#!/bin/bash

# need to be root
if [ "$EUID" -ne 0 ]; then
  echo "Please run as root"
  exit
fi

watchdog () {
    # Watchdog
    docker create \
        --name watchtower \
        -v /var/run/docker.sock:/var/run/docker.sock \
        --restart=always \
        v2tec/watchtower
    docker start watchtower
}

guacd () {
	# guacd
    docker create \
    	--name guacd \
        --restart=always \
        guacamole/guacd
    docker start guacd
}

guacamole () {
	# guacamole
    # ask for passwords
    read -e -s -p "Enter MySQL Password: " MYSQL_PASSWORD
    read -e -s -p "Enter LDAP Password: " LDAP_PASSWORD
    docker create \
    	--name guacamole \
    	--link guacd:guacd \
    	-p 8080:8080 \
        --restart=always \
        -e MYSQL_HOSTNAME=gauntsql.home.johnhgaunt.com \
        -e MYSQL_DATABASE=guacamole_db \
        -e MYSQL_USER=guacamole \
        -e MYSQL_PASSWORD=$MYSQL_PASSWORD \
        -e LDAP_HOSTNAME=gauntdc01.home.johnhgaunt.com \
        -e LDAP_PORT=389 \
        -e LDAP_USER_BASE_DN='CN=Users,DC=home,DC=johnhgaunt,DC=com' \
        -e LDAP_SEARCH_BIND_DN='CN=Service_Guacamole,CN=Users,DC=home,DC=johnhgaunt,DC=com' \
        -e LDAP_SEARCH_BIND_PASSWORD=$LDAP_PASSWORD \
        -e LDAP_USERNAME_ATTRIBUTE=sAMAccountName \
        guacamole/guacamole
        
	cat << EOF >> /etc/firewalld/services/guacamole.xml
<?xml version="1.0" encoding="utf-8"?>
    <service>
        <short>guacamole</short>
        <description>gucamole</description>
        <port protocol="tcp" port="8080"/>
    </service>
EOF
    sleep 5
    firewall-cmd --add-service=guacamole --permanent
    firewall-cmd --reload
    docker start guacamole
        

}