#!/bin/bash
# Ubuntu Post Installation Script
# Author: James Brahm
# Mail: james@jamesbrahm.us
#
# Usage instructions:
# wget jamesbrahm.us/setup
# bash setup

# Initial Stuff
HEIGHT=10
WIDTH=78


if (whiptail --title "Debian Post Installation Script" --yesno "Author: James Brahm\nMail: james@jamesbrahm.us\n\nDo you want to begin the script?" 10 78)
then
	echo "Starting script..."
else
	echo "Aborting..."
	exit 0;
fi

echo "Post installation script for Debian 12";
cd $HOME;
echo "Changed directory to "$HOME;


# Install updates
if (whiptail --title "Updates" --yesno "Do you want to check for and install updates?" 10 78)
then
    sudo apt update
    sudo apt full-upgrade
else
	echo ""
fi

# Basic Tools
RESP=$(whiptail --title "Basic Tools" --checklist \
"Which of these would you like to install? Use space to select." 22 78 4 \
"vim" "VImproved text editor (with my vimrc)" ON \`
"tmux" "Terminal multiplexer" ON \
"terminator" "GUI terminal multiplexer" ON \
"firefox" "Web browser" ON \
3>&1 1>&2 2>&3)
for package in $RESP
    do sudo apt install -y $(eval echo $package)
done


if [[ $RESP == *"vim"* ]]
then
    wget https://jamesbrahm.us/files/vimrc -O ~/.vimrc
fi

# Development Tools
RESP=$(whiptail --title "Development Tools" --checklist \
"Which of these would you like to install? Use space to select." 22 78 8 \
"git" "Version control system" ON \
"gcc" "GNU C Compiler" OFF \
"g++" "GNU C++ Compiler" OFF \
"gdb" "GNU debugger" OFF \
"gcc-multilib" "" OFF \
"python-pip" "Python package installer" ON \
"virtualenv" "Virtual Environment" ON \
"default-jdk" "Java compiler" OFF \
3>&1 1>&2 2>&3)
for package in $RESP
    do sudo apt install -y $(eval echo $package)
done

if [[ $RESP == *"gdb"* ]]
then
    if (whiptail --yesno "Would you like to install pwndbg extensions for gdb?\n\nThis is quite useful for exploit development or reverse-engineering." 10 78)
    then
        sudo apt install git
        echo "Cloning pwndbg into home..."
        cd ~
        git clone https://github.com/pwndbg/pwndbg
        cd pwndbg
        ./setup.sh
        cd ~
    fi
fi

# Fun Stuff
RESP=$(whiptail --title "Just for Fun" --checklist \
"Which of the following would you like to install? Use space to select." 22 78 3 \
"sl" "Steam Locomotive" OFF \
"fortune" "Fortune Cookie" OFF \
"cmatrix" "See the code of the matrix" OFF \
3>&1 1>&2 2>&3)
for package in $RESP
    do sudo apt install -y $(eval echo $package)
done

# System Utilities
RESP=$(whiptail --title "System Utilities" --checklist \
"Which of the following would you like to install? Use space to select." 22 78 8 \
"p7zip-full" "7zip tool" OFF \
"powertop" "Power saving utility" OFF \
"tlp" "Another power utility" OFF \
"nautilus-dropbox" "File synchronization tool" OFF \
"dos2unix" "Line ending converter" ON \
"nmap" "Nework scanner" ON \
"curl" "Downloader" ON \
"ntfs-3g" "Windows FS support" OFF \
"gparted" "GNOME Partition Manager" OFF \
3>&1 1>&2 2>&3)
for package in $RESP
    do sudo apt install -y $(eval echo $package)
done


# Powertop isn't useful unless you use it
# I usually set everything to good anyway
if [[ $RESP == *"powertop"* ]]
then
    if (whiptail --yesno "Would you like to automatically use powertop to tune your power settings on boot?\nThis will install a root cron job that runs powertop --auto-tune automatically.\n\nThis really is only necessary on laptops where you care about power consumption." 10 78)
    then
        echo "@reboot /usr/sbin/powertop --auto-tune" | sudo tee --append /var/spool/cron/crontabs/root
        whiptail --title "Warning" --msgbox "A cron job has been added to start powertop.  However, we did not check to see if one already exists.  If you aren't sure, run 'sudo crontab -e' to ensure it's only there once." 10 78
    fi
fi

