ssl  >/dev/null 2>&1
ln -s /etc/apache2/sites-available/default-ssl.conf /etc/apache2/sites-enabled/  >/dev/null 2>&1

# Finally restart apache
systemctl restart apache2  >/dev/null 2>&1


# UnixODBC config

cat <<EOF > /etc/odbc.ini
[MySQL-asteriskcdrdb]
Description=MySQL connection to 'asteriskcdrdb' database
driver=MySQL ODBC 8.0 Unicode Driver
server=localhost
database=asteriskcdrdb
Port=3306
Socket=/var/lib/mysql/mysql.sock
option=3
Charset=utf8

[asterisk]
driver=MySQL ODBC 8.0 Unicode Driver
server=localhost
database=asterisk
Port=3306
Socket=/var/lib/mysql/mysql.sock
option=3
charset=utf8
EOF

echo "[adaptive_connection]" >> /etc/asterisk/cdr_adaptive_odbc.conf
echo "connection=asteriskcdrdb" >> /etc/asterisk/cdr_adaptive_odbc.conf
echo "table=cdr" >> /etc/asterisk/cdr_adaptive_odbc.conf
echo "usegmtime=no" >> /etc/asterisk/cdr_adaptive_odbc.conf
echo "alias start => calldate" >> /etc/asterisk/cdr_adaptive_odbc.conf
echo "unaswered= yes" >> /etc/asterisk/cdr_adaptive_odbc.conf
echo "congestion= yes" >> /etc/asterisk/cdr_adaptive_odbc.conf

# Install Maria ODBC Connector for some distros/versions

cd /usr/src
if [ -e "/run/mysqld/mysqld.sock" ]; then
	sed -i -e 's/Socket=\/var\/lib\/mysql\/mysql.sock/astdatadir => \/run\/mysqld\/mysqld.sock/' /etc/odbc.ini
elif [ -e "/var/run/mysqld/mysqld.sock" ]; then
	sed -i -e 's/Socket=\/var\/lib\/mysql\/mysql.sock/astdatadir => \/var\/lib\/mysql\/mysql.sock/' /etc/odbc.ini
fi

if [ -f /etc/lsb-release ]; then
    DLFILE="https://dlm.mariadb.com/1936476/Connectors/odbc/connector-odbc-3.1.15/mariadb-connector-odbc-3.1.15-ubuntu-focal-amd64.tar.gz"
elif [ -f /etc/debian_version ]; then
    if [ $(cat /etc/debian_version | cut -d. -f1) = 11 ]; then
        DLFILE="https://dlm.mariadb.com/1936451/Connectors/odbc/connector-odbc-3.1.15/mariadb-connector-odbc-3.1.15-debian-buster-amd64.tar.gz"
    elif [ $(cat /etc/debian_version | cut -d. -f1) = 10 ]; then
        DLFILE="https://dlm.mariadb.com/1936451/Connectors/odbc/connector-odbc-3.1.15/mariadb-connector-odbc-3.1.15-debian-buster-amd64.tar.gz"
    elif [ $(cat /etc/debian_version | cut -d. -f1) = 9 ]; then
	DLFILE="https://dlm.mariadb.com/1936481/Connectors/odbc/connector-odbc-3.1.15/mariadb-connector-odbc-3.1.15-debian-9-stretch-amd64.tar.gz"
    fi
fi
FILENAME=$(basename $DLFILE)
rm $FILENAME >/dev/null 2>&1
wget $DLFILE  >/dev/null 2>&1
tar zxvf $FILENAME >/dev/null 2>&1
rm $FILENAME$A >/dev/null 2>&1
cp $(find /usr/src/ -name libmaodbc.so) /usr/local/lib >/dev/null 2>&1

cat <<EOF > /etc/odbcinst.ini
[MySQL ODBC 8.0 Unicode Driver]
Driver=/usr/local/lib/libmaodbc.so
UsageCount=1

