Untitled

#!/usr/bin/env sh

VERSION="@@PACKAGE_VERSION@@"
PROCESS_CONTROLLER_NAME="CloudStorageController"
UNATTENDED_INSTALLATION=false

error()
{
    echo "Error: $@" >&2
    exit 1
}

case "$(uname -s | tr A-Z a-z)" in
linux)
    PC_PATH="/etc/init.d/$PROCESS_CONTROLLER_NAME"
    ;;
freebsd)
    PC_PATH="/etc/rc.d/$PROCESS_CONTROLLER_NAME"
    ;;
*)
    error "Unsupported platform: $(uname -s)"
    ;;
esac

require_root()
{
    if [ "$(id -u)" != "0" ]; then
        error "This action requires superuser access."
    fi
}

ends_with_symbol() # string, lastSymbol
{
    if [ ${#1} -eq 0 ]; then
        return 1
    fi
    lastSymbolInString=$(echo "$1" | cut -c ${#1})
    if [ "$lastSymbolInString" = "$2" ]; then
        return 0
    fi
    return 1
}

get_normalized_path() # path
{
    if ends_with_symbol "$1" "/" ; then
        echo "$1"
    else
        echo "$1/"
    fi
}

starts_with() # string, start
{
    if [ ${#2} -gt ${#1} -o ${#2} -eq 0 ]; then
        return 1
    fi
    firstStringSymbols=$(echo "$1" | cut -c1-${#2})
    if [ "$firstStringSymbols" = "$2" ]; then
        return 0
    fi
    return 1
}

is_parent_directory() # parent, child
{
    normalizedParentPath="$(get_normalized_path "$1")"
    normalizedChildPath="$(get_normalized_path "$2")"
    if starts_with "$normalizedChildPath" "$normalizedParentPath"; then
        return 0
    fi
    return 1
}

is_livebr_path_interleave() # liveBRLocation, storageLocation
{
    if is_parent_directory "$1" "$2"; then
        echo '"Live BR directory" should not be parent of "Storage directory" or coinside with it'
        return 0
    fi
    if is_parent_directory "$1" "$(getConfigParam StorageReplicationAgentRoot "")"; then
        echo '"Live BR directory" should not be parent of "Replication directory" or coinside with it'
        return 0
    fi
    return 1
}

read_value_without_prompt() # variableName, defaultValue
{
    read x
    x="${x:-$2}"
    eval "$1=\"\$x\""
    test -n "$x"
}

read_value() # variableName, description, defaultValue
{
    while true; do
        printf "%s" "$2"
        [ -n "$3" ] && printf "%s" " [$3]"
        printf ": "

        read_value_without_prompt "$1" "$3" && break
    done
}

set_if_not_empty_else_read_without_allow() # commandLineValue, variableName, description, defaultValue
{
    eval "x=\"\$$1\""

    if [ -n "$x" ]; then
        eval "$2=\"\$x\""
    else
        if "$UNATTENDED_INSTALLATION"; then
            error "Not specified $3"
        else
            read_value "$2" "$3" "$4"
        fi
    fi
}

read_list() # variableName, initialValue, separator, prompt
{
    v="$2"
    while true; do
        printf "%s" "$4"
        read x
        [ -z "$x$v" ] && continue
        [ -z "$x" ] && break
        [ -n "$v" ] && v="$v$3"
        v="$v$x"
    done

    eval "$1=\"\$v\""
}

read_value_allow_skip() # variableName, description, defaultValue
{
    eval "x=\"\$$1\""
    eval "y=\"\${x:-\$3}\""

    if [ $READ_VALUE_ALLOW_SKIP -eq 0 -o -z "$x" ]; then
        if "$UNATTENDED_INSTALLATION"; then
            error "Not specified $2"
        else
            read_value "$1" "$2" "$y"
        fi
    else
        eval "$1=\"\$y\""
    fi
}

set_if_not_empty_else_read() # commandLineValue, variableName, description, defaultValue
{
    eval "x=\"\$$1\""
    if [ -z "$x" ]; then
        read_value_allow_skip "$2" "$3" "$4"
    else
        eval "$2=\"\$x\""
    fi
}

set_if_not_empty() # commandLineValue, variableName
{
    eval "x=\"\$$1\""
    if [ -n "$x" ]; then
        eval "$2=\"\$x\""
    fi
}

ask_question() # variableName, question, choices, defaultChoice
{
    printf "%s (%s) " "$2" "$3"

    read_value_without_prompt "$1" "$4"
}

guess_program_location() # default
{
    x="$(grep -s '\bprLocation\b' "$PC_PATH" | head -n1 | sed 's|.*prLocation ||')"
    echo "${x:-$1}"
}

get_private_config_path() # installDir
{
    echo "$1/etc/config.cfg"
}

load_private_config_param() # configFilePath, name, defaultValue
{
    x="$(grep "^$2 " < "$1" | sed -e "s|^$2 ||")"
    x="${x:-$3}"
    eval "$2=\"\$x\""
}

load_private_config_param2() # configFilePath, name, name2, defaultValue
{
    x="$(grep "^$2 " < "$1" | sed -e "s|^$2 ||")"
    [ -n "$x" ] || x="$(grep "^$3 " < "$1" | sed -e "s|^$3 ||")"
    x="${x:-$4}"
    eval "$2=\"\$x\""
}

load_private_config() # loadAll, filename
{
    [ -e "$2" ] || return 1

    load_private_config_param2 "$2" legacyFtpHost legacyServerAddress
    load_private_config_param "$2" legacyStatsUserName "common_user"
    load_private_config_param "$2" legacyStatsUserPassword "04FBA85DD24E260E1BB8"

    # load_private_config_param "$2" storageUserId "2001"
    # load_private_config_param "$2" storageUserName "iasouser"

    load_private_config_param "$2" partnerName
    load_private_config_param "$2" partnerUserName
    load_private_config_param "$2" partnerUserPassword
    load_private_config_param "$2" storageLocation
    load_private_config_param "$2" liveBRLocation
    load_private_config_param "$2" manServAddress "@@MAN_SERV_ADDRESS@@"

