vctp2/src/preinstall.sh

#!/bin/bash
USER="vctp"
GROUP="dtms"

# Path to the custom sudoers file
SUDOERS_FILE="/etc/sudoers.d/${USER}"

# create a group & user if not exists
getent group "$GROUP" >/dev/null || groupadd -r "$GROUP"; /bin/true
getent passwd "$USER" >/dev/null || useradd -r -g "$GROUP" -m -s /bin/bash -c "vctp service" "$USER"

# create vctp config directory if it doesn't exist
[ -d /etc/dtms ] || mkdir -p /etc/dtms

# set group ownership on vctp config directory if not already done
[ "$(stat -c "%G" /etc/dtms)" = "$GROUP" ] || chgrp -R "$GROUP" /etc/dtms

# set permissions on vctp config directory if not already done
[ "$(stat -c "%a" /etc/dtms)" = "774" ] || chmod -R 774 /etc/dtms

# create vctp data directory if it doesn't exist
[ -d /var/lib/vctp ] || mkdir -p /var/lib/vctp

# set user ownership on vctp data directory if not already done
[ "$(stat -c "%U" /var/lib/vctp)" = "$USER" ] || chown -R "$USER" /var/lib/vctp

# set group ownership on vctp data directory if not already done
[ "$(stat -c "%G" /var/lib/vctp)" = "$GROUP" ] || chgrp -R "$GROUP" /var/lib/vctp

# Check if firewalld is installed and active
if command -v systemctl >/dev/null 2>&1 && systemctl is-enabled firewalld >/dev/null 2>&1 && systemctl is-active firewalld >/dev/null 2>&1; then
    echo "Firewalld is enabled and running. Adding necessary ports..."

    # Open HTTPS port (443/tcp)
    firewall-cmd --permanent --add-service=https >/dev/null 2>&1

    # Open custom application port (9443/tcp)
    firewall-cmd --permanent --add-port=9443/tcp >/dev/null 2>&1

    # Reload firewalld to apply changes
    firewall-cmd --reload >/dev/null 2>&1
else
    echo "Firewalld is not running or not enabled. Skipping firewall configuration."
fi