#!/bin/sh
# Program Name: setup-zone-exclusive.sh
# Author:       Alain Hoang
# Purpose:      Wrapper around setting up an ipkg branded zone with
#               an exclusive interface
# Notes:        If you want DHCP you will need the script from the following URL
#  http://www.linuxtopia.org/online_books/opensolaris_2008/SYSADV3/html/extkj.html
#               Copy that to dhcp-client-event.sh
#
# Copyright (c) 2009, Alain Hoang
# 
# Permission is hereby granted, free of charge, to any person obtaining a copy
# of this software and associated documentation files (the "Software"), to deal
# in the Software without restriction, including without limitation the rights
# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
# copies of the Software, and to permit persons to whom the Software is
# furnished to do so, subject to the following conditions:
# 
# The above copyright notice and this permission notice shall be included in
# all copies or substantial portions of the Software.
# 
# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
# THE SOFTWARE.


################################################
# Change the following to match what is needed
################################################
REAL_IF="bnx0"
TEMPLATE_ZONE="barebones"

################################################
# Do not modify below
################################################
if test $# -lt 2
then
	echo "Usage: $0 <new zone name> <network interface>"
	exit 1
fi

# Get command line args
NEW_ZONE_NAME=$1
NET_IF=$2

# Verify we can only run as root
ROOT_USER=0
REAL_USER=`id -u`
if test ${ROOT_USER} -ne ${REAL_USER}
then
	echo "This must be run as root.  Exiting..."
	exit 2
fi

# Check to see if the zone name has already been taken 
zone_prov=`zoneadm list -c | grep -c ${NEW_ZONE_NAME}`
if test ${zone_prov} -gt 0
then
	echo "Zone ${NEW_ZONE_NAME} seems to be already configured"
	echo "Delete ${NEW_ZONE_NAME} [y/N]?"
	read answer
	case ${answer} in
		y|Y*)
			zonecfg -z ${NEW_ZONE_NAME} delete -F
			;;
		*)
			echo "Zone already configured.  Exiting..."
			exit 3
			;;
	esac
fi

# Test the virtual nic nam
vnic_on=`dladm show-link | grep -c ${NET_IF}`
vnic_check=`dladm show-vnic | sed -e '1d' | awk ' { print $1 } '`
if test ${vnic_on} -lt 1
then
	# Ask to create a virtual nic if it is not configured
	#
	# TODO: Ask user which physical interface to bind to
	echo "Network interface ${NET_IF} does not seem exist"
	echo "Create it [y/N]?"
	read answer
	case ${answer} in
		y|Y*)
			dladm create-vnic -l ${REAL_IF} ${NET_IF}
			if test $? -ne 0
			then
				echo "Create vnic operation failed! Exiting"
				exit 5
			fi
			;;
		*)
			echo "Network interface does not seem to exist"
			exit 4
			;;
	esac
else
	# Check if the virtual nic is already in use by another zone
	# and do nothing if so
	no_zone='--'
	zone_for_netif=`dladm show-linkprop ${NET_IF} | grep zone | awk ' { print $4 } '`
	if test ${zone_for_netif} != ${no_zone}
	then
		echo "${NET_IF} is in use by ${zone_for_netif}.  Choose another interface"
		exit 5
	fi
fi


cat > ${NEW_ZONE_NAME}.zonecfg <<ZONECFG_FILE
create -b
set zonepath=/zones/${NEW_ZONE_NAME}
set brand=ipkg
set autoboot=false
set ip-type=exclusive
add net
set physical=${NET_IF}
end
ZONECFG_FILE

cat > ${NEW_ZONE_NAME}.sysidcfg <<SYSIDCFG_FILE
system_locale=C
terminal=xterms
network_interface=primary {
	        dhcp protocol_ipv6=yes
}
security_policy=NONE
timezone=Japan
SYSIDCFG_FILE


echo "============================"
echo "Configuring ${NEW_ZONE_NAME}..."
pfexec zonecfg -z ${NEW_ZONE_NAME} -f ${NEW_ZONE_NAME}.zonecfg 
echo ""

echo "============================"
echo "Configuration for ${NEW_ZONE_NAME} is..."
pfexec zonecfg -z ${NEW_ZONE_NAME} export
echo ""

