#!/bin/bash
#
# Univention Server
#  network script: modify resolv.conf
#
# SPDX-FileCopyrightText: 2009-2025 Univention GmbH
# SPDX-License-Identifier: AGPL-3.0-only

. /etc/network/ucs-network-tools
ucs_ignore_interface

eval "$(univention-config-registry shell)"

. /usr/share/univention-lib/all.sh

if [ -n "$nameserver_option_timeout" ] && ! grep -q -s timeout /etc/resolv.conf
then
	echo "options timeout:$nameserver_option_timeout" >> /etc/resolv.conf
fi

case "$(ucr get interfaces/${IFACE}/type)" in
dhcp) ;;
*) exit 0 ;;
esac

is_ns ()
{
	local server="$1"
	eval "$(ucr shell dns/forwarder1 dns/forwarder2 dns/forwarder3 nameserver1 nameserver2 nameserver3)"

	if	[ "$dns_forwarder1" = "$server" ] || [ "$dns_forwarder2" = "$server" ] || [ "$dns_forwarder3" = "$server" ] || \
		[ "$nameserver1" = "$server" ] || [ "$nameserver2" = "$server" ] || [ "$nameserver3" = "$server" ]; then
		return 0
	else
		return 1
	fi
}

# On a joined DNS server the DHCP nameserver should be converted to a dns/forwarder.
# But at least one nameserver must be configured via ucr and nameserver/external
# must not be set to true
if	[ -e /var/univention-join/joined ] && is_domain_controller && \
	[ -n "$nameserver1" -o -n "$nameserver2" -o -n "$nameserver3" ] && \
	! is_ucr_true "nameserver/external"
then
	need_restart=false
	i=1
	while read key ns
	do
		[ "$key" = nameserver ] || continue
		if ! is_ns "$ns"
		then
			ucr set "dns/forwarder$i=$ns" >/dev/null
			need_restart=true
		fi
		i=$((i+1))
	done </etc/resolv.conf
	"$need_restart" && invoke-rc.d named reload
	ucr commit /etc/resolv.conf
else
	# Add the local configured nameserver to the resolv.conf

	# The given nameserver via DHCP should be the default nameserver, so split the
	# current resolv.conf
	tempdir=$(mktemp -d)
	trap "rm -rf '$tempdir'" EXIT
	grep -v ^nameserver /etc/resolv.conf >"${tempdir}/resolv.conf"
	grep ^nameserver /etc/resolv.conf >"${tempdir}/nameserver_dhcp"
	touch "${tempdir}/nameserver_local"
	for i in $(seq 1 3); do
		dns="nameserver$i"
		if [ -n "${!dns}" ]; then
			# Don't add the local nameservers twice
			if ! grep -q -s "nameserver *${!dns}\$" "${tempdir}/nameserver_local"; then
				echo "nameserver ${!dns}" >> "${tempdir}/nameserver_local"
			fi
		fi
	done

	# Build resolv.conf
	cat "${tempdir}/resolv.conf" "${tempdir}/nameserver_local" >/etc/resolv.conf
	# Don't add the DHCP nameservers twice
	awk '/^nameserver/{print $2}' <"${tempdir}/nameserver_dhcp" | while read ns; do
			if ! grep -q -s "nameserver *${ns}\$" /etc/resolv.conf; then
				echo "nameserver $ns" >>/etc/resolv.conf
			fi
	done
fi

exit 0
