#!/bin/bash
# I, Ian Kelling, follow the GNU license recommendations at
# https://www.gnu.org/licenses/license-recommendations.en.html. They
# recommend that small programs, < 300 lines, be licensed under the
# Apache License 2.0. This file contains or is part of one or more small
# programs. If a small program grows beyond 300 lines, I plan to switch
# its license to GPL.

# Copyright 2024 Ian Kelling

# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at

#     http://www.apache.org/licenses/LICENSE-2.0

# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.


# misc interesting:
# https://github.com/sergeyksv/tingodb


#### begin bbb-docker-dev setup
mkc /a/opt/bbb-docker-dev-setup/
ln -s $PWD ~


### begin vm setup, a/v didnt work, probably a nat issue

s virsh dumpxml ubuntu20.04-clone-bbb | gr mac
# use mac
virsh net-update default add ip-dhcp-host "<host mac='52:54:00:8e:c3:55' name='b8.nz' ip='192.168.122.17' />" --live --config

virsh start ubuntu20.04-clone-bbb

iptables -t nat -A PREROUTING -i wlan0 -p tcp --dport 16384:32768 -j DNAT --to 192.168.122.17:16384-32768
iptables -t nat -A PREROUTING -i wlan0 -p tcp --dport 80 -j DNAT --to 192.168.122.17:80
iptables -t nat -A PREROUTING -i wlan0 -p tcp --dport 443 -j DNAT --to 192.168.122.17:443
# based on https://serverfault.com/a/1083813
iptables -I LIBVIRT_FWI -o virbr0 -d 192.168.122.17 -m conntrack --ctstate DNAT,RELATED,ESTABLISHED -j ACCEPT
# alternate would be to have matching rule like this:
#iptables -D LIBVIRT_FWI -o virbr0 -p tcp -d 192.168.122.17 --dport 443 -j ACCEPT
# the accept rule here doesnt work without -i, and it is in the wrong chain.
# https://wiki.libvirt.org/page/Networking#Forwarding_Incoming_Connections


# on router, forward 80, 443 and these:

cat <<'EOF'
config redirect
option name bbbudp
option src              wan
option src_dport        16384:32768
option dest             lan
option dest_ip          $l.7
option proto            udp
config rule
option src              wan
option target           ACCEPT
option dest_port        16384:32768
option proto            udp
EOF


wget -qO- https://ubuntu.bigbluebutton.org/bbb-install-2.5.sh | bash -sxe -- -v focal-250 -s b8.nz -e letsencrypt@b8.nz  -a -g




### failed systemd-nspawn steps (docker doesnt work inside)

mkschroot -s /a/bin/fai/fai/config/files/etc/apt/sources.list.d/focal.list/FOCAL focal
s ln -s /nocow/schroot/focal /var/lib/machines
https://docs.bigbluebutton.org/2.5/install.html
apt-get install -y language-pack-en
update-locale LANG=en_US.UTF-8
s systemd-nspawn -b -M focal --bind /a
s sed -i 's/^/#/' /etc/apache2/ports.conf