echo "============================"
echo "Cloning ${NEW_ZONE_NAME} from ${TEMPLATE_ZONE}..."
pfexec zoneadm -z ${NEW_ZONE_NAME} clone ${TEMPLATE_ZONE}
echo ""

echo "============================"
echo "Detaching ${NEW_ZONE_NAME} to autoconfigure..." 
pfexec zoneadm -z ${NEW_ZONE_NAME} detach
echo ""

echo "============================"
echo "Copying ${NEW_ZONE_NAME}.sysidcfg into ${NEW_ZONE_NAME}..." 
pfexec cp ${NEW_ZONE_NAME}.sysidcfg /zones/${NEW_ZONE_NAME}/root/etc/sysidcfg
echo ""

echo "============================"
echo "Conriguring root password for ${NEW_ZONE_NAME}..." 
pfexec cp /zones/${NEW_ZONE_NAME}/root/etc/shadow /tmp/setupzone.$$
pfexec grep -v root /tmp/setupzone.$$ > /tmp/setupzone2.$$
pfexec echo 'root:$5$EVUu5LA8$jSAMMLX4DJDQ1tMAIoScYJp2f9EdETnxcIXa/BOLL8A:14146::::::' > /tmp/setupzone.$$
pfexec cat /tmp/setupzone2.$$ >> /tmp/setupzone.$$
pfexec mv /tmp/setupzone.$$ /zones/${NEW_ZONE_NAME}/root/etc/shadow
pfexec chmod 0400  /zones/${NEW_ZONE_NAME}/root/etc/shadow
echo ""

echo "============================"
echo "Setting NFSv4 domain for ${NEW_ZONE_NAME}..." 
cat /zones/${NEW_ZONE_NAME}/root/etc/default/nfs | sed -e "s/\#NFSMAPID_DOMAIN\=domain/NFSMAPID_DOMAIN=zendo\.bebear\.net/" > /tmp/nfsconfig.$$
pfexec mv /tmp/nfsconfig.$$ /zones/${NEW_ZONE_NAME}/root/etc/default/nfs
pfexec chmod 644 /zones/${NEW_ZONE_NAME}/root/etc/default/nfs
pfexec touch /zones/${NEW_ZONE_NAME}/root/etc/.NFS4inst_state.domain
echo ""

echo "============================"
echo "Removing .UNCONFIGURED for ${NEW_ZONE_NAME}..."
pfexec rm /zones/${NEW_ZONE_NAME}/root/etc/.UNCONFIGURED
echo ""

echo "============================"
echo "Setting up DHCP event hook into ${NEW_ZONE_NAME}..." 
pfexec cp dhcp-client-event.sh /zones/${NEW_ZONE_NAME}/root/etc/dhcp/eventhook
pfexec chmod +x /zones/${NEW_ZONE_NAME}/root/etc/dhcp/eventhook
echo ""

echo "============================"
echo "Setting up nsswitch into ${NEW_ZONE_NAME}..." 
pfexec cp /zones/${NEW_ZONE_NAME}/root/etc/nsswitch.dns \
	/zones/${NEW_ZONE_NAME}/root/etc/nsswitch.conf 
echo ""

echo "============================"
echo "Re-attaching ${NEW_ZONE_NAME} to autoconfigure..." 
pfexec zoneadm -z ${NEW_ZONE_NAME} attach
echo ""

echo "============================"
echo "Booting ${NEW_ZONE_NAME}..." 
pfexec zoneadm -z ${NEW_ZONE_NAME} boot

echo "============================"
echo "sysidconfig on ${NEW_ZONE_NAME}..." 
pfexec zlogin ${NEW_ZONE_NAME} sysidconfig

echo "============================"
echo "Plumbing ${NEW_ZONE_NAME}'s interface ..." 
pfexec zlogin ${NEW_ZONE_NAME} ifconfig ${NET_IF} plumb

echo "============================"
echo "DHCPing ${NEW_ZONE_NAME}'s interface ..." 
pfexec zlogin ${NEW_ZONE_NAME} ifconfig ${NET_IF} auto-dhcp

echo ""
echo "============================"
echo "Showing all configured zones"
zoneadm list -cv
echo ""

echo "============================"
echo "Finish the final setup with"
echo " pfexec zlogin -C ${NEW_ZONE_NAME}"
echo " pfexec zoneadm -z ${NEW_ZONE_NAME} boot"