#!/bin/sh

set -e

PKG=mod-security-cn

MODSECCONF=/etc/apache2/mod-security/$PKG.conf
MODSECRBL=/etc/apache2/mod-security/rbl_lookup.conf
MODSECLNK=/etc/apache2/conf-available/security2-cn.conf

# chk_conf_tag ()
#
#   Check if configuration file has CARNET package info lines.
#   return:  $RET => 0 - tagged
#                    1 - file does not exists
#                    2 - file exists, but it is not tagged
#
chk_conf_tag () {
  local conf_file
  conf_file="$1"
  RET=1

  if [ -f "$conf_file" ]; then
    if egrep -q "^## Begin - Generated by CARNET package mod-security-cn$" "$conf_file"; then
      RET=0
    else
      RET=2
    fi
  fi
}

if [ -e /usr/share/apache2/apache2-maintscript-helper ]; then
  . /usr/share/apache2/apache2-maintscript-helper

  modsecurity_enable() {
    chk_conf_tag "$MODSECLNK"
    if [ $RET -ne 2 ]; then
      echo "CN: Disabling $PKG configuration for Apache2."
      return 0
    fi
    return 1
  }
else
  echo "CN: Could not load Apache 2.4 maintainer script helper."

  modsecurity_enable() {
    return 1
  }
fi

if [ "$1" = "remove" ] || [ "$1" = "deconfigure" ]; then
  # Disable ModSecurity configuration.
  if modsecurity_enable; then
    apache2_invoke disconf security2-cn
    rm -f "$MODSECLNK"
  fi

  # Remove configuration files generated by this CARNET package.
  for mfile in "$MODSECCONF" "$MODSECRBL"; do
    chk_conf_tag "$mfile"
    if [ $RET -eq 0 ]; then
      echo "CN: Removing configuration file $mfile"
      rm -f "$mfile"
    fi
  done
fi

#DEBHELPER#

exit 0