#!/bin/bash

NOMECONTAINER="pentest"

docker_repo="urbancompasspony/pandora:latest"
imagem="pentest"

randompass=$(tr -dc A-Za-z0-9 </dev/urandom | head -c 8; echo)

CustmN2="local_ip"
CustmN3="pihole?_dns"
CustmN4="ntfy?"
CustmN5="parallel"
CustmN6="web_pass"
CustmN7="gateway"
CustmN8="black1_max8"
CustmN9="black2_max8"
CustmN10=""

VALUE2="0.0.0.0"
VALUE3="8.8.4.4"
VALUE4="0"
VALUE5="2"
VALUE6="$randompass"
VALUE7="192.168.0.1"
VALUE8=""
VALUE9=""
VALUE10=""

export NOMECONTAINER docker_repo imagem
export CustmN2 CustmN3 CustmN4 CustmN5 CustmN6 CustmN7 CustmN8 CustmN9 CustmN10
export VALUE2 VALUE3 VALUE4 VALUE5 VALUE6 VALUE7 VALUE8 VALUE9 VALUE10

source /root/.index.sh

if [ -f /tmp/common-functions.sh ]; then
  source /tmp/common-functions.sh
else
  echo "ERRO: common-functions.sh não encontrado!"
  exit 1
fi

function set_mkdir {
  if [ -d /srv/containers/"$NOMECONTAINER"/Data ]; then
    sudo rm -r /srv/containers/"$NOMECONTAINER"/Data
  fi
  
  if [ -d /srv/containers/"$NOMECONTAINER"/Pentests ]; then
    sudo rm -r /srv/containers/"$NOMECONTAINER"/Pentests
  fi
  
  sudo mkdir -p /srv/containers/"$NOMECONTAINER"/{Data,Pentests}

  sudo touch /srv/containers/"$NOMECONTAINER"/Data/ntfysh
  sudo touch /srv/containers/"$NOMECONTAINER"/Data/runa
  sudo touch /srv/containers/"$NOMECONTAINER"/Data/hostname
  sudo touch /srv/containers/"$NOMECONTAINER"/Data/blacklist

  echo "$NOMECONTAINER" | sudo tee /srv/containers/"$NOMECONTAINER"/Data/hostname > /dev/null
  echo "$VALUE4" | sudo tee /srv/containers/"$NOMECONTAINER"/Data/ntfysh > /dev/null
  echo "$VALUE5" | sudo tee /srv/containers/"$NOMECONTAINER"/Data/runa > /dev/null

  echo "$VALUE2" | sudo tee /srv/containers/"$NOMECONTAINER"/Data/blacklist > /dev/null
  echo "$VALUE3" | sudo tee -a /srv/containers/"$NOMECONTAINER"/Data/blacklist > /dev/null
  echo "$VALUE7" | sudo tee -a /srv/containers/"$NOMECONTAINER"/Data/blacklist > /dev/null

  PUBLIC_DNS="8.8.8.8|8.8.4.4|208.67.220.220|208.67.222.222|4.2.2.1|4.2.2.2|8.26.56.26|8.20.247.20|84.200.69.80|84.200.70.40|9.9.9.9|149.112.112.112|1.1.1.1|1.0.0.1|200.225.197.34|200.225.197.37|189.38.95.95|189.38.95.96|181.213.132.2|181.213.132.3|null|0.0.0.0"
  
  yq eval '.[] | [.local_ip, .servidor_dns] | .[]' /srv/containers.yaml | grep -v '^$' | grep -vE "^($PUBLIC_DNS)$" | sort -u | sudo tee -a /srv/containers/"$NOMECONTAINER"/Data/blacklist > /dev/null
  
  echo "$VALUE8" | tr ' ' '\n' | sudo tee -a /srv/containers/"$NOMECONTAINER"/Data/blacklist > /dev/null
  echo "$VALUE9" | tr ' ' '\n' | sudo tee -a /srv/containers/"$NOMECONTAINER"/Data/blacklist > /dev/null
:;}

function docker_create {
  local ip_regex="^([0-9]{1,3}\.){3}[0-9]{1,3}$"

  # Se NAO for numerico, execute como host!
  if [[ ! "$VALUE2" =~ $ip_regex ]]; then

    docker run -d --name="$NOMECONTAINER" --hostname="$NOMECONTAINER" \
    --network host \
    --no-healthcheck --restart=unless-stopped -v /etc/localtime:/etc/localtime:ro \
    --log-driver json-file --log-opt max-size=10m --log-opt max-file=3 \
    -p 8080:80 \
    -v /srv/containers/"$NOMECONTAINER"/Data:/Data \
    -v /srv/containers/"$NOMECONTAINER"/Pentests:/Pentests \
    "$docker_repo"

    return
  fi

  docker run -d --name="$NOMECONTAINER" --hostname="$NOMECONTAINER" \
  --network macvlan --ip="$VALUE2" --dns="$VALUE3" \
  --no-healthcheck --restart=unless-stopped -v /etc/localtime:/etc/localtime:ro \
  --log-driver json-file --log-opt max-size=10m --log-opt max-file=3 \
  -v /srv/containers/"$NOMECONTAINER"/Data:/Data \
  -v /srv/containers/"$NOMECONTAINER"/Pentests:/Pentests \
  "$docker_repo"
}

function docker_extras {
  docker exec "$NOMECONTAINER" bash -c "htpasswd -b /etc/apache2/.htpasswd admin $VALUE6"
  echo ""; echo "Use it on crontab: 0 7 * * * docker exec $NOMECONTAINER /pandora.sh"
  sleep 3
:; }

execute_main

exit 0