#!/bin/bash
set -e

# Create system user and group
if ! getent passwd armor > /dev/null 2>&1; then
    adduser --system --group --home /opt/armor \
            --no-create-home --shell /usr/sbin/nologin \
            --gecos "Armor system user" armor
fi

# Set ownership and permissions
chown -R armor:armor /opt/armor
chown -R armor:armor /var/lib/armor
chown -R armor:armor /var/log/armor

# Initialize database directory
mkdir -p /var/lib/armor
chown -R armor:armor /var/lib/armor

# Create SSL directory for certificate generation
mkdir -p /etc/armor/ssl
chown -R armor:armor /etc/armor
chmod 700 /etc/armor/ssl

# Reload systemd daemon
systemctl daemon-reload

echo ""
echo "======================================================================"
echo "Armor has been installed successfully!"
echo ""
echo "Next steps:"
echo "1. Review configuration: /etc/armor/config.yaml"
echo "2. Start the service: systemctl enable --now armor"
echo "3. Check status: systemctl status armor"
echo "4. View logs: journalctl -u armor -f"
echo ""
echo "Default access: https://localhost:3443 (with self-signed certificate)"
echo "======================================================================"
echo ""

#DEBHELPER#
