#!/bin/bash

ipv4=$(ip addr | grep 'inet ' | grep -v '127.0' | head -n1 | awk '{print $2}' | cut -f1 -d /)
grep -a -q -v lxc /proc/1/environ
islxc=$?

main() {
	if [[ ${islxc} == 0 ]]; then
		NetSetHostname
		NetIPConfig
	else
		APTCleanupLXCPackage
	fi
	APTSetProxy
	APTUpdateDist
	APTInstallBase
	APTCleanAll
	BashSetAlias
	BashSetPS
	NanoSetConfig
	IssueSetContent
	SSHEnableRootLogin
	GrubSetConfig
	Reboot
}

NetSetHostname() {
	hostname=$(hostname)
	hostname=$(whiptail --title "Hostname" --inputbox "" 0 30 "${hostname}" 3>&1 1>&2 2>&3)
	if [ "$?" = "0" ] && [ "${hostname}" != "" ]; then
		hostname "${hostname}"
		echo "${hostname}" > /etc/hostname
	fi
}
NetIPConfig() {
	options=()
	options+=("DHCP" "")
	options+=("Static" "")
	sel=$(whiptail --title "Network" --menu "" 0 0 0 "${options[@]}" 3>&1 1>&2 2>&3)
	if [ "$?" = "0" ]; then
		case ${sel} in
			"Static") NetIPConfigStatic;;
		esac
	fi
}
NetIPConfigStatic() {
	netif="$(ip a | grep ens | head -n1 | cut -d: -f2)"
	netif=${netif:1}
	netip="${ipv4}"
	netmask="255.255.255.0"
	netgw="$(echo "${ipv4}" | cut -d. -f1-3).1"
	netdns="$(echo "${ipv4}" | cut -d. -f1-3).1"
	netip=$(whiptail --title "Network" --inputbox "IP" 0 30 "${netip}" 3>&1 1>&2 2>&3)
	if [ "$?" = "0" ] && [ "${netip}" != "" ]; then
		netmask=$(whiptail --title "Network" --inputbox "Mask" 0 30 "${netmask}" 3>&1 1>&2 2>&3)
		if [ "$?" = "0" ] && [ "${netmask}" != "" ]; then
			netgw=$(whiptail --title "Network" --inputbox "Route" 0 30 "${netgw}" 3>&1 1>&2 2>&3)
			if [ "$?" = "0" ] && [ "${netgw}" != "" ]; then
				netdns=$(whiptail --title "Network" --inputbox "DNS" 0 30 "${netdns}" 3>&1 1>&2 2>&3)
				if [ "$?" = "0" ] && [ "${netdns}" != "" ]; then
					echo "allow-hotplug ${netif}" > /etc/network/interfaces.d/${netif}
					echo "iface ${netif} inet static" >> /etc/network/interfaces.d/${netif}
					echo -e "\taddress ${netip}" >> /etc/network/interfaces.d/${netif}
					echo -e "\tnetmask ${netmask}" >> /etc/network/interfaces.d/${netif}
					echo -e "\tgateway ${netgw}" >> /etc/network/interfaces.d/${netif}
					sed -i "/${netif}/d" /etc/network/interfaces
					echo "nameserver ${netdns}" > /etc/resolv.conf
				fi
			fi
		fi
	fi
}

APTSetProxy() {
	proxy=""
	proxy=$(whiptail --title "Proxy" --inputbox "" 0 30 "${proxy}" 3>&1 1>&2 2>&3)
	if [ "$?" = "0" ]; then
		if [ "${proxy}" != "" ]; then
			echo "Acquire::http { Proxy \"${proxy}\"; };" > /etc/apt/apt.conf.d/02proxy
		fi
	fi
}
APTCleanupLXCPackage() {
	apt remove -y bind9-host debian-faq doc-debian postfix x11-common fontconfig-config fonts-dejavu-core gdbm-l10n python-apt-common
}
APTUpdateDist() {
	apt update -y
	apt dist-upgrade -y
}
APTInstallBase() {
	options=()
	options+=("curl" "" on)
	options+=("wget" "" on)
	options+=("lsof" "" on)
	options+=("acpi" "" on)
	options+=("bash-completion" "" on)
	options+=("iptables" "" on)
	options+=("iptables-persistent" "" on)
	options+=("openssh-server" "" on)
	options+=("gnupg" "" on)
	options+=("rsync" "" on)
	options+=("nmon" "" on)
	options+=("snmpd" "" on)
  sel=$(whiptail --title "Basic Install" --checklist "" 0 0 0 "${options[@]}" 3>&1 1>&2 2>&3)
  if [ "$?" = "0" ]; then
		pkg=""
		for itm in ${sel}; do
			pkg="${pkg} $(echo ${itm} | sed 's/"//g')"
		done
		apt install -y ${pkg}
		for itm in ${sel}; do
			case ${itm} in
			'"iptables-persistent"')
				IPTablesInstall;;
			'"snmpd"')
				SNMPDInstall;;
			esac
		done
	fi
}
APTCleanAll() {
	apt-get autoremove -y
	apt-get autoclean -y
}

