#!/bin/bash -e

HOST_NAME=$1
if [ -z "$HOST_NAME" ]; then
    echo "usage: $0 host name"
    exit 1
fi
# remove current rules
systemctl stop risottofirewall.service || true
apt install --yes systemd-container dnf jq debootstrap htop gettext patch unzip mlocate xz-utils iptables
systemd-tmpfiles --create --clean --remove $PWD/host/configurations/$HOST_NAME/tmpfiles.d/0asystemd-nspawn.conf
systemd-tmpfiles --create --clean --remove $PWD/host/configurations/$HOST_NAME/tmpfiles.d/0rougail.conf
systemctl daemon-reload
systemctl restart systemd-sysctl.service
systemctl enable systemd-networkd
systemctl restart systemd-networkd
systemctl enable systemd-resolved
systemctl restart systemd-resolved
# systemctl mask dev-hugepages.mount
systemctl enable risotto-images.timer
systemctl restart risotto-images.timer
systemctl enable risottofirewall.service
systemctl start risottofirewall.service

#nft add table nat
#nft flush table nat;
#nft 'add chain nat prerouting { type nat hook prerouting priority -100; }'
#nft 'add rule nat prerouting iif enp0s3 tcp dport { 80, 443 } dnat to 192.168.45.12'
#nft 'add chain nat postrouting { type nat hook postrouting priority -100; }'
#nft 'add rule nat postrouting ip saddr 192.168.45.10 oif enp0s8 tcp dport 53 snat to 10.0.3.15'
#nft 'add rule nat postrouting ip saddr 192.168.45.10 oif enp0s8 udp dport 53 snat to 10.0.3.15'

echo "install host OK"

exit 0