# Media
RESP=$(whiptail --title "Media & Office" --checklist \
"Which of the following would you like to install? Use space to select." 22 78 5 \
"libreoffice" "Office suite" ON \
"vlc" "Media player" ON \
"gimp" "Photo editor" ON \
"inkscape" "Vector graphic editor" OFF \
"openshot-qt" "Video editor" OFF \
3>&1 1>&2 2>&3)
for package in $RESP
    do sudo apt install -y $(eval echo $package)
done

# Servers
RESP=$(whiptail --title "Local servers" --checklist \
"Which of the following would you like to install? Use space to select." 22 78 5 \
"apache2" "Web server" OFF \
"openssh-server" "SSH server" OFF \
3>&1 1>&2 2>&3)
for package in $RESP
    do sudo apt install -y $(eval echo $package)
done

# Academic
RESP=$(whiptail --title "Academic Tools" --checklist \
"Which of the following would you like to install? Use space to select." 22 78 4 \
"speedcrunch" "Calculator" ON \
"pandoc" "Markdown to pdf" OFF \
"texlive" "LaTeX distribution" OFF \
"calibre" "Book reader" OFF \
3>&1 1>&2 2>&3)
for package in $RESP
    do sudo apt install -y $(eval echo $package)
done

# Firewall stuff
if (whiptail --yesno "Set basic firewall rules?\n\nThis will deny incoming connections by default." 10 78)
then
	echo "This isn't configured yet, do it yourself"
fi
# Google Chrome, the real version, not Chromium
if (whiptail --yesno "Do you want to install Chrome?" 10 78)
then
    echo "Downloading Chrome installer..."
    cd Downloads
    rm google-chrome-stable_current_amd64.deb
    wget https://dl.google.com/linux/direct/google-chrome-stable_current_amd64.deb
    echo "Installing dependency resolution tool (gdebi)..."
    sudo apt install -y gdebi
    echo "Installing Chrome..."
    sudo gdebi google-chrome-stable_current_amd64.deb
    cd ~
fi


# CAC
if (whiptail --yesno "Do you want to install DoD CAC support?" 10 78)
then
    # Install CAC middleware
    sudo apt install -y libpcsclite1 pcscd pcsc-tools

    # Install cac reader
    sudo apt install -y coolkey

    # Alert user of next steps
    whiptail --title "Next Steps" --msgbox "CAC support has been installed, but you are not yet configured to use DoD sites like DTS.  You need to do two things.\n\n1. Download the DoD root certificates and configure Firefox to use them.\n\n2. Configure Firefox to trust the Coolkey security device." 10 78
    whiptail --title "Next Steps" --msgbox "You can get by without the certs, but you need to to this in Firefox:\nPreferences -> Advanced -> Encryption -> Security Devices -> Load -> /usr/lib/pkcs11/libcoolkeypk11.so" 10 78
fi

if (whiptail --yesno "Would you like to install Chinese input tools?  This works really well on XFCE but does not recognize KDE applications as an input window." 10 78)
then
    sudo apt install -y fcitx fcitx-googlepinyin
    whiptail --title "Next Steps" --msgbox "fcitx and googlepinyin have been installed, but you may need to manually add that as an input.  Additionally, you need to reboot and then start fcitx to get input switching to work.  I'm not kidding, actually reboot your computer." 10 78
fi

if (whiptail --yesno "Would you like to install ProtonVPN?  (For GNOME/GTK)" 10 78)
then
    wget https://repo.protonvpn.com/debian/dists/stable/main/binary-all/protonvpn-stable-release_1.0.6_all.deb
    echo "e5e03976d0980bafdf07da2f71b14fbc883c091e72b16772199742c98473002f protonvpn-stable-release_1.0.6_all.deb" | sha256sum --check -
    sudo dpkg -i ./protonvpn-stable-release_1.0.6_all.deb && sudo apt update
    sudo apt install proton-vpn-gnome-desktop
fi

if (whiptail --yesno "Would you like to install Syncthing?" 10 78)
then
    echo "Not yet implemented"
fi

echo "Done!"