BashSetAlias() {
	cat > /etc/profile.d/alias.sh << "EOF"
alias ls='ls --color=auto -hl --time-style long-iso'
alias l='ls --color=auto -hlA --time-style long-iso'
alias ll='ls --color=auto -hla --time-style long-iso'
alias cd..='cd ..'
alias ..='cd ..'
alias ...='cd ../../'
alias ....='cd ../../../'
alias .....='cd ../../../../'
alias ff='find / -name'
alias f='find . -name'
alias fif='grep -rnw . -e'
alias grep='grep --color=auto'
alias egrep='egrep --color=auto'
alias fgrep='fgrep --color=auto'
alias ip='ip -c'
alias vdir='vdir --color=auto'
alias watch='watch --color'
EOF
}
BashSetPS() {
	cat > /etc/profile.d/ps1.sh << "EOF"
clrreset='\e[0m'
clrwhite='\e[1;37m'
clrgreen='\e[1;32m'
clrred='\e[1;31m'
export PS1="\[$clrred\][$USER@$HOSTNAME]\[$clrwhite\] \w \`if [ \$? = 0 ]; then echo -e '\[$clrgreen\]'; else echo -e '\[$clrred\]'; fi\`\\$ \[$clrreset\]"
EOF
}

NanoSetConfig() {
	sed -i "/tabsize/c\set tabsize 2" /etc/nanorc
	cat >> /etc/nanorc << "EOF"
set numbercolor brightwhite
set statuscolor brightwhite,green
set keycolor cyan
set functioncolor green
EOF
	cat > /root/.nanorc << "EOF"
set titlecolor brightwhite,red
set statuscolor brightwhite,red
EOF
}

IssueSetContent() {
	cat > /etc/issue << "EOF"
\v \r \l

    .o oOOOOOOOo                                            OOOo
    Ob.OOOOOOOo  OOOo.      oOOo.                      .adOOOOOOO
    OboO"""""""""""".OOo. .oOOOOOo.    OOOo.oOOOOOo.."""""""""'OO
    OOP.oOOOOOOOOOOO "POOOOOOOOOOOo.   `"OOOOOOOOOP,OOOOOOOOOOOB'
    `O'OOOO'     `OOOOo"OOOOOOOOOOO` .adOOOOOOOOO"oOOO'    `OOOOo
    .OOOO'            `OOOOOOOOOOOOOOOOOOOOOOOOOO'            `OO
    OOOOO                 '"OOOOOOOOOOOOOOOO"`                oOO
   oOOOOOba.                .adOOOOOOOOOOba               .adOOOOo.
  oOOOOOOOOOOOOOba.    .adOOOOOOOOOO@^OOOOOOOba.     .adOOOOOOOOOOOO
 OOOOOOOOOOOOOOOOO.OOOOOOOOOOOOOO"`  '"OOOOOOOOOOOOO.OOOOOOOOOOOOOO
 "OOOO"       "YOoOOOOMOIONODOO"`  .   '"OOROAOPOEOOOoOY"     "OOO"
    Y           'OOOOOOOOOOOOOO: .oOOo. :OOOOOOOOOOO?'         :`
    :            .oO%OOOOOOOOOOo.OOOOOO.oOOOOOOOOOOOO?         .
    .            oOOP"%OOOOOOOOoOOOOOOO?oOOOOO?OOOO"OOo
                 '%o  OOOO"%OOOO%"%OOOOO"OOOOOO"OOO':
                      `$"  `OOOO' `O"Y ' `OOOO'  o             .
    .                  .     OP"          : o     .
                              :
                              .
EOF
}

IPTablesInstall() {
	cat > /etc/iptables/rules.v4 << "EOF"
*filter
:INPUT DROP [0:0]
:FORWARD DROP [0:0]
:OUTPUT ACCEPT [0:0]
-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-A INPUT -i lo -j ACCEPT
# Ping
-A INPUT -p icmp -j ACCEPT
# SSH
-A INPUT -p tcp -m tcp --dport 22 -m state --state NEW -j ACCEPT
# SNMPD
-A INPUT -p udp -m udp --dport 161 -m state --state NEW -j ACCEPT
COMMIT
EOF
	cat > /etc/iptables/rules.v6 << "EOF"
*filter
:INPUT DROP [0:0]
:FORWARD DROP [0:0]
:OUTPUT ACCEPT [0:0]
-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-A INPUT -i lo -j ACCEPT
COMMIT
EOF
	iptables-restore /etc/iptables/rules.v4
	ip6tables-restore /etc/iptables/rules.v6
}

SNMPDInstall() {
	cummunityname=public
	cummunityname=$(whiptail --title "SNMP Community name" --inputbox "" 0 30 "${cummunityname}" 3>&1 1>&2 2>&3)
	sed -i "s/public/${cummunityname}/" /etc/snmp/snmpd.conf
	sed -i "s/127.0.0.1/0.0.0.0/" /etc/snmp/snmpd.conf
	systemctl restart snmpd
}

SSHEnableRootLogin() {
	sed -i "/PermitRootLogin prohibit-password/c\PermitRootLogin yes #prohibit-password" /etc/ssh/sshd_config
	systemctl restart sshd
}

GrubSetConfig() {
	if [ -f "/etc/default/grub" ]; then
		sed -i "/GRUB_TIMEOUT/c\GRUB_TIMEOUT=1" /etc/default/grub
		update-grub
	fi
}

Reboot() {
	if $(whiptail --yesno "Reboot ?" 0 0 3>&1 1>&2 2>&3); then
		reboot
	fi
}

main