{{- if (ne .host.distro.family "windows") -}}
#!/usr/bin/env bash
# @file Samba Configuration
# @brief This script configures Samba by applying the configuration stored in `${XDG_DATA_HOME:-$HOME/.config}/samba/config` if the `smbd` application is available
# @description
#     This script applies the Samba configuration stored in `${XDG_DATA_HOME:-$HOME/.config}/samba/config` if Samba is installed.
#     The script and default configuration set up two Samba shares.
#
#     ## Security
#
#     Both shares are configured by default to only accept connections
#     from hosts with DNS that ends in `.local.PUBLIC_SERVICES_DOMAIN`, where `PUBLIC_SERVICES_DOMAIN` is an environment variable that
#     can be passed into Install Doctor. So, if your `PUBLIC_SERVICES_DOMAIN` environment variable is set to `megabyte.space`, then
#     a device with a FQDN of `alpha.local.megabyte.space` pointing to its LAN location will be able to connect but a device
#     with a FQDN of `alpha.megabyte.space` will not be able to connect.
#
#     ## Samba Shares / S3 Backup
#
#     If CloudFlare R2 credentials are provided, Samba is configured to store its shared files in the Rclone mounts so that your
#     Samba shares are synchronized to the S3 buckets. If not, new folders are created. Either way, the folder / symlink that the
#     shares host data from are stored at `/mnt/share-private` and `/mnt/share-public` (*Note: Different paths are used on macOS*).
#
#     1. The **public** share (named "Public") can be accessed by anyone (including write permissions with the default settings)
#     2. The **private** share (named "Private") can be accessed by specifying the PAM credentials of anyone who has an account that is included in the `sambausers` group
#
#     ## Symlinks
#
#     Symlinks are disabled for security reasons. This is because, with symlinking enabled, people can create symlinks on the shares and use the symlinks to access system files outside of the
#     Samba shares. There are commented-out lines in the default configuration that you can uncomment to enable the symlinks in shares.
#
#     ## Printers
#
#     Printer sharing is not enabled by default. There are commented lines in the default configuration that should provide a nice stepping
#     stone if you want to use Samba for printer sharing (with CUPS).
#
#     ## Environment Variables
#
#     The following chart details some of the environment variables that are used to determine the configuration of the
#     Samba shares:
#
#     | Environment Variable        | Description                                                                                         |
#     |-----------------------------|-----------------------------------------------------------------------------------------------------|
#     | `PUBLIC_SERVICES_DOMAIN`    | Used to determine which hosts can connect to the Samba share (e.g. `.local.PUBLIC_SERVICES_DOMAIN`) |
#     | `SAMBA_NETBIOS_NAME`        | Determines the NetBIOS name (defaults to the `HOSTNAME` environment variable value)                 |
#     | `SAMBA_WORKGROUP`           | Controls Samba workgroup name (defaults to "BETELGEUSE")                                            |
#
#     ## Links
#
#     * [Default Samba configuration](https://github.com/megabyte-labs/install.doctor/tree/master/home/dot_local/samba/config.tmpl)
#     * [Secrets / Environment variables documentation](https://install.doctor/docs/customization/secrets)

{{ includeTemplate "universal/profile" }}
{{ includeTemplate "universal/logg" }}

### Configure Samba server
if command -v smbd > /dev/null; then
    ### Define share locations
    if [ -d /Applications ] && [ -d /System ]; then
        ### macOS does not have `/mnt` folder so use `/Volumes` location
        MNT_FOLDER='Volumes'
    else
        MNT_FOLDER='mnt'
    fi
    PRIVATE_CLOUD="/$MNT_FOLDER/Cloud (Private)"
    PUBLIC_CLOUD="/$MNT_FOLDER/Cloud (Public)"
    PRIVATE_SHARE="/$MNT_FOLDER/Network Share (Private)"
    PUBLIC_SHARE="/$MNT_FOLDER/Network Share (Public)"

    ### Ensure private Samba directory / symlink exists
    if [ -d "$PRIVATE_CLOUD" ] && [ ! -d "$PRIVATE_SHARE" ]; then
        sudo ln -s "$PRIVATE_CLOUD" "$PRIVATE_SHARE"
    else
        sudo mkdir -p "$PRIVATE_SHARE"
    fi

    ### Ensure public Samba directory / symlink exists
    if [ -d "$PUBLIC_CLOUD" ] && [ ! -d "$PUBLIC_SHARE" ]; then
        sudo ln -s "$PUBLIC_CLOUD" "$PUBLIC_SHARE"
    else
        sudo mkdir -p "$PUBLIC_SHARE"
    fi

    ### Copy the Samba server configuration file
    if [ -d /Applications ] && [ -d /System ]; then
        logg warn 'TODO Add logic that applies the Samba configuration for macOS'
    else
        logg info "Copying Samba server configuration to /etc/samba/smb.conf"
        sudo cp -f "${XDG_CONFIG_HOME:-$HOME/.config}/samba/config" "/etc/samba/smb.conf"

        ### Reload configuration file changes
        logg info 'Reloading the `smbd` config'
        smbcontrol smbd reload-config
    fi
else
    logg info "Samba server is not installed"
fi

{{ end -}}