From 81b163dd25c669076763e1db4fa8f427b96a5943 Mon Sep 17 00:00:00 2001
From: 0x1eef <0x1eef@bastion.home.network>
Date: Fri, 16 Aug 2024 19:45:22 -0300
Subject: [PATCH] Add 'sourcezap [setup|teardown]' (#5)

Co-authored-by: 0x1eef <0x1eef@protonmail.com>
Reviewed-on: http://git.bastion.home.network/0x1eef/sourcezap/pulls/5
---
 README.md                                     | 12 ++++++----
 bin/sourcezap                                 | 12 +++++++++-
 .../sourcezap/commands/sourcezap-setup        |  2 +-
 libexec/sourcezap/commands/sourcezap-teardown | 24 +++++++++++++++++++
 man/man8/sourcezap.8                          | 19 ++++++++++++++-
 share/sourcezap/CHANGELOG                     |  3 +++
 6 files changed, 65 insertions(+), 7 deletions(-)
 rename bin/setup-sourcezap => libexec/sourcezap/commands/sourcezap-setup (83%)
 create mode 100755 libexec/sourcezap/commands/sourcezap-teardown

diff --git a/README.md b/README.md
index ebe29d6..fc955f3 100644
--- a/README.md
+++ b/README.md
@@ -8,15 +8,19 @@ can be installed into `/usr/src/` by root.
 
 ## CLI
 
-### CLI: setup-sourcezap
+### CLI: setup
 
-`setup-sourcezap` should be run after installing sourcezap for
-the first time. <br> There is no harm in running `setup-sourcezap`
+`sourcezap setup` should be run after installing sourcezap for
+the first time. <br> There is no harm in running `sourcezap setup`
 multiple times:
 
     # Add the '_sourcezap' user, group and home directory
     # This command requires root privileges
-    root@localhost# setup-sourcezap
+    root@localhost# sourcezap setup
+
+    # Reverse the changes made by 'sourcezap setup'
+    # This command requires root privileges
+    root@localhost# sourcezap teardown
 
 ### CLI: group
 
diff --git a/bin/sourcezap b/bin/sourcezap
index 0c105c7..db1d9fc 100755
--- a/bin/sourcezap
+++ b/bin/sourcezap
@@ -42,6 +42,12 @@ while [ "${i}" -le "$#" ]; do
 done
 
 case $1 in
+    "setup")
+	"${libexec}"/commands/sourcezap-setup
+	;;
+    "teardown")
+	"${libexec}"/commands/sourcezap-teardown
+	;;
     "clone")
         require_dependency "git doas"
         "${libexec}"/commands/sourcezap-clone "${giturl}" "${gitdir}" "${defaultbranch}"
@@ -68,7 +74,11 @@ case $1 in
     *)
         printf "Usage: sourcezap COMMAND [OPTIONS]\n"
         printf "\n"
-        printf "Commands:\n"
+        printf "Setup\n"
+        printf "  setup       Setup sourcezap for the first time\n"
+        printf "  teardown    Reverse the changes made by 'sourcezap setup'\n"
+        printf "\n"
+        printf "General\n"
         printf "  clone       Clone the HardenedBSD source tree\n"
         printf "  pull        Pull source tree updates\n"
         printf "  checkout    Checkout a branch other than the default\n"
diff --git a/bin/setup-sourcezap b/libexec/sourcezap/commands/sourcezap-setup
similarity index 83%
rename from bin/setup-sourcezap
rename to libexec/sourcezap/commands/sourcezap-setup
index 23402d3..a617f3e 100755
--- a/bin/setup-sourcezap
+++ b/libexec/sourcezap/commands/sourcezap-setup
@@ -3,7 +3,7 @@ set -e
 
 ##
 # variables
-localbase=${LOCALBASE:-$(realpath "$(dirname "$0")"/..)}
+localbase=${LOCALBASE:-$(realpath "$(dirname "$0")"/../../..)}
 libexec="${localbase}"/libexec/sourcezap
 
 ##
diff --git a/libexec/sourcezap/commands/sourcezap-teardown b/libexec/sourcezap/commands/sourcezap-teardown
new file mode 100755
index 0000000..c1fa03f
--- /dev/null
+++ b/libexec/sourcezap/commands/sourcezap-teardown
@@ -0,0 +1,24 @@
+#!/bin/sh
+set -e
+
+##
+# variables
+localbase=${LOCALBASE:-$(realpath "$(dirname "$0")"/../../..)}
+libexec="${localbase}"/libexec/sourcezap
+user=_sourcezap
+
+##
+# functions
+# shellcheck source=/dev/null
+. "${libexec}"/functions/print.sh
+
+##
+# main
+if [ "$(id -u)" = "0" ]; then
+    pw userdel -n "${user}"
+    rm -rf /home/"${user}"/
+    printok "done"
+else
+    printerr "you must be root"
+    exit 1
+fi
diff --git a/man/man8/sourcezap.8 b/man/man8/sourcezap.8
index 9f3096c..712e1a0 100644
--- a/man/man8/sourcezap.8
+++ b/man/man8/sourcezap.8
@@ -6,6 +6,8 @@
 .Nd manages a copy of the HardenedBSD source tree
 .Sh SYNOPSIS
 .br
+.Nm sourcezap setup
+.Nm sourcezap teardown
 .Nm sourcezap clone
 .Nm sourcezap pull
 .Nm sourcezap checkout
@@ -17,7 +19,22 @@ manages a copy of the HardenedBSD source tree.
 The copy of the source tree is maintained by members of
 the '_sourcezap' group, and a copy of the source tree
 can be installed into /usr/src/ by root.
-.Sh EXAMPLES
+.Sh SETUP
+.sp
+.sp
+.Nm sourcezap setup
+.br
+Setup sourcezap for the first time
+.br
+This command requires root privileges
+.Pp
+.Nm sourcezap teardown
+.br
+Reverses the changes made by 'sourcezap setup'
+.br
+This command requires root privileges
+.Pp
+.Sh COMMANDS
 .sp
 .sp
 .Nm sourcezap clone
diff --git a/share/sourcezap/CHANGELOG b/share/sourcezap/CHANGELOG
index 36ed4f2..a7dfb5a 100644
--- a/share/sourcezap/CHANGELOG
+++ b/share/sourcezap/CHANGELOG
@@ -1,5 +1,8 @@
 * vNEXT
 
+** Add 'sourcezap setup', 'sourcezap teardown'
+Replaces and enhances 'setup-sourcezap'
+
 ** Add libexec/sourcezap/commands/sourcezap-sh
 Runs /bