#!/bin/sh
# Restore XplicitTrust services after firmware upgrade (sysupgrade).
# This script runs once on first boot via uci-defaults and then deletes itself.

# Re-create runtime directories (tmpfs, lost on reboot/upgrade)
mkdir -p /var/run/xt
mkdir -p /run/xt-updater
mkdir -p /var/log/xtna-service

# Ensure xtna-users group exists
grep -q xtna-users /etc/group || echo "xtna-users:x:1000:" >> /etc/group
grep -q "xtna-users.*uhttpd" /etc/group || \
    sed -i 's/^xtna-users:\([^:]*\):\([^:]*\):\(.*\)/xtna-users:\1:\2:\3,uhttpd/' /etc/group
sed -i 's/xtna-users:\([^:]*\):\([^:]*\):,/xtna-users:\1:\2:/' /etc/group

# Ensure TUN device exists
if [ ! -c /dev/net/tun ]; then
    mkdir -p /dev/net
    mknod /dev/net/tun c 10 200
    chmod 0755 /dev/net/tun
fi

# Re-enable and start services
if [ -x /etc/init.d/xtna-service ]; then
    /etc/init.d/xtna-service enable
    /etc/init.d/xtna-service start
fi

if [ -x /etc/init.d/xtna-updater ]; then
    /etc/init.d/xtna-updater enable
    /etc/init.d/xtna-updater start
fi

# Reload ACLs and restart rpcd/uhttpd for vuci API
ubus call session reload_acls 2>/dev/null || true
[ -x /etc/init.d/rpcd ] && /etc/init.d/rpcd restart 2>/dev/null || true
[ -x /etc/init.d/uhttpd ] && /etc/init.d/uhttpd restart 2>/dev/null || true
ubus send vuci.notify '{"event": "reload_routes"}' 2>/dev/null || true

exit 0
