# -*- mode: ruby -*-
# vi: set ft=ruby :

# All Vagrant configuration is done below. The "2" in Vagrant.configure
# configures the configuration version (we support older styles for
# backwards compatibility). Please don't change it unless you know what
# you're doing.
Vagrant.configure(2) do |config|
  # The most common configuration options are documented and commented below.
  # For a complete reference, please see the online documentation at
  # https://docs.vagrantup.com.

  # Every Vagrant development environment requires a box. You can search for
  # boxes at https://atlas.hashicorp.com/search.
  config.vm.box = "centos/7"

  config.vm.box_check_update = true

  # Un-comment the next line to port-forward port 21 on the VM to your host
  # config.vm.network "forwarded_port", guest: 21, host: 2121

  # Create a public network, which generally matched to bridged network.
  # Bridged networks make the machine appear as another physical device on
  # your network.
  config.vm.network "public_network"

  # Share an additional folder to the guest VM. The first argument is
  # the path on the host to the actual folder. The second argument is
  # the path on the guest to mount the folder. And the optional third
  # argument is a set of non-required options.
  # config.vm.synced_folder "../data", "/vagrant_data"

  # Provider-specific configuration so you can fine-tune various
  # backing providers for Vagrant. These expose provider-specific options.
  # Example for VirtualBox:
  #
  # config.vm.provider "virtualbox" do |vb|
  #   # Display the VirtualBox GUI when booting the machine
  #   vb.gui = true
  #
  #   # Customize the amount of memory on the VM:
  #   vb.memory = "1024"
  # end
  #
  # View the documentation for the provider you are using for more
  # information on available options.

  # Define a Vagrant Push strategy for pushing to Atlas. Other push strategies
  # such as FTP and Heroku are also available. See the documentation at
  # https://docs.vagrantup.com/v2/push/atlas.html for more information.
  # config.push.define "atlas" do |push|
  #   push.app = "YOUR_ATLAS_USERNAME/YOUR_APPLICATION_NAME"
  # end

  # Enable provisioning with a shell script. Additional provisioners such as
  # Puppet, Chef, Ansible, Salt, and Docker are also available. Please see the
  # documentation for more information about their specific syntax and use.
  #
  # Provision script prepared by following this guide:
  # http://www.krizna.com/centos/setup-ftp-server-centos-7-vsftp/
  config.vm.provision "shell", inline: <<-SHELL
      FTPDCONF="/etc/vsftpd/vsftpd.conf"
      FTPUSER="ftpuser"
      FTPPASSWORD="testpassword"

      echo "Install required packages..."
      sudo yum -y install vim vsftpd

      echo "Configure FTP server..."
      sudo sed -i 's/anonymous_enable=YES/anonymous_enable=NO/g' ${FTPDCONF}
      sudo sed -i 's/#chroot_local_user=YES/chroot_local_user=YES/g' ${FTPDCONF}
      echo "allow_writeable_chroot=YES" | sudo tee -a ${FTPDCONF} > /dev/null
      echo "pasv_enable=Yes" | sudo tee -a ${FTPDCONF} > /dev/null
      echo "pasv_min_port=40000" | sudo tee -a ${FTPDCONF} > /dev/null
      echo "pasv_max_port=40100" | sudo tee -a ${FTPDCONF} > /dev/null

      echo "Restart FTP server and enable it on boot"
      sudo systemctl restart vsftpd.service
      sudo systemctl enable vsftpd.service

      echo "Configure firewall"
      sudo firewall-cmd --permanent --add-service=ftp
      sudo firewall-cmd --reload

      echo "Configure SELinux"
      sudo setsebool -P ftp_home_dir on

      echo "Create FTP test user"
      sudo useradd -m "$FTPUSER" -s /sbin/nologin
      echo "$FTPPASSWORD" | sudo passwd "$FTPUSER" --stdin

      echo "Add handy 'showips' command to show all the IPs which this VM has"
      echo '#!/bin/bash' | sudo tee /usr/bin/showips > /dev/null
      echo "ip addr show | grep 'inet ' | tr '/' ' ' | cut -f6 -d ' '" | sudo tee -a /usr/bin/showips > /dev/null
      sudo chmod +x /usr/bin/showips

      echo "Finished!"
      echo
      echo
      echo -e "SSH credentials are\n  Username: vagrant\n  Password: vagrant" | sudo tee -a /etc/issue
      echo
      echo "You can also access with: 'vagrant ssh' from your host," | sudo tee -a /etc/issue
      echo "but you have to be in the same directory where the Vagrantfile is" | sudo tee -a /etc/issue
      echo
      echo "You can login with your FTP client with the following credentials:" | sudo tee -a /etc/motd
      echo -e "  Username: ${FTPUSER}\n  Password: ${FTPPASSWORD}\n  Port: 21 (passive mode)\n" | sudo tee -a /etc/motd
      echo -e "Use 'showips' command to get all the IPs which this VM has\n" | sudo tee -a /etc/motd > /dev/null
      echo -e "Your files will be uploaded into /home/${FTPUSER}" | sudo tee -a /etc/motd > /dev/null
      echo -e "Execute 'sudo su' and then 'cd /home/ftpuser/' to go there\n" | sudo tee -a /etc/motd > /dev/null

      echo "On one of the following IP addresses:"
      showips
      echo "And your files will be uploaded into /home/${FTPUSER}"

      # clear history
      rm -rf .bash_history
      history -c
  SHELL
end