    # [ $1 -ne 0 ] || return 0

    load_private_config_param "$2" authUser "data"
    load_private_config_param "$2" authPassword
    load_private_config_param "$2" authPasswordHash
    load_private_config_param2 "$2" bindHost bindAddress
    load_private_config_param "$2" bindPort
    load_private_config_param "$2" storageName
    load_private_config_param "$2" storageNodeName
    # load_private_config_param "$2" externalAddress
    load_private_config_param "$2" externalAddressList
    load_private_config_param2 "$2" rcgExtHost rcgExtAddress
    load_private_config_param "$2" rcgExtPort
    load_private_config_param2 "$2" rcgIntHost rcgIntAddress
    load_private_config_param "$2" rcgIntPort
    load_private_config_param2 "$2" webRcgExternalAddressList
    load_private_config_param2 "$2" webRcgIntHost webRcgIntAddress
    load_private_config_param "$2" webRcgIntPort

    return 0
}

save_private_config_param() # configFilePath, name
{
    eval "x=\"\$$2\""
    echo "$2 $x" >> "$1"
}

save_private_config() # saveAll, filename
{
    printf "" > "$2"

    [ -e "$2" ] || return

    if [ -n "$legacyServerAddress" -o "$legacyStatsUserName" != "common_user" -o "$legacyStatsUserPassword" != "04FBA85DD24E260E1BB8" ]; then
        save_private_config_param "$2" legacyFtpHost
        save_private_config_param "$2" legacyStatsUserName
        save_private_config_param "$2" legacyStatsUserPassword
    fi

    # save_private_config_param "$2" storageUserId
    # save_private_config_param "$2" storageUserName

    save_private_config_param "$2" partnerName
    save_private_config_param "$2" partnerUserName
    save_private_config_param "$2" partnerUserPassword
    save_private_config_param "$2" storageLocation
    save_private_config_param "$2" liveBRLocation
    save_private_config_param "$2" manServAddress

    # [ $1 -ne 0 ] || return

    save_private_config_param "$2" authUser
    save_private_config_param "$2" authPassword
    save_private_config_param "$2" authPasswordHash
    save_private_config_param "$2" bindHost
    save_private_config_param "$2" bindPort
    save_private_config_param "$2" storageName
    save_private_config_param "$2" storageNodeName
    # save_private_config_param "$2" externalAddress
    save_private_config_param "$2" externalAddressList
    save_private_config_param "$2" rcgExtHost
    save_private_config_param "$2" rcgExtPort
    save_private_config_param "$2" rcgIntHost
    save_private_config_param "$2" rcgIntPort
    save_private_config_param "$2" webRcgExternalAddressList
    save_private_config_param "$2" webRcgIntHost
    save_private_config_param "$2" webRcgIntPort
}

get_list_item() # list, item, separator
{
    echo "$1" | awk -F"$3" "{print \$$2}"
}

random_sequence() # length
{
    openssl rand -base64 $(($1 * 2)) | tr -dC 'a-zA-Z0-9' | head -c$1
}

get_nginx_status_location()
{
    case "$(uname -s | tr A-Z a-z)" in
    freebsd)
        echo "location = /nginx_status!{!    stub_status on;!    access_log off;!    sla_pass off;!}"
        ;;
    esac
}

get_livebr_location() # storageRootPath, liveBRRootPath
{
    if is_parent_directory "$1" "$2"; then
        normalizedStorageRootPath="$(get_normalized_path "$1")"
        normalizedLiveBRRootPath="$(get_normalized_path "$2")"
        liveBRSubDir=$(echo "$normalizedLiveBRRootPath" | cut -c${#normalizedStorageRootPath}-${#normalizedLiveBRRootPath})
        echo "location ^~ "$liveBRSubDir"!{!    deny all;!}"
    else
        echo
    fi
}

replace_template_param() # name, value
{
    sed -e "s|@@$1@@|$2|g"
}

replace_template_param_with_multi_line() # name, value, oneCharacterNewLineDelimiter
{
    currentIFS=$IFS
    IFS=\n
    while read -r line; do
        if test "${line#*@@$1@@}" != "$line"; then
            echo "$line" | replace_template_param "$1" "$2" | tr "$3" "\n"
        else
            echo "$line"
        fi
    done
    IFS=$currentIFS
}

getConfigParam() # name, defaultValue
{
    x=
    [ -r "$D/etc/config.ini" ] && x="$(grep -m 1 "^${1}[ =]" < "$D/etc/config.ini" | sed -e "s|^${1} *= *||")"
    echo "${x:-$2}"
}

setConfigParam() # section, key, value, keepEmpty
{
    awk -v section="$1" -v key="$2" -v value="$3" -v keepEmpty="${4:-1}" -f SetConfigParam.awk
}

print_spacer() # ...
{
    while [ $# -gt 0 ]; do
        if [ $READ_VALUE_ALLOW_SKIP -eq 0 -o -z "$1" ]; then
            echo ""
            break
        fi
        shift
    done
}

getFileUserId() # path, default
{
    x=
    case "$(uname -s | tr A-Z a-z)" in
    linux)
        x="$(stat -c '%u' "$1" 2>/dev/null)"
        ;;
    freebsd)
        x="$(stat -f '%u' "$1" 2>/dev/null)"
        ;;
    esac
    echo "${x:-$2}"
}

getUserNameFromId() # uid, default
{
    x="$(getent passwd $1 | awk -F: '{print $1}')"
    echo "${x:-$2}"
}

get_nginx_config_param() # name, defaultValue
{
    x=
    [ -r "$D/etc/nginx/nginx.conf" ] && x="$(grep -m 1 '^[ \t]*'$1'[ \t]\+' < "$D/etc/nginx/nginx.conf" | sed -e 's|^[ \t]*'$1'[ \t][ \t]*||;s|[ \t]*;[ \t]*$||')"
    echo "${x:-$2}"
}


install_nginx_config() # sourceFile, name, dirName
{
    echo "-- Installing $2 NGINX $3 config"

    install -d -m 0755 "$D/etc/nginx/$3.d"

    install -m 0644 "$1" "$D/etc/nginx/$3.d/$2.conf"
}

login_to_cloud() # allowCache
{
    visa=$(cat "$VISA_FILE" 2>/dev/null)

    if [ $1 -ne 0 -a -e "$VISA_FILE" ]; then
        x=$(date +%s)
        case "$(uname -s | tr A-Z a-z)" in
        linux)
            y=$(stat -c "%Y" "$VISA_FILE")
            ;;
        freebsd)
            y=$(stat -f "%m" "$VISA_FILE")
            ;;
        esac

