#!/bin/sh
# postinst — shared by the twiy and twiy-raweb packages.
#
# Pristine configs and the default site ship under /usr/share/twiy/defaults
# (owned/tracked by dpkg), NOT under the live /nginx and /hostdata trees. We
# seed the live trees from the stash here:
#   - target missing  -> install the packaged copy
#   - target present  -> leave it untouched; drop our copy as <file>.new
# Because dpkg does not track the live files, an install or upgrade never
# overwrites a config the admin has edited (e.g. you get nginx.conf.new, not a
# clobbered nginx.conf).

set -e

# nginx runtime user (idempotent).
useradd -r -s /bin/false nginx 2>/dev/null || true

seed_tree() {
    stash="$1"
    target="$2"
    [ -d "$stash" ] || return 0
    find "$stash" -type f | while IFS= read -r src; do
        rel=${src#$stash/}
        dst="$target/$rel"
        install -d "$(dirname "$dst")"
        if [ -e "$dst" ]; then
            cp -p "$src" "$dst.new"   # keep admin's file; offer ours as .new
        else
            cp -p "$src" "$dst"
        fi
    done
}

seed_tree /usr/share/twiy/defaults/nginx    /nginx
seed_tree /usr/share/twiy/defaults/hostdata /hostdata

# Empty include dirs referenced by nginx.conf (`include conf.d/*;`) that ship
# with no files of their own.
install -d /nginx/conf.d /nginx/config
install -d -o nginx -g nginx -m 0755 /var/log/nginx

chown -R nginx:nginx /var/log/nginx /nginx 2>/dev/null || true

systemctl daemon-reload  2>/dev/null || true
systemctl enable  nginx.service 2>/dev/null || true
systemctl restart nginx.service 2>/dev/null || true

exit 0
