fedora-OEMDRV/system_setup/config.dist/setup_system.conf.dist

# Include for System Settings
# SPDX-FileCopyrightText: Daniel Pätzold
# SPDX-License-Identifier: AGPL-3.0-or-later
#
export TLDOMAIN=domain.tld
export DOMAIN=clients.${TLDOMAIN}
export SERVERFQDN_IPA=ipa.${TLDOMAIN} # Needs to be the IPA- Server
export SERVERFQDN_NC=nextcloud.${TLDOMAIN}
export INSTALLDOCS="https://gitea.dtext.online/obel1x/fedora-OEMDRV/src/branch/main/README.md"

#If the REPO_URL and REPO_BRANCH is set, this script collection will do automatic upgrades
export REPO_URL="https://gitea.dtext.online/obel1x/fedora-OEMDRV.git"
export REPO_BRANCH="main"

#Configuration Files - maybe syned with your companies settings
export SYSCONFIGPATH="/opt/sys_config"
export DISTCONFIGPATH="/opt/sys_config/config"
export DISTCONFIGPATH_SRC="/Shared/sw_geteilt/client_settings"

#Group, that will have sudo rights on the client
export CLIENTADMINGROUP="clientadmins"

# Method to determine Unique Hostname / FQDN of the Client. May be replaced by your needs
# MACHINEID should be set by install.sh. The Determination is done by setup_system.inc.sh as root for old installs.
if [ -z ${MACHINEID} ]; then
  #Fallback if not configured, should only be needed once for very old installations
  export HOSTNM=$( hostname -s )
else
  export HOSTNM="pc-${MACHINEID}"
fi
export FQDN=${HOSTNM}.${DOMAIN}

#Additional Client-Software- Repository-Folder in Nextcloud (Shared Folder / Systemwide)
export CLIENT_SOFTWARE_CUST_DST="${SYSCONFIGPATH}/client_software_cust" # Required. Must not be changed!
export CLIENT_SOFTWARE_CUST_SRC="/Shared/sw_geteilt/client_software_cust" # Set to the Nextcloud directory where the software should come from

# OBSOLETE / OLD Variables for packaged files under client_software. Those files will not be synced to NC any more!
# if still set, they will cause sync to complain about it
unset CLIENT_SOFTWARE_DST
unset CLIENT_SOFTWARE_SRC

#Secure File Encryption
#Needs a running KRA- Service on FreeIPA
# Set to "true" to use Encryption via IPAVAULT - OTHERWISE YOUR FILES WILL NOT BE ENCRYPTED
export IPAVAULTUSE="true"
# Vaultname - can be any Name
export IPAVAULTNAME="CLIENT_FILEENCRYPTION_"${HOSTNM}

#Following settings are only available when run in Userspace
if [ "$EUID" -ne 0 ]; then
  #This is the Path, that will be mapped from encryptet filesystem at logon - only available for users, not for root
  export DECRYPTEDDATADIR="${HOME}/data" # Decrypted Dir to work for the User
  export ENCRYPTEDDATADIR="${HOME}/.data" # Contains the encrypted Data

  #Important Files
  export DAVTOKENFILENAME="${DECRYPTEDDATADIR}/WEBDAVTOKEN"

  #Optional: Sync Folders with nextcloud client
  CLIENT_DATA_SYNC=() # Do not remove

  # If you dont want to use Folder synchronisation: comment out each line starting with CLIENT_DATA_SYNC_LINE= or CLIENT_DATA_SYNC+=
  #First Sync Folder
  CLIENT_DATA_SYNC_LINE=("${DECRYPTEDDATADIR}/Dokumente" "/Documents")
  CLIENT_DATA_SYNC+=("$(declare -p CLIENT_DATA_SYNC_LINE)") # Repeat for each CLIENT_DATA_SYNC_LINE

  #Next Sync Folder
  CLIENT_DATA_SYNC_LINE=("${DECRYPTEDDATADIR}/Bilder" "/Photos")
  CLIENT_DATA_SYNC+=("$(declare -p CLIENT_DATA_SYNC_LINE)") # Repeat for each CLIENT_DATA_SYNC_LINE

  #Next Sync Folder
  #...

  export CLIENT_DATA_SYNC_DECLARE="$(declare -p CLIENT_DATA_SYNC)" # Do not remove
  #End of Sync Folder for nextcloud client

  #Firefox Profiles
  export PROFILE_FIREFOX_RESET_LOCAL="true" # Set this to wipe ~/.mozilla each time if you don't want users to setup their own firefox profile
  # Optional: own Firefox profile used for this company if given as default
  # You may use any tar file, that contains a valid firefox profile set up to your companies need.
  # As example look at 0020_nextcloud_mozilla_pre/firefox.tar.zst
  # You should put it under e.g SYSCONFIGPATH and than use the filepath relative. e.g. "${SYSCONFIGPATH}/firefox.tar.zst"
  export PROFILE_FIREFOX_TAR_FILE=""
  #Mozilla profile paths on Nextcloud Server. Syncs your profiles to Nextcloud.
  export PROFILE_FIREFOX_SRC="mozilla_profiles/firefox"
  export PROFILE_FIREFOX_DST="${DECRYPTEDDATADIR}/firefox"

  #Thunderbird Profiles to also be synced
  export PROFILE_TB_SRC="mozilla_profiles/thunderbird"
  export PROFILE_TB_DST="${DECRYPTEDDATADIR}/thunderbird"

  # Mail account auto-provisioning for DAVTOKEN_USER@TLDOMAIN in Thunderbird
  export SERVERFQDN_IMAP="imap.${TLDOMAIN}"  # IMAP server hostname (e.g. imap.strato.de)
fi

#Basic commons not needing change
export CDATEC8=$(date '+%Y%m%d') # Date 8 Characters long: YYYYMMDD
export CTIMEC6=$(date '+%H%M%S') # Time 6 Chars: HHMMSS

#Basic runtime-Vars
export EXECDIR=$(pwd)
export SCRIPTPATH="$( cd -- "$(dirname "$0")" >/dev/null 2>&1 ; pwd -P )"
if [ ${SCRIPTPATH::2} == "//" ]; then
    export SCRIPTPATH=${SCRIPTPATH:1}
fi
export SCRIPTNAME=$(basename "$0")

#First run Service Name
export FIRSTRUN_SERVICENAME="setup-system.service"
export FIRSTRUN_SCRIPTPATH="/usr/lib/systemd/system"

# temp and log files
export TEMPDIR="${HOME}/temp/system_setup"
export LOGFILE="${TEMPDIR}/${SCRIPTNAME}.log"
mkdir -p ${TEMPDIR}