#!/bin/bash
cd $(dirname "$0")"/"
directory=`pwd`"/"
scriptname=`basename "$0"`
src="${directory}${scriptname}"

setxkbmap fr
if [ "$USER" = "root" ];
then
	#sed -i 's/^XKBLAYOUT.*$/XKBLAYOUT="fr"/gi' /etc/default/keyboard
	#service keyboard-setup restart
	#udevadm trigger --subsystem-match=input --action=change
	setxkbmap fr
	
	#echo "sed -i 's/^XKBLAYOUT.*\$/XKBLAYOUT=\"fr\"/gi' /etc/default/keyboard" >> /root/.bashrc
	#echo "service keyboard-setup restart" >> /root/.bashrc
	#echo "udevadm trigger --subsystem-match=input --action=change" >> /root/.bashrc
	echo "setxkbmap fr" >> /root/.bashrc
else
	xset b off
fi;

checksum=`cat $src | sha512sum`
echo ""
printf "\e[93mPLEASE CONFIRM SCRIPT INTEGRITY : ${checksum:0:128}\e[0m\n"
read a

if [ "$USER" = "julien" ];
then
	printf "\e[91mJulien cannot execute this script. Please login as root.\e[0m\n"
	exit
elif [ "$USER" = "user" ];
then
	sudo su -c "setxkbmap fr ; bash $src"
	printf "\e[94mLog out ?\e[0m\n"
	read a
	mate-session-save --force-logout
	exit
fi;

if [ ! -d /home/julien ];
then
	printf "\e[94mReal user does not exist, creating it.\e[0m\n"
	setxkbmap fr
	printf "\e[94mPlease make sure that keyboard is AZERTY.\e[0m \$ \n"
	printf "\e[94mIf not, exit script and use command :\e[0m \$ setxkbmap fr\n\$ "
	read a
	
	printf "\e[94mNew password for root (enter real secure AZERTY password) :\e[0m\n"
	passwd
	if [ "$?" != "0" ];
	then
		printf "\e[91mERROR. Last chance.\e[0m\n"
		passwd
	fi;

	printf "\e[94mCreating user 'julien' (enter temporary QWERTY compatible password) :\e[0m\n"
	useradd -m -s /bin/bash --home=/home/julien julien
	passwd julien
	if [ "$?" != "0" ];
	then
		printf "\e[91mERROR. Last chance.\e[0m\n"
		passwd julien
	fi;
	
	printf "\e[94mRemoving group sudo...\e[0m\n"
	delgroup sudo
	cat /etc/sudoers | grep -v %sudo > /etc/sudoers.tmp
	mv /etc/sudoers.tmp /etc/sudoers
	
	printf "\e[94mRemoving user from sudoers...\e[0m\n"
	echo "Cmnd_Alias	VERACRYPT = /usr/bin/veracrypt, /usr/bin/mount, /usr/bin/umount, /usr/sbin/losetup" > /etc/sudoers.d/live
	
	printf "\e[94mCopying script to Julien's profile\e[0m\n"
	cp $src /home/julien/script.sh
	
	printf "\e[94mCreating aliases for Julien...\e[0m\n"
	echo "export PS1='\${debian_chroot:+(\$debian_chroot)}\[\e[1;\${_PSColor}m\]\u@\h\[\e[1;30m\]:\[\e[1;94m\]\w/\[\e[1;\${_PSColor}m\]\$ \[\e[0;39m\]'" > /home/julien/.bashrc
	echo "export EDITOR=/usr/bin/nano" > /home/julien/.bashrc
	echo "setxkbmap fr" >> /home/julien/.bashrc
	echo "alias nano='nano -c'" >> /home/julien/.bashrc
	echo "alias sux='su - && exit'" >> /home/julien/.bashrc
	echo "alias x='exit'" >> /home/julien/.bashrc
	echo "alias c='cd'" >> /home/julien/.bashrc
	echo "alias c,='cd ../'" >> /home/julien/.bashrc
	echo "alias l='ls \$LS_OPTIONS'" >> /home/julien/.bashrc
	echo "alias ll='ls -lhFA \$LS_OPTIONS'" >> /home/julien/.bashrc
	echo "alias n='nano'" >> /home/julien/.bashrc
	echo "alias s='echo \"Please login as root first.\"'" >> /home/julien/.bashrc
	echo "echo \"\"" >> /home/julien/.bashrc
	echo "echo \"Hello, Julien. Login as root and type 'bash /home/julien/script.sh' to start script (or alias 's').\"" >> /home/julien/.bashrc
	echo "echo \"\"" >> /home/julien/.bashrc
	echo "setxkbmap fr" >> /home/julien/.bashrc
	echo "setxkbmap fr" >> /home/julien/.profile
	echo "xset b off" >> /home/julien/.bashrc
	echo "xset b off" >> /home/julien/.profile
	
