From a9be4d0ac9a864c30af126eedd19359b1b02c0e4 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Daniel=20unbrot=20P=C3=A4tzold?= <unbrot@obel1x.de>
Date: Wed, 29 Apr 2026 17:05:46 +0200
Subject: [PATCH] Bugfixing configure and make temporary token possible

---
 system_setup/configure.sh        | 56 +++++---------------------------
 system_setup/setup_system.inc.sh | 13 ++++++--
 2 files changed, 19 insertions(+), 50 deletions(-)

diff --git a/system_setup/configure.sh b/system_setup/configure.sh
index 5e4bf6b..125db14 100755
--- a/system_setup/configure.sh
+++ b/system_setup/configure.sh
@@ -54,57 +54,32 @@ do_configure() {
 
     new_TLDOMAIN=$(prompt_value "TLDOMAIN" "$TLDOMAIN")
     TLDOMAIN="$new_TLDOMAIN"
-    DOMAIN="clients.${TLDOMAIN}"
-    SERVERFQDN_IPA="ipa.${TLDOMAIN}"
-    SERVERFQDN_NC="nextcloud.${TLDOMAIN}"
 
+    DOMAIN="ipa.$TLDOMAIN}"
+    new_DOMAIN=$(prompt_value "DOMAIN" "$DOMAIN")
+    DOMAIN="${new_DOMAIN}"
+
+    SERVERFQDN_IPA="ipa.${TLDOMAIN}"
     new_SERVERFQDN_IPA=$(prompt_value "SERVERFQDN_IPA" "$SERVERFQDN_IPA")
     SERVERFQDN_IPA="$new_SERVERFQDN_IPA"
 
+    SERVERFQDN_NC="nextcloud.${TLDOMAIN}"
     new_SERVERFQDN_NC=$(prompt_value "SERVERFQDN_NC" "$SERVERFQDN_NC")
     SERVERFQDN_NC="$new_SERVERFQDN_NC"
 
     new_CLIENTADMINGROUP=$(prompt_value "CLIENTADMINGROUP" "$CLIENTADMINGROUP")
     CLIENTADMINGROUP="$new_CLIENTADMINGROUP"
 
-    new_DECRYPTEDDATADIR=$(prompt_value "DECRYPTEDDATADIR" "$DECRYPTEDDATADIR")
-    DECRYPTEDDATADIR="$new_DECRYPTEDDATADIR"
-
-    new_ENCRYPTEDDATADIR=$(prompt_value "ENCRYPTEDDATADIR" "$ENCRYPTEDDATADIR")
-    ENCRYPTEDDATADIR="$new_ENCRYPTEDDATADIR"
-
-    new_IPAVAULTUSE=$(prompt_value "IPAVAULTUSE" "$IPAVAULTUSE")
-    IPAVAULTUSE="$new_IPAVAULTUSE"
-
-    new_IPAVAULTNAME=$(prompt_value "IPAVAULTNAME" "$IPAVAULTNAME")
-    IPAVAULTNAME="$new_IPAVAULTNAME"
-
     set_conf_var "TLDOMAIN"         "$new_TLDOMAIN"
+    set_conf_var "DOMAIN"           "$DOMAIN"
     set_conf_var "SERVERFQDN_IPA"   "$new_SERVERFQDN_IPA"
     set_conf_var "SERVERFQDN_NC"    "$new_SERVERFQDN_NC"
     set_conf_var "CLIENTADMINGROUP" "$new_CLIENTADMINGROUP"
-    set_conf_var "DECRYPTEDDATADIR" "$new_DECRYPTEDDATADIR"
-    set_conf_var "ENCRYPTEDDATADIR" "$new_ENCRYPTEDDATADIR"
-    set_conf_var "IPAVAULTUSE"      "$new_IPAVAULTUSE"
-    # IPAVAULTNAME uses computed concatenation in the dist file; override at top level.
-    override_conf_var "IPAVAULTNAME" "$new_IPAVAULTNAME"
 
