# configure.sh — First-time setup wizard

Run `system_setup/configure.sh` on the machine that has the OEMDRV partition mounted. It guides you through all site-specific settings, tests the configuration, and leaves the system ready for a Fedora installation. Can be run as root or as a normal user — `install.sh` pre-creates `ks.cfg` at the OEMDRV root with world-write permission so both cases work.

```bash
bash /opt/sys_config/system_setup/configure.sh
```

## What it does

1. **Edits configuration values** — prompts for each setting below. Press Enter to keep the shown default, or type a new value. Derived values (e.g. `SERVERFQDN_IPA`) are updated immediately when you change `TLDOMAIN`, so subsequent prompts always reflect your latest input.

   | Variable | Description |
   |---|---|
   | `TLDOMAIN` | Top-level domain of your infrastructure (e.g. `company.tld`) |
   | `SERVERFQDN_IPA` | FQDN of the FreeIPA server (default: `ipa.<TLDOMAIN>`) |
   | `SERVERFQDN_NC` | FQDN of the Nextcloud server (default: `nextcloud.<TLDOMAIN>`) |
   | `CLIENTADMINGROUP` | IPA group that receives sudo rights on clients |
   | `DECRYPTEDDATADIR` | Mount point for the decrypted user data directory |
   | `ENCRYPTEDDATADIR` | Path of the gocryptfs-encrypted data directory |
   | `IPAVAULTUSE` | `true` to use IPA KRA vault for the encryption key, `false` to disable encryption |
   | `IPAVAULTNAME` | Name of the IPA vault entry (default: `CLIENT_FILEENCRYPTION_<hostname>`) |

2. **Confirms the FQDN** — shows the computed `FQDN` (`<hostname>.clients.<TLDOMAIN>`) and lets you override the hostname part if needed.

3. **Tests the encrypted home mount** — runs `mount_ecrypt_home.sh`. On failure you can restart the wizard or quit.

4. **Obtains a Nextcloud WebDAV token** — calls `get_nc_token`, which opens Firefox for login. Verifies that the returned token belongs to the current user. You can retry or quit on failure.

5. On success, the written config file `config.d/configure.conf` is picked up automatically by all other scripts instead of `config/setup_system.conf`.

## After the wizard completes

Boot the target machine from the Fedora USB installer. Anaconda detects the OEMDRV partition and runs the Kickstart automatically.