        [ $((x - y)) -lt $((5 * 60)) ] && return 0
    fi

    if ! "$SERVER_TOOL" -machine-readable cloud \
            -server "https://$manServAddress" \
            -partner "$partnerName" \
            -user "$partnerUserName" \
            -password "$partnerUserPassword" \
            -print-visa > "$VISA_FILE"; then
        return 1
    fi

    visa=$(cat "$VISA_FILE")
}

choose_storage_node_from_list()
{
    if ! login_to_cloud 1 ; then
        echo Failed to login to cloud >&2

        return 1
    fi

    storagesFilePath="$T/storages.tmp"
    storageNodesFilePath="$T/storage-nodes.tmp"

    if ! "$SERVER_TOOL" -machine-readable cloud \
            -server "https://$manServAddress" \
            -visa "$visa" > "$storagesFilePath" \
            cloud.storages.list; then
        exit 1
    fi
    if [ -z "$_storageNodeName" -o -z "$_storageName" ]; then
        echo "Select storage node corresponding to this server:"

        count=0
        while read x; do
            echo "  $x"

            if ! "$SERVER_TOOL" -machine-readable cloud \
                    -server "https://$manServAddress" \
                    -visa "$visa" \
                    cloud.storage.nodes.list \
                    -storage_name "$x" > "$storageNodesFilePath"; then
                exit 1
            fi

            while read y; do
                count=$((count + 1))

                echo "    [$count] $y"

                eval "s_$count=\"\$x\""
                eval "sn_$count=\"\$y\""
            done < "$storageNodesFilePath"
        done < "$storagesFilePath"

        read_value i "Enter the number"
        [ "$i" -gt 0 -a "$i" -le $count ] || exit 1

        eval "storageName=\"\$s_$i\""
        eval "storageNodeName=\"\$sn_$i\""
        storageNodeName="$(echo "$storageNodeName" | sed -e 's|[ ]*([^)]*)$||')"
    else
        storageName="$_storageName"
        storageNodeName="$_storageNodeName"
    fi
}

compose_gateway_host()
{
    if [ -n "$rcgExtHost" ] ; then
        echo "$rcgExtHost:$rcgExtPort"
    fi
    echo ""
}

handle_add_node()
{
    _loadFrom="$(get_private_config_path "$D")"

    if ! load_private_config 1 "$_loadFrom"; then
        error "Unable to read configuration from '$_loadFrom'"
    fi

    login_to_cloud 1

    _gatewayHost="$(compose_gateway_host)"

    "$SERVER_TOOL" -machine-readable cloud \
        -server "https://$manServAddress" \
        -visa "$visa" \
        cloud.storage.node.add \
        -storage-name "$storageName" \
        -node-name "$storageNodeName" \
        -node-family "WEBDAVS" \
        -node-user "$authUser" \
        -node-password "$authPassword" \
        -node-host "$externalAddressList" \
        -node-path "" \
        -node-gateway-host "$_gatewayHost" \
        -node-http-gateway-host "$webRcgExternalAddressList"
}

handle_update_node_info()
{
    _loadFrom="$(get_private_config_path "$D")"

    if ! load_private_config 1 "$_loadFrom"; then
        error "Unable to read configuration from '$_loadFrom'"
    fi

    login_to_cloud 1

    _gatewayHost="$(compose_gateway_host)"

    "$SERVER_TOOL" -machine-readable cloud \
        -server "https://$manServAddress" \
        -visa "$visa" \
        cloud.storage.node.info.update \
        -storage-name "$storageName" \
        -node-name "$storageNodeName" \
        -node-family "WEBDAVS" \
        -node-user "$authUser" \
        -node-password "$authPassword" \
        -node-host "$externalAddressList" \
        -node-path "" \
        -node-gateway-host "$_gatewayHost" \
        -node-http-gateway-host "$webRcgExternalAddressList"
}

handle_migrate_accounts()
{
    _loadFrom="$(get_private_config_path "$D")"

    if ! load_private_config 1 "$_loadFrom"; then
        error "Unable to read configuration from '$_loadFrom'"
    fi

    externalAddress="$(get_list_item "$externalAddressList" 1 ",")"

    login_to_cloud 1

    "$SERVER_TOOL" -machine-readable cloud \
        -server "https://$manServAddress" \
        -visa "$visa" \
        cloud.accounts.migrate \
        -server "$legacyFtpHost" \
        -stats-user "$legacyStatsUserName" \
        -stats-password "$legacyStatsUserPassword" \
        -protocol "FTPS" \
        -from-server "$externalAddress"
}

configureRCG()
{
    _rcgConfigured=true
    _defHost="$bindHost"
    _defPort="1999"

    while true; do

        set_if_not_empty_else_read _rcgIntHost rcgIntHost "RCG bind host" "$_defHost"
        set_if_not_empty_else_read _rcgIntPort rcgIntPort "RCG bind port" "$_defPort"
        _address="$rcgIntHost:$rcgIntPort"
        if [ "$_address" = "$_legacyFtpAddress" ]; then
            _conflictSource="FTP"
        elif [ "$_address" = "$_bindAddress" ]; then
            _conflictSource="NGINX"
        else
            _rcgIntAddress="$_address"
            break
        fi

        echo "RCG and $_conflictSource bind addresses ($_address) must be different. Enter another RCG bind address."
        _defHost="$rcgIntHost" && rcgIntHost=
        _defPort="$rcgIntPort" && rcgIntPort=
    done

    set_if_not_empty_else_read _rcgExtHost rcgExtHost "RCG external host" "$(get_list_item "$externalAddressList" 1 "," | sed 's|:.*||')"
    set_if_not_empty_else_read _rcgExtPort rcgExtPort "RCG external port" "$rcgIntPort"
    _rcgExtAddress="$rcgExtHost:$rcgExtPort"
}

configureWebRCG()
{
    if [ "$UNATTENDED_INSTALLATION" = "true" -a \(\
        -z "$_webRcgIntHost" -a -z "$webRcgIntHost" -o\
        -z "$_webRcgIntPort" -a -z "$webRcgIntPort" -o\
        -z "$_webRcgExternalAddresses" -a -z "$webRcgExternalAddressList" \) ]; then
        return
    fi