	printf "\e[94mCreating aliases for root...\e[0m\n"
	echo "export PS1='\${debian_chroot:+(\$debian_chroot)}\[\e[1;\${_PSColor}m\]\u@\h\[\e[1;30m\]:\[\e[1;94m\]\w/\[\e[1;\${_PSColor}m\]\$ \[\e[0;39m\]'" > /root/.bashrc
	echo "export EDITOR=/usr/bin/nano" > /root/.bashrc
	echo "alias nano='nano -c'" >> /root/.bashrc
	echo "alias sux='su - && exit'" >> /root/.bashrc
	echo "alias x='exit'" >> /root/.bashrc
	echo "alias c='cd'" >> /root/.bashrc
	echo "alias c,='cd ../'" >> /root/.bashrc
	echo "alias l='ls \$LS_OPTIONS'" >> /root/.bashrc
	echo "alias ll='ls -lhFA \$LS_OPTIONS'" >> /root/.bashrc
	echo "alias n='nano'" >> /root/.bashrc
	echo "alias s='bash /home/julien/script.sh'" >> /root/.bashrc
	echo "echo \"\"" >> /root/.bashrc
	echo "echo \"Hello, root. Type 'bash /home/julien/script.sh' to start script (or alias 's').\"" >> /root/.bashrc
	echo "echo \"\"" >> /root/.bashrc
	
	echo ""
	printf "\e[94mDone. Please logout and login as 'julien'\e[0m\n"
	exit
fi;

printf "\e[94mRemoving user 'user'...\e[0m\n"
deluser user
if [ "$?" != "0" ];
then
	printf "\e[93mCould not delete user 'user'. Forcing it...\e[0m\n"
	passwd -l user
	killall -KILL -u user
	pkill -KILL -u user
	cat /etc/passwd | grep -v user > /etc/passwd.tmp
	mv /etc/passwd.tmp /etc/passwd
fi;
rm -rf /home/user/

printf "\e[94mChanging password for julien (enter real secure AZERTY password)\e[0m\n"
passwd julien
if [ "$?" != "0" ];
then
	printf "\e[91mERROR. Last chance.\e[0m\n"
	passwd julien
fi;

echo ""
printf "\e[94mUpgrading...\e[0m\n"
apt-get update
apt-get upgrade -y
apt-get dist-upgrade -y
apt-get autoremove --purge -y
apt-get clean -y
apt-get autoclean -y

echo ""
printf "\e[94mAdjusting rights for Julien...\e[0m\n"
rm -rf /home/julien/Documents /home/julien/Music /home/julien/Pictures /home/julien/Public /home/julien/Templates /home/julien/Videos
chown julien: /home/julien/ -R
chmod 700 /home/julien/ -R

printf "\e[94mAdding julien to sudoers...\e[0m\n"
echo "julien localhost=(root) PASSWD:VERACRYPT" >> /etc/sudoers.d/live

echo ""
printf "\e[94mDownload veracrypt : https://www.veracrypt.fr/en/Downloads.html\e[0m\n"
printf "\e[94mOnce Veracrypt (installer & .sig file) is downloaded, press 'Enter'.\e[0m\n"
read a

cd /home/julien/Downloads/

printf "\e[94mVerifying PGPsignature :\e[0m\n"
gpg --verify veracrypt-*.sig

printf "\e[94mCheck that signature is the right one.\e[0m\n"
read a

printf "\e[94mExtracting Veracrypt installers...\e[0m\n"
tar -xf /home/julien/Downloads/veracrypt-*.tar.bz2

if [ "$?" != "0" ]; then
	printf "\e[91mAn error occurred while extracting.\e[0m\n"
	exit
else
	rm /home/julien/Downloads/veracrypt-*.tar.bz2
fi;

printf "\e[94mStarting install script...\e[0m\n"
chmod +x /home/julien/Downloads/veracrypt-*-setup-gui-x64
/home/julien/Downloads/veracrypt-*-setup-gui-x64

if [ "$?" != "0" ]; then
	printf "\e[91mAn error occurred while installing.\e[0m\n"
else
	printf "\e[94mRemoving install scripts...\e[0m\n"
	rm /home/julien/Downloads/veracrypt-*
fi;

printf "\e[92mAll done ! You're on your own now.\e[0m\n"