[MySQL ODBC 8.0 ANSI Driver]
Driver=/usr/local/lib/libmaodbc.so
UsageCount=1
EOF


# IssabelPBX Installation
dialog --infobox "Downloading IssabelPBX" 10 75

cd /usr/src
git clone https://github.com/asternic/issabelPBX.git >/dev/null 2>&1

# Asterisk configs
sed -i '/^displayconnects/a #include manager_general_additional.conf' /etc/asterisk/manager.conf
sed -i '/^displayconnects/d' /etc/asterisk/manager.conf
touch /etc/asterisk/manager_general_additional.conf >/dev/null 2>&1
echo "displayconnects=yes" >/etc/asterisk/manager_general_additional.conf
echo "timestampevents=yes" >>/etc/asterisk/manager_general_additional.conf
echo "webenabled=no" >>/etc/asterisk/manager_general_additional.conf
chown asterisk.asterisk /etc/asterisk/manager_general_additional.conf >/dev/null 2>&1
chown asterisk.asterisk /usr/share/asterisk/agi-bin -R >/dev/null 2>&1
chown asterisk.asterisk /var/lib/asterisk/agi-bin -R >/dev/null 2>&1

# Install PearDB
pear install DB >/dev/null 2>&1

# fail2ban config
sed -i 's:/var/log/asterisk/messages:/var/log/asterisk/security:' /etc/fail2ban/jail.conf

if [ ! -f /etc/fail2ban/jail.d/issabelpbx.conf ]; then

cat <<'EOF' >/etc/fail2ban/jail.d/issabelpbx.conf
[asterisk]
enabled=true

[issabelpbx-auth]
enabled=true
logpath=/var/log/asterisk/issabelpbx.log
maxretry=3
bantime=43200
ignoreip=127.0.0.1
port=80,443
EOF

cat <<'EOF' >/etc/fail2ban/filter.d/issabelpbx-auth.conf
# Fail2Ban filter for issabelpbx
#
[INCLUDES]
before = common.conf
[Definition]
failregex = ^%(__prefix_line)s\[SECURITY\].+Invalid Login.+ <HOST>\s*$
ignoreregex =
EOF

fi


# Script to get Letsecnrypt certificate for SSL
if [ ! -f /usr/bin/setSSL ]; then
cat <<'EOF' >/usr/bin/setSSL
#!/bin/bash
EMAIL=$(/usr/bin/dialog --no-cancel --backtitle "Let's Encrypt Certificate" --insecure --inputbox "Please enter the email to receive Letsencrypt notifications and updates" 10 70 3>&1 1>&2 2>&3)
DOMAIN=$(/usr/bin/dialog --no-cancel --backtitle "Let's Encrypt Certificate" --insecure --inputbox "Please enter the domain name to get the certificate for" 10 70 3>&1 1>&2 2>&3)
apt install snapd
snap install core
snap refresh core
snap install --classic certbot
ln -s /snap/bin/certbot /usr/bin/certbot
certbot --non-interactive --agree-tos -m $EMAIL --apache -d $DOMAIN
EOF
fi
chmod a+x /usr/bin/setSSL >/dev/null 2>&1

# Generate asterisk.pem file from default self signed cert
mkdir /etc/asterisk/keys
>/etc/asterisk/keys/asterisk.pem
for A in `grep '^\s\+SSLCert' /etc/apache2/sites-available/default-ssl.conf | grep -v chain | awk '{print $2}'`; do cat $A >>/etc/asterisk/keys/asterisk.pem; done


# Compile issabelPBX language files
dialog --infobox "Preparing localization files" 10 75
cd /usr/src/issabelPBX/
where=`pwd`
build/compile_gettext.sh >/dev/null 2>&1
systemctl restart apache2 >/dev/null 2>&1

dialog --infobox "Installing spanish sound prompts" 10 75
# Install spanish prompts
wget repo.issabel.org/azure_es_female.tgz >/dev/null 2>&1
mkdir /usr/share/asterisk/sounds/es >/dev/null 2>&1
tar zxvf azure_es_female.tgz -C /usr/share/asterisk/sounds/es >/dev/null 2>&1


# If for some reason we do not have language set, default to english
if [ "$language" == "" ]; then
    language=en_EN
fi

# Install IssabelPBX with install_amp

dialog --infobox "Installing IssabelPBX" 10 75

if [ "$PASSWORD" != "" ]; then
$where/framework/install_amp --dbuser=root --installdb --scripted --language=$language --adminpass=$PASSWORD >/dev/null 2>&1
else
$where/framework/install_amp --dbuser=root --installdb --scripted --language=$language >/dev/null 2>&1
fi

dialog --infobox "Restarting fail2ban" 10 75

systemctl restart fail2ban >/dev/null 2>&1

dialog --infobox "Installation complete!" 10 75
sleep 2
clear