    _webRcgConfigured=true
    print_spacer "$webRcgIntHost" "$webRcgIntPort" "$swebcgExtHost" "$webRcgExtPort"

    echo "Configure Web RCG"

    _defHost="$bindHost"
    _defPort="2999"
    while true; do

        set_if_not_empty_else_read _webRcgIntHost webRcgIntHost "Web RCG bind host" "$_defHost"
        set_if_not_empty_else_read _webRcgIntPort webRcgIntPort "Web RCG bind port" "$_defPort"
        _address="$webRcgIntHost:$webRcgIntPort"

        if [ "$_address" = "$_legacyFtpAddress" ]; then
            _conflictSource="FTP"
        elif [ "$_address" = "$_bindAddress" ]; then
            _conflictSource="NGINX"
        elif [ "$_address" = "$_rcgIntAddress" ]; then
            _conflictSource="RCG"
        else
            _webRcgIntAddress="$_address"
            break
        fi

        echo "Web RCG and $_conflictSource bind addresses ($_address) must be different. Enter another Web RCG bind address."
        _defHost="$webRcgIntHost" webRcgIntHost=
        _defPort="$webRcgIntPort" webRcgIntPort=
    done

    [ -n "$_webRcgExternalAddresses" ] && webRcgExternalAddressList="$_webRcgExternalAddresses"

    # read_value_allow_skip WebRcg externalAddress "WebRcg External address (\"address[:port]\" format)"

    if [ $READ_VALUE_ALLOW_SKIP -eq 0 -o -z "$webRcgExternalAddressList" ]; then
        cat <<END

Enter a list of WebRcg external addresses (at least one address) your node is
accessible at in "address[:port]" format, one per line.
END
        if [ -n "$webRcgExternalAddressList" ]; then
            echo "Previously provided list: $webRcgExternalAddressList"
        fi
        echo "To finish, enter an empty string:"
        if [ -n "$_webRcgExternalAddresses" ]; then
            webRcgExternalAddressList="$_webRcgExternalAddresses"
        else
            read_list webRcgExternalAddressList "" "," "> "
        fi
    fi
}

handle_configure()
{
    require_root

    _upgradeMode=0
    _advancedMode=0
    _loadFrom="$(get_private_config_path "$D")"
    _saveTo="$_loadFrom"
    _authUser=
    _authPassword=

    _skipQuestions=false
    _cloudPartnerName=
    _cloudPartnerUserName=
    _cloudPartnerPassword=
    _cloudManagementAddress=
    _storageName=
    _storageLocation=
    _storageNodeName=
    _liveBRLocation=


    _legacyFtpHost=
    _legacyStatusUserName=
    _legacyStatusUserPassword=

    _nginxBindHost=
    _nginxBindPort=
    _externalAddresses=
    _rcgIntHost=
    _rcgIntPort=
    _rcgExtHost=
    _rcgExtPort=
    _webRcgIntHost=
    _webRcgIntPort=
    _webRcgExternalAddresses=
    _configureRcg=true
    _configureWebRcg=true

    while [ $# -gt 0 ]; do
        case "$1" in
        -skip-questions)
            _skipQuestions=true
            ;;
        -upgrade)
            _upgradeMode=1
            ;;
        -advanced)
            _advancedMode=1
            ;;
        -load-from)
            shift
            _loadFrom="$1"
            ;;
        -save-to)
            shift
            _saveTo="$1"
            ;;
        -auth-user)
            shift
            _authUser="$1"
            ;;
        -auth-password)
            shift
            _authPassword="$1"
            ;;
        -cloud-partner-name)
            shift
            _cloudPartnerName="$1"
            ;;
        -cloud-partner-user-name)
            shift
            _cloudPartnerUserName="$1"
            ;;
        -cloud-partner-user-password)
            shift
            _cloudPartnerPassword="$1"
            ;;
        -cloud-management-address)
            shift
            _cloudManagementAddress="$1"
            ;;
        -storage-name)
            shift
            _storageName="$1"
            ;;
        -storage-directory)
            shift
            _storageLocation="$1"
            ;;
        -storage-node-name)
            shift
            _storageNodeName="$1"
            ;;
        -livebr-directory)
            shift
            _liveBRLocation="$1"
            ;;
        -legacy-ftp-host)
            shift
            _legacyFtpHost="$1"
            ;;
        -legacy-status-user-name)
            shift
            _legacyStatusUserName="$1"
            ;;
        -legacy-status-user-password)
            shift
            _legacyStatusUserPassword="$1"
            ;;
        -nginx-bind-host)
            shift
            _nginxBindHost="$1"
            ;;
        -nginx-bind-port)
            shift
            _nginxBindPort="$1"
            ;;
        -external-addresses)
            shift
            _externalAddresses="$1"
            ;;
        -rcg-bind-host)
            shift
            _rcgIntHost="$1"
            ;;
        -rcg-bind-port)
            shift
            _rcgIntPort="$1"
            ;;
        -rcg-external-host)
            shift
            _rcgExtHost="$1"
            ;;
        -rcg-external-port)
            shift
            _rcgExtPort="$1"
            ;;
        -web-rcg-bind-host)
            shift
            _webRcgIntHost="$1"
            ;;
        -web-rcg-bind-port)
            shift
            _webRcgIntPort="$1"
            ;;
        -web-rcg-external-addresses)
            shift
            _webRcgExternalAddresses="$1"
            ;;
        -no-rcg)
            _configureRcg=false
            ;;
        -no-webrcg)
            _configureWebRcg=false
            ;;
        -unattended_installation)
            UNATTENDED_INSTALLATION=true
            _skipQuestions=true
            ;;
        *)
            error "Unsupported argument: '$1'"
            ;;
        esac
        shift
    done