     # Re-source with the updated TLDOMAIN so DOMAIN and FQDN are recomputed correctly.
     unset DOMAIN HOSTNM FQDN
     source "$CONF_FILE"
 
-    echo ""
-    echo "Computed FQDN: ${FQDN}"
-    read -rp "Is this correct? [Y/n]: " ans
-    if [[ "${ans,,}" == "n" ]]; then
-        read -rp "  Enter desired hostname (HOSTNM) [${HOSTNM}]: " new_HOSTNM
-        new_HOSTNM="${new_HOSTNM:-$HOSTNM}"
-        override_conf_var "HOSTNM" "$new_HOSTNM"
-        # Also pin FQDN so it stays correct regardless of eval order.
-        override_conf_var "FQDN" "${new_HOSTNM}.clients.${new_TLDOMAIN}"
-        echo "  Updated FQDN: ${new_HOSTNM}.clients.${new_TLDOMAIN}"
-    fi
-
     echo ""
     echo "Configuration written to: ${CONF_FILE}"
 }
@@ -116,24 +91,11 @@ while true; do
     # shellcheck disable=SC1090
     source "${SCRIPTDIR}/setup_system.inc.sh"
 
-    echo ""
-    echo "=== Testing: mounting encrypted home directory ==="
-    bash "${SCRIPTDIR}/mount_ecrypt_home.sh"
-    if [[ $? -ne 0 ]]; then
-        echo ""
-        echo "mount_ecrypt_home.sh reported an error."
-        read -rp "Start configuration again (a) or quit (q)? [a/q]: " ans
-        if [[ "${ans,,}" == "q" ]]; then
-            echo "Quitting."
-            exit 1
-        fi
-        echo ""
-        continue
-    fi
-
     echo ""
     echo "=== Testing: obtaining Nextcloud WebDAV token ==="
     while true; do
+        # This makes the Token only available for this session
+        unset DAVTOKENFILENAME
         get_nc_token
         current_user="$(id -un)"
         if [[ "${DAVTOKEN_USER}" == "${current_user}" ]]; then
diff --git a/system_setup/setup_system.inc.sh b/system_setup/setup_system.inc.sh
index 98c0137..3d2277f 100755
--- a/system_setup/setup_system.inc.sh
+++ b/system_setup/setup_system.inc.sh
@@ -90,7 +90,7 @@ get_nc_token() {
         fi
     fi
 
-    if [ ! -f ${DAVTOKENFILENAME} ]; then
+    if [ ! -f ${DAVTOKENFILENAME} ] || [ -z ${DAVTOKENFILENAME} ]; then
         echo "No token found here. Getting a new WEBDAV Token for this Device."
         echo "Please logon to your Nextcloud instance via SSO/kerberos"
 
@@ -101,6 +101,9 @@ get_nc_token() {
 
         REQTOKEN=$( echo "${REQJSON}" | grep -oP '(?<="token":")[^"]+(?=")' )
         REQURL=$( echo "${REQJSON}" | grep -oP '(?<="login":")[^"]+(?=")' )
+        if [[ -z ${DISPLAY} ]]; then
+            export DISPLAY=:0
+        fi
         /usr/bin/firefox "${REQURL}" &
 
         for i in {1..200}
@@ -110,8 +113,12 @@ get_nc_token() {
             echo -n "Poll Number ${i}..."
             POLLJSON=$( curl -s -X POST "https://${SERVERFQDN_NC}/login/v2/poll" -d "token=${REQTOKEN}" )
             if [[ "${POLLJSON}" == *"appPassword"* ]]; then
-                echo "${POLLJSON}" > ${DAVTOKENFILENAME}
-                echo "found token. Token has been written to ${DAVTOKENFILENAME}"
+                if [ ! -z ${DAVTOKENFILENAME} ]; then
+                    echo "${POLLJSON}" > ${DAVTOKENFILENAME}
+                    echo "Token has been written to ${DAVTOKENFILENAME}"
+                else
+                    echo "Temporary token was obtained."
+                fi
                 pkill firefox
                 break
             else