#!/bin/bash

# Warning:
# ========
#
# This is just a little example…
# …before you run a productive system you should deal more intense with kerberos…
# …and be able to do all of this (and more) yourself!
#
# A verbose Tutorial can be found here: http://techpubs.spinlocksolutions.com/dklar/kerberos.html


### Manual adjustments needed here: ###

IF=eth0
DOMAIN=example.com


### Should be calculated correctly: ###

IP=$(ifconfig ${IF} | grep 'inet ' | cut -d: -f2 | cut -d' ' -f1)
HOST=${HOSTNAME}
REALM=$(echo "$DOMAIN" | awk '{print toupper($1)}')

echo -e "
IP:\t${IP}\n
HOST:\t${HOST}\n
DOMAIN:\t${DOMAIN}\n
REALM:\t${REALM}
"

### Everythink right? ###

if [ -z "$IP" ]
then echo -e "Error: Interface ${IF} not up"; exit
fi

echo '
Abort with Ctrl+C\n
Press any key to continue…
'
read input


### Configure DNS-Settings ###

if [ ! -f /etc/hosts~ ]
then cp /etc/hosts /etc/hosts~
fi

echo -e "\n${IP}\t${HOST}.${DOMAIN} ${HOST}" > /etc/hosts


### Install Kerberos ###

aptitude install krb5-{admin-server,kdc}


### Configure Realm ###

if [ ! -f /etc/krb5.conf~ ]
then cp /etc/krb5.conf /etc/krb5.conf~
fi

echo "
[libdefaults]
	default_realm = ${REALM}
[realms]
	${REALM} = {
		kdc = ${HOST}.${DOMAIN}
		admin_server = ${HOST}.${DOMAIN}
	}
[DOMAIN_realm]
	.${DOMAIN} = ${REALM}
	${DOMAIN} = ${REALM}
" > /etc/krb5.conf 

krb5_newrealm

invoke-rc.d krb5-kdc restart
invoke-rc.d krb5-admin-server restart


### Install some Clients ###

aptitude install krb5-clients ssh-krb5

echo -e '\nDONE'