#!/bin/sh
##
##  git-apache.sh -- Git integration for Apache
##

#   base configuration
vardir="@l_prefix@/var/git-apache"
htpasswd="@l_prefix@/sbin/htpasswd"
git="@l_prefix@/bin/git"

#   run-time sanity check
if [ ".`id -u`" != .0 ]; then
    echo "$0: ERROR: command requires root privileges" 1>&2
    exit 1
fi

#   command-line handling
usage () {
    echo "USAGE: $0 create  <repo-name>" 1>&2
    echo "USAGE: $0 destroy <repo-name>" 1>&2
    echo "USAGE: $0 passwd  <repo-name> <user-name> [<user-password>] [committer]" 1>&2
    exit 1
}
if [ $# -lt 2 ]; then
    usage
fi
cmd="$1";  shift
repo="$1"; shift

#   dispatch according to command...
case "$cmd" in
    create )
        #   create repository
        if [ -d "$vardir/dat/$repo" ]; then
            echo "$0: ERROR: repository \"$repo\" already existing -- destroy first" 1>&2
            exit 1
        fi
        echo "++ creating repository \"$repo\""
        mkdir "$vardir/dat/$repo.git"
        $git init --quiet --bare "$vardir/dat/$repo"
        $git config -f "$vardir/dat/$repo/config" http.getanyfile true
        $git config -f "$vardir/dat/$repo/config" http.uploadpack true
        $git config -f "$vardir/dat/$repo/config" http.receivepack true
        echo -n "Git Repository <$repo>" >"$vardir/dat/$repo/description"
        chown -R "@l_nusr@:@l_ngrp@" "$vardir/dat/$repo"
        echo -n "" >"$vardir/etc/$repo.pwd"
        chown "@l_nusr@:@l_ngrp@" "$vardir/etc/$repo.pwd"
        echo -n "committers:" >"$vardir/etc/$repo.grp"
        chown "@l_nusr@:@l_ngrp@" "$vardir/etc/$repo.grp"
        (   echo "<LocationMatch \"^/git/$repo/.*\">"
            echo "    AuthName          \"Git Repository <$repo> (read access)\""
            echo "    AuthType          Basic"
            echo "    AuthBasicProvider file"
            echo "    AuthUserFile      $vardir/etc/$repo.pwd"
            echo "    AuthGroupFile     $vardir/etc/$repo.grp"
            echo "    Require           valid-user"
            echo "</LocationMatch>"
            echo "<LocationMatch \"^/git/[^/]+/.*git-receive-pack$\">"
            echo "    AuthName          \"Git Repository <$repo> (write access)\""
            echo "    AuthType          Basic"
            echo "    AuthBasicProvider file"
            echo "    AuthUserFile      $vardir/etc/$repo.pwd"
            echo "    AuthGroupFile     $vardir/etc/$repo.grp"
            echo "    Require           group committers"
            echo "</LocationMatch>"
        ) >"$vardir/etc/$repo.conf"
        chown "@l_nusr@:@l_ngrp@" "$vardir/etc/$repo.conf"
        ;;
    destroy )
        #   destroy repository
        if [ ! -d "$vardir/dat/$repo" ]; then
            echo "$0: ERROR: repository \"$repo\" not existing -- create first" 1>&2
            exit 1
        fi
        echo "++ destroying repository \"$repo\""
        rm -rf "$vardir/dat/$repo"
        rm -f  "$vardir/etc/$repo.pwd"
        rm -f  "$vardir/etc/$repo.grp"
        ;;
    passwd )
        #   configure access control of repository
        if [ $# -lt 1 ]; then
            usage
        fi
        username="$1"; shift
        if [ ! -d "$vardir/dat/$repo" ]; then
            echo "$0: ERROR: repository \"$repo\" not existing -- create first" 1>&2
            exit 1
        fi
        echo "++ setting password access for \"$repo\""
        if [ $# -ge 1 ]; then
            password="$1"; shift
            $htpasswd -b "$vardir/etc/$repo.pwd" "$username" "$password"
        else
            $htpasswd "$vardir/etc/$repo.pwd" "$username"
        fi
        if [ $# -eq 1 -a ".$1" = ".committer" ]; then
            echo -n " $username" >>"$vardir/etc/$repo.grp"
        fi
        ;;
esac