    _updateMode=0

    if [ $_upgradeMode -eq 0 ]; then
        if load_private_config 1 "$_loadFrom"; then
            _updateMode=1
        fi
    fi

    READ_VALUE_ALLOW_SKIP=$_updateMode

    _should_scramble_partner_user_password=false

    while true; do
        if ! "$UNATTENDED_INSTALLATION"; then
            partnerUserPassword=""
            _should_scramble_partner_user_password=true
        fi

        if [ $_upgradeMode -eq 1 ]; then
            set_if_not_empty_else_read_without_allow _storageLocation storageLocation "Storage directory" "$storageLocation"
            set_if_not_empty_else_read_without_allow _legacyFtpHost legacyFtpHost "FTP Server address" "${legacyFtpHost:-127.0.0.1}"
            if [ $_advancedMode -eq 1 ]; then
                set_if_not_empty_else_read_without_allow _legacyStatusUserName legacyStatsUserName "Legacy statistics user name" "$legacyStatsUserName"
                set_if_not_empty_else_read_without_allow _legacyStatusUserPassword legacyStatsUserPassword "Legacy statistics user password" "$legacyStatsUserPassword"
            fi
        fi

        _legacyFtpAddress="$legacyFtpHost:443"

        _save_READ_VALUE_ALLOW_SKIP=$READ_VALUE_ALLOW_SKIP

        while true; do
            if [ $_advancedMode -eq 1 ]; then
                set_if_not_empty_else_read _cloudManagementAddress manServAddress "Cloud management address" "@@MAN_SERV_ADDRESS@@"
            else
                if [ -n "$_cloudManagementAddress" ]; then
                    manServAddress="$_cloudManagementAddress"
                else
                    manServAddress="${manServAddress:-@@MAN_SERV_ADDRESS@@}"
                fi
            fi

            set_if_not_empty_else_read _cloudPartnerName partnerName "Cloud partner name"
            set_if_not_empty_else_read _cloudPartnerUserName partnerUserName "Cloud user"

            set_if_not_empty_else_read _cloudPartnerPassword partnerUserPassword "Cloud password for '$partnerUserName' user"

            if [ "$_should_scramble_partner_user_password" = "true" ]; then
                partnerUserPassword="$("$SERVER_TOOL" -machine-readable scramble -data "$partnerUserPassword")"
            fi

            printf "Attempting to authenticate at $manServAddress... "
            if login_to_cloud 0; then
                echo "ok"
                break
            fi

            if [ "$UNATTENDED_INSTALLATION" = "false" \
                -a \( -z "$_cloudPartnerName" -o -z "$_cloudPartnerUserName" -o -z "$_cloudPartnerPassword" \) ]; then

                ask_question yn "Would you like to re-enter cloud credentials?" "Y/n" "y"

                if [ "$yn" = "y" -o "$yn" = "Y" ]; then
                    READ_VALUE_ALLOW_SKIP=0
                    partnerUserPassword=""
                    echo ""
                    continue
                fi
            fi

            echo "Configuration was not finished."
            exit 1
        done

        READ_VALUE_ALLOW_SKIP=$_save_READ_VALUE_ALLOW_SKIP

        if [ $_upgradeMode -eq 0 ]; then
            print_spacer "$storageLocation"
            set_if_not_empty_else_read _storageLocation storageLocation "Storage directory" "$D/storage"
        fi

        [ -n "$_liveBRLocation" ] && liveBRLocation="$_liveBRLocation"
        [ -z "$liveBRLocation" ] && liveBRLocation="$storageLocation/br_21cc71bd-69fa-4140-82cd-b4c9983fa928"

        if is_livebr_path_interleave "$liveBRLocation" "$storageLocation"; then
            echo "Configuration was not finished."
            exit 1
        fi

        storageLocation="$(echo "$storageLocation" | sed -e 's|/*$||')"

        [ -n "$_storageName" ] && storageName="$_storageName"
        [ -n "$_storageNodeName" ] && storageNodeName="$_storageNodeName"

        print_spacer "$storageName" "$storageNodeName"
        if [ $_upgradeMode -eq 1 ]; then
            choose_storage_node_from_list
        else
            [ -n "$storageName" ] || set_if_not_empty_else_read _storageName storageName "Storage name" "Primary"
            [ -n "$storageNodeName" ] || set_if_not_empty_else_read _storageNodeName storageNodeName "Storage node name"
        fi

        [ -n "$_nginxBindHost" ] && bindHost="$_nginxBindHost"
        [ -n "$_nginxBindPort" ] && bindPort="$_nginxBindPort"

        print_spacer "$bindHost" "$bindPort"

        _defHost="0.0.0.0"
        _defPort="443"
        while true; do
            set_if_not_empty_else_read _nginxBindHost bindHost "NGINX bind host" "$_defHost"
            set_if_not_empty_else_read _nginxBindPort bindPort "NGINX bind port" "$_defPort"
            _address="$bindHost:$bindPort"

            if [ "$_address" = "$_legacyFtpAddress" ]; then
                _conflictSource="FTP"
            else
                _bindAddress="$_address"
                break
            fi

            echo "NGINX and $_conflictSource bind addresses ($_address) must be different. Enter another NGINX bind address."
            _defHost="$bindHost" && bindHost=
            _defPort="$bindPort" && bindPort=
        done

        [ -n "$_externalAddresses" ] && externalAddressList="$_externalAddresses"

