package org.kuali.common.devops.aws.sysadmin;

import java.io.IOException;
import org.kuali.common.devops.aws.sysadmin.model.BootstrapContext;
import org.kuali.common.devops.model.User;
import org.kuali.common.util.Assert;
import org.kuali.common.util.CollectionUtils;
import org.kuali.common.util.FormatUtils;
import org.kuali.common.util.channel.api.SecureChannel;
import org.kuali.common.util.channel.model.ChannelContext;
import org.kuali.common.util.channel.model.RemoteFile;
import org.kuali.common.util.channel.util.ChannelUtils;
import org.kuali.common.util.execute.Executable;

/* loaded from: input_file:org/kuali/common/devops/aws/sysadmin/Bootstrap.class */
public final class Bootstrap implements Executable {
    private static final String WARNING = "WARNING: Do not delete or edit this file unless you know exactly what you are doing";
    private final BootstrapContext context;
    private final boolean skip;

    public Bootstrap(BootstrapContext bootstrapContext) {
        this(bootstrapContext, false);
    }

    public Bootstrap(BootstrapContext bootstrapContext, boolean z) {
        Assert.noNulls(new Object[]{bootstrapContext});
        this.context = bootstrapContext;
        this.skip = z;
    }

    public void execute() {
        if (this.skip) {
            return;
        }
        bootstrap();
    }

    protected void bootstrap() {
        enableRootSSH();
        SecureChannel secureChannel = null;
        try {
            try {
                secureChannel = getChannel(this.context.getRoot(), false);
                if (!isBootstrapped(secureChannel)) {
                    bootstrap(secureChannel);
                    markAsBootstrapped(secureChannel);
                    Assert.isTrue(isBootstrapped(secureChannel), "Unable to verify that this instance has been bootstrapped");
                }
                ChannelUtils.closeQuietly(secureChannel);
            } catch (IOException e) {
                throw new IllegalStateException("Unexpected IO error", e);
            }
        } catch (Throwable th) {
            ChannelUtils.closeQuietly(secureChannel);
            throw th;
        }
    }

    protected boolean isBootstrapped(SecureChannel secureChannel) {
        return secureChannel.exists(getBootStrapCompletedFile().getAbsolutePath());
    }

    protected void bootstrap(SecureChannel secureChannel) {
        secureChannel.exec(new String[]{"resize2fs " + this.context.getRootVolumeDeviceName(), "yum --assumeyes update"});
        if (this.context.getPackages().size() > 0) {
            secureChannel.exec("yum --assumeyes install " + CollectionUtils.getSpaceSeparatedString(this.context.getPackages()));
        }
    }

    protected void markAsBootstrapped(SecureChannel secureChannel) {
        secureChannel.scpString("bootstrapping completed: " + FormatUtils.getDate(System.currentTimeMillis()) + "\n" + WARNING, getBootStrapCompletedFile());
    }

    protected RemoteFile getBootStrapCompletedFile() {
        return new RemoteFile.Builder(this.context.getBootstrapCompletedAbsolutePath()).build();
    }

    protected void enableRootSSH() {
        SecureChannel secureChannel = null;
        try {
            try {
                secureChannel = getChannel(this.context.getSshEnabledUser(), true);
                if (!isRootSSHEnabled(secureChannel)) {
                    enableRootSSH(secureChannel);
                    markAsRootSSHEnabled(secureChannel);
                    Assert.isTrue(isRootSSHEnabled(secureChannel), "Unable to verify that root ssh is enabled");
                }
                ChannelUtils.closeQuietly(secureChannel);
            } catch (IOException e) {
                throw new IllegalStateException("Unexpected IO error", e);
            }
        } catch (Throwable th) {
            ChannelUtils.closeQuietly(secureChannel);
            throw th;
        }
    }

    protected void enableRootSSH(SecureChannel secureChannel) {
        String configFileOverrideLocation = this.context.getSshdOverride().getConfigFileOverrideLocation();
        String str = this.context.getSshEnabledUser().getHome() + "/.bootstrap/" + ((Object) null);
        String str2 = "sudo cp " + this.context.getSshEnabledUser().getAuthorizedKeys() + " " + this.context.getRoot().getAuthorizedKeys();
        String str3 = "sudo cp " + str + " " + ((Object) null);
        RemoteFile build = new RemoteFile.Builder(str).build();
        secureChannel.exec(str2);
        secureChannel.scp(configFileOverrideLocation, build);
        secureChannel.exec(str3);
        secureChannel.exec("sudo service " + ((Object) null));
    }

    protected void markAsRootSSHEnabled(SecureChannel secureChannel) {
        secureChannel.scpString("root ssh enabled: " + FormatUtils.getDate(System.currentTimeMillis()) + "\n" + WARNING, getRootSSHEnabledFile(this.context.getSshEnabledUser()));
    }

    protected RemoteFile getRootSSHEnabledFile(User user) {
        return new RemoteFile.Builder(user.getHome() + "/.bootstrap/root-ssh.enabled").build();
    }

    protected boolean isRootSSHEnabled(SecureChannel secureChannel) {
        return secureChannel.exists(getRootSSHEnabledFile(this.context.getSshEnabledUser()).getAbsolutePath());
    }

    protected SecureChannel getChannel(User user, boolean z) throws IOException {
        return this.context.getService().openChannel((ChannelContext) null);
    }

    public BootstrapContext getContext() {
        return this.context;
    }

    public boolean isSkip() {
        return this.skip;
    }
}