        # read_value_allow_skip externalAddress "External address (\"address[:port]\" format)"

        if [ $READ_VALUE_ALLOW_SKIP -eq 0 -o -z "$externalAddressList" ]; then
            cat <<END

Enter a list of external addresses (at least one address) your node is
accessible at in "address[:port]" format, one per line.
END
            if [ -n "$externalAddressList" ]; then
                echo "Previously provided list: $externalAddressList"
            fi
            echo "To finish, enter an empty string:"
            if [ -n "$_externalAddresses" ]; then
                externalAddressList="$_externalAddresses"
            else
                read_list externalAddressList "" "," "> "
            fi
        fi

        if [ -n "$_authUser"  ]; then
            authUser="$_authUser"
        fi

        if [ -z "$authUser" ]; then
            authUser="$(random_sequence 32)"
        fi

        if [ -n "$_authPassword" ]; then
            authPassword="$_authPassword"
            authPasswordHash="$(openssl passwd -apr1 "$authPassword")"
            authPassword="$("$SERVER_TOOL" -machine-readable scramble -data "$authPassword")"
        fi

        if [ -z "$authPassword" ]; then
            authPassword="$(random_sequence 32)"
            authPasswordHash="$(openssl passwd -apr1 "$authPassword")"
            authPassword="$("$SERVER_TOOL" -machine-readable scramble -data "$authPassword")"
        fi

        _webRcgConfigured=false

        if $_configureWebRcg ; then
            configureWebRCG
        else
            webRcgIntHost=
            webRcgIntPort=
            webRcgExternalAddressList=
        fi

        _rcgConfigured=false

        if $_configureRcg ; then

            print_spacer "$rcgIntHost" "$rcgIntPort" "$rcgExtHost" "$rcgExtPort"

            set_if_not_empty _rcgIntHost rcgIntHost

            if [ -n "$rcgIntHost" -o \( "$_skipQuestions" = "true" -a "$UNATTENDED_INSTALLATION" = "false" \) ] ; then
                configureRCG
            else
                if ! "$UNATTENDED_INSTALLATION"; then
                    ask_question yn "Configure RCG? (Actual if your node hosts backup clients of version 13.6.1 and older)" "Y/n" "y"

                    if [ "$yn" = "y" -o "$yn" = "Y" ]; then
                        configureRCG
                    fi
                fi
            fi
        else
            rcgIntHost=
            rcgIntPort=
            rcgExtHost=
            rcgExtPort=
        fi
        echo ""
        echo "Please review all the information once again:"
        echo "============================================================"
        if [ $_upgradeMode -eq 1 ]; then
            echo "FTP server address:       $legacyFtpAddress"
            if [ $_advancedMode -eq 1 ]; then
                echo "Statistics user name:     $legacyStatsUserName"
                echo "Statistics user password: $legacyStatsUserPassword"
            fi
            echo "------------------------------------------------------------"
        fi
        echo "Storage directory:        $storageLocation"
        echo "------------------------------------------------------------"
        echo "Cloud address:            $manServAddress"
        echo "Cloud partner name:       $partnerName"
        echo "Cloud user:               $partnerUserName"
        echo "Cloud password:           *****"
        echo "------------------------------------------------------------"
        echo "Storage name:             $storageName"
        echo "Storage node name:        $storageNodeName"
        echo "------------------------------------------------------------"
        echo "NGINX bind address:       $_bindAddress"
        echo "External addresses:       $externalAddressList"

        if $_rcgConfigured ; then
            echo "RCG bind address:         $_rcgIntAddress"
            echo "RCG external address:     $_rcgExtAddress"
        fi

        if $_webRcgConfigured ; then
            echo "Web RCG bind address:     $_webRcgIntAddress"
            echo "Web RCG external addresses: $webRcgExternalAddressList"
        fi

        echo "============================================================"

        if $_skipQuestions ; then
            break
        fi

        ask_question yn "Is everything correct?" "Y/n" "y"
        if [ "$yn" = "y" -o "$yn" = "Y" ]; then
            break
        fi

        echo ""
        ask_question yn "Would you like to start over?" "Y/n" "y"
        if [ "$yn" = "y" -o "$yn" = "Y" ]; then
            READ_VALUE_ALLOW_SKIP=0
            echo ""
            continue
        fi

        echo ""
        echo "Configuration was not finished."
        exit 1
    done

    save_private_config 1 "$_saveTo"
}

handle_get()
{
    _name=""
    _loadFrom="$(get_private_config_path "$D")"

    while [ $# -gt 0 ]; do
        case "$1" in
        -name)
            shift
            _name="$1"
            ;;
        -load-from)
            shift
            _loadFrom="$1"
            ;;
        *)
            error "Unsupported argument: '$1'"
            ;;
        esac
        shift
    done

    load_private_config_param "$_loadFrom" "$_name"

    eval "x=\"\$$_name\""
    echo "$x"
}

handle_get_public_config_param()
{
    _name=""
    _defaultValue=""

    while [ $# -gt 0 ]; do
        case "$1" in
        -name)
            shift
            _name="$1"
            ;;
        -default-value)
            shift
            _defaultValue="$1"
            ;;
        *)
            error "Unsupported argument: '$1'"
            ;;
        esac
        shift
    done

    configParam="$(getConfigParam "$_name" "$_defaultValue")"
    echo "$configParam"
}

handle_patch()
{
    require_root

    while [ $# -gt 0 ]; do
        case "$1" in
        -cold-node-configured)
            shift
            _coldNodeConfigured="$1"
            ;;
        -replication-master-configured)
            shift
            _replicationMasterConfigured="$1"
            ;;
        *)
            error "Unsupported argument: '$1'"
            ;;
        esac
        shift
    done

    _loadFrom="$(get_private_config_path "$D")"

    if ! load_private_config 1 "$_loadFrom"; then
        error "Unable to read configuration from '$_loadFrom'"
    fi

    tplDir="$D/share/cloud-sn"

    groupId=$(getent group iasouser | cut -d: -f3)
    userId=$(id -u iasouser 2>/dev/null || true)

    [ -z "$groupId" ] && groupId="2001"
    [ -z "$userId" ] && userId="2001"

    storageUserId=$(getFileUserId "$storageLocation" $userId)
    storageUserName=$(getUserNameFromId "$storageUserId" iasouser)

    rcgSessionExpirationTimeout="$(getConfigParam RCGSessionExpirationTimeout "300")"

    webRcgSslPrivateKeyPath="$(getConfigParam WebRcgSslPrivateKeyPath "$D/etc/nginx/ssl/server.key")"
    webRcgSslCertificatePath="$(getConfigParam WebRcgSslCertificatePath "$D/etc/nginx/ssl/server.crt")"
    webRcgSslDhParamsPath="$(getConfigParam WebRcgSslDhParamsPath "$D/etc/nginx/ssl/dh2048.pem")"
    if [ "$webRcgSslDhParamsPath" = "$D/etc/nginx/ssl/dh512.pem" ]; then
        webRcgSslDhParamsPath="$D/etc/nginx/ssl/dh2048.pem"
    fi

    webRcgTemplatesPath="$(getConfigParam WebRcgTemplatesPath "$D/share/webrcg/templates")"
    webRcgErrorTemplate="$(getConfigParam WebRcgErrorTemplate "error")"

    nginxPidFile="$(get_nginx_config_param pid "$D/var/run/nginx.pid")"
    nginxErrorLogFile="$(get_nginx_config_param error_log "$D/var/log/nginx/nginx-error.log")"
    nginxAccessLogFile="$(get_nginx_config_param access_log "$D/var/log/nginx/nginx-access.log main buffer=128k")"
    nginxClientBodyTempDir="$(get_nginx_config_param client_body_temp_path "$D/var/tmp/nginx/client_body_temp")"

    invalidCabinetsPocketPath="$(getConfigParam InvalidCabinetsPocketPath "")"

    storageReplicationAgentRoot="$(getConfigParam StorageReplicationAgentRoot "")"
    replicationServerAddress="$(getConfigParam ReplicationServerAddress "")"
    replicationServerUser="$(getConfigParam ReplicationServerUser "")"
    replicationServerPassword="$(getConfigParam ReplicationServerPassword "")"
    localHost="127.0.0.1"

    databaseCacheSize="$(getConfigParam CacheSize 130000)"

    nginxSlaConfSupported="$("$SERVER_TOOL" storage.node.nginx.sla.supported)"
    nginxSlaConf=""
    if [ "$nginxSlaConfSupported" = "1" ] ; then
        nginxSlaConf="include nginx_sla.conf;"
    fi

    touch "$T/config.ini"
    [ -f "$D/etc/config.ini" ] && cp "$D/etc/config.ini" "$T/config.ini"

    cat "$T/config.ini" |
        setConfigParam General RootStoragePath "$storageLocation" |
        setConfigParam General RootLiveBRPath "$liveBRLocation" |
        setConfigParam General InvalidCabinetsPocketPath "$invalidCabinetsPocketPath" 0 |
        setConfigParam General "InternalHttpApiAddress" "http://$localHost:$bindPort" |
        setConfigParam RemoteConnectionGateway "RCGAddress" "$rcgIntHost" |
        setConfigParam RemoteConnectionGateway "RCGPort" "$rcgIntPort" |
        setConfigParam RemoteConnectionGateway "RCGSessionExpirationTimeout" "$rcgSessionExpirationTimeout" |
        setConfigParam WebRemoteConnectionGateway "WebRcgAddress" "$webRcgIntHost" |
        setConfigParam WebRemoteConnectionGateway "WebRcgPort" "$webRcgIntPort" |
        setConfigParam WebRemoteConnectionGateway "WebRcgSslPrivateKeyPath" "$webRcgSslPrivateKeyPath" |
        setConfigParam WebRemoteConnectionGateway "WebRcgSslCertificatePath" "$webRcgSslCertificatePath" |
        setConfigParam WebRemoteConnectionGateway "WebRcgSslDhParamsPath" "$webRcgSslDhParamsPath" |
        setConfigParam WebRemoteConnectionGateway "WebRcgTemplatesPath" "$webRcgTemplatesPath" |
        setConfigParam WebRemoteConnectionGateway "WebRcgErrorTemplate" "$webRcgErrorTemplate" |
        setConfigParam StorageReplication "StorageReplicationAgentRoot" "$storageReplicationAgentRoot" |
        setConfigParam StorageReplication "ReplicationServerAddress" "$replicationServerAddress" |
        setConfigParam StorageReplication "ReplicationServerUser" "$replicationServerUser" |
        setConfigParam StorageReplication "ReplicationServerPassword" "$replicationServerPassword" |
        setConfigParam Database CacheSize "$databaseCacheSize" > "$T/config.ini.tmp"

    mv -f "$T/config.ini.tmp" "$T/config.ini"

    cat "$tplDir/../nginx/nginx.conf.in" |
        replace_template_param "NGINX_PID_FILE" "$nginxPidFile" |
        replace_template_param "NGINX_ERROR_LOG_FILE" "$nginxErrorLogFile" |
        replace_template_param "NGINX_ACCESS_LOG_FILE" "$nginxAccessLogFile" |
        replace_template_param "NGINX_CLIENT_BODY_TEMP_DIR" "$nginxClientBodyTempDir" |
        replace_template_param "NGINX_USER_NAME" "$storageUserName" |
        replace_template_param "NGINX_GROUP_NAME" "$(id -ng "$storageUserName")" |
        replace_template_param "BIND_ADDRESS" "$bindHost:$bindPort" |
        replace_template_param "LOCAL_BIND_ADDRESS" "$localHost:$bindPort" |
        replace_template_param "NGINX_SLA_CONF" "$nginxSlaConf" > "$T/nginx.conf"

    cat "$tplDir/../nginx/storage.location.in" |
        replace_template_param "STORAGE_DIR" "$storageLocation" > "$T/storage.location"

    cp "$tplDir/nginx.location.00_high_priority_regex.conf.in" "$T/nginx.location.00_high_priority_regex.conf"
    if [ "$_replicationMasterConfigured" = "1" ]; then
        cat "$tplDir/nginx.location.40_cloud_storage_node.conf.in" |
            replace_template_param "STORAGE_DIR" "$storageLocation" > "$T/nginx.location.40_cloud_storage_node.conf"
        cat "$tplDir/../nginx/replication.location.in" |
            replace_template_param "STORAGE_DIR" "$storageLocation" > "$T/replication.location"
    fi
    if [ "$_coldNodeConfigured" = "1" ]; then
        dnsResolverList="$("$SERVER_TOOL" branding-config.parameter.get -key "DnsResolverList")"
        dnsResolverList="resolver $(echo $dnsResolverList | sed "s/;/ /g");"
        cat "$tplDir/nginx.location.45_cold_storage.conf.in" |
            replace_template_param "DNS_RESOLVER" "$dnsResolverList" > "$T/nginx.location.45_cold_storage.conf"
    fi
    cat "$tplDir/nginx.location.conf.in" |
        replace_template_param "STORAGE_DIR" "$storageLocation" |
        replace_template_param "INSTALL_DIR" "$D" |
        replace_template_param "WSDL_LOCATION" "$(random_sequence 64)" |
        replace_template_param_with_multi_line "NGINX_STATUS_LOCATION" "$(get_nginx_status_location)" "!" |
        replace_template_param_with_multi_line "LIVEBR_LOCATION" "$(get_livebr_location "$storageLocation" "$liveBRLocation")" "!" > "$T/cloud-sn.location.conf"

    cp "$tplDir/nginx.upstream.50_cloud_storage_node.conf.in" "$T/nginx.upstream.50_cloud_storage_node.conf"

    echo "$authUser:$authPasswordHash" > "$T/htpasswd.cloud-sn"

    install -d -m 0755 "$D/etc"
    install -d -m 0755 "$D/etc/nginx"

    install -m 0644 "$T/config.ini" "$D/etc/"
    install -o "$storageUserId" -m 0644 "$T/htpasswd.cloud-sn" "$D/etc/nginx/"
    install -m 0644 "$T/nginx.conf" "$D/etc/nginx/"

    [ -f "$D/etc/nginx/htpasswd" ] && mv "$D/etc/nginx/htpasswd" "$D/etc/nginx/htpasswd.bak"
    rm -f "$D/etc/nginx/ssl/dh512.pem"
    [ -f "$D/etc/nginx/ssl/dh2048.pem" ] || openssl dhparam -out "$D/etc/nginx/ssl/dh2048.pem" 2048

    externalAddress="$(get_list_item "$externalAddressList" 1 ",")"

    install_nginx_config "$T/nginx.location.00_high_priority_regex.conf" "00_high_priority_regex" location
    if [ "$_replicationMasterConfigured" = "1" ]; then
        install_nginx_config "$T/nginx.location.40_cloud_storage_node.conf" "40_cloud_storage_node" location
    fi
    if [ "$_coldNodeConfigured" = "1" ]; then
        install_nginx_config "$T/nginx.location.45_cold_storage.conf" "45_cold_storage" location
    fi
    install_nginx_config "$T/cloud-sn.location.conf" "50_cloud_storage_node" location

    install_nginx_config "$T/nginx.upstream.50_cloud_storage_node.conf" "50_cloud_storage_node" upstream

    echo "-- Installing storage.location NGINX config"
    install -m 0644 "$T/storage.location" "$D/etc/nginx/"

    if [ "$_replicationMasterConfigured" = "1" ]; then
        echo "-- Installing replication.location NGINX config"
        install -m 0644 "$T/replication.location" "$D/etc/nginx/"
    fi

    chown $storageUserId:$groupId \
        "$D/etc/nginx/location.d" \
        "$D/etc/nginx/upstream.d"
}

handle_reconfigure()
{
    require_root

    _tempConfigPath="$T/config.cfg"

    handle_configure -save-to "$_tempConfigPath"

    "$PC_PATH" stop

    install -m 0644 "$_tempConfigPath" "$D/etc/"

    handle_patch

    "$PC_PATH" stop

    handle_update_node_info

    [ -x "$D/scripts/update_storage_node.sh" ] && "$D/scripts/update_storage_node.sh"
}

D="$(guess_program_location "/opt/@@INSTALL_DIR@@")"
T="/tmp/cloud-sn-ctl-$$"

if [ $# -eq 0 ]; then
    cat <<END
Cloud storage node management script, version $VERSION
Copyright (c) 2004-2017 LogicNow Holdings Limited
All rights reserved.

Usage:
    $(basename "$0") [global arguments] command [arguments]

Commands:
    add-node          Add node to cloud.
    configure         Start interactive configuration wizard.
    get               Get configuration parameter.
    migrate-accounts  Migrate accounts to cloud.
    patch             Patch configuration files and scripts.
    reconfigure       Run configure, then patch, then update-node-info.
    update-node-info  Update node information.

Global arguments:
   -install-path
        Override default installation path.
END
    exit 1
fi

CMD=""
while [ -z "$CMD" -a $# -gt 0 ]; do
    case "$1" in
    -install-path)
        shift
        D="$1"
        ;;
    -*)
        error "Unsupported argument: '$1'"
        ;;
    *)
        CMD="$1"
        ;;
    esac
    shift
done

D="$(echo "$D" | sed -e 's|/*$||')"

SERVER_TOOL="bin/ServerTool"
if [ ! -x "$SERVER_TOOL" ]; then
    SERVER_TOOL="$D/bin/ServerTool"
fi

mkdir -p "$T"

trap "rm -rf '$T'" EXIT

VISA_FILE="$T/mansvc-visa-$$.tmp"

case "$CMD" in
add-node|configure|get|migrate-accounts|patch|reconfigure|update-node-info|get_public_config_param)
    handler_postfix=$(echo $CMD | sed 's/-/_/g')
    handle_$handler_postfix "$@"
    ;;
*)
    error "Unsupported command: '$CMD'"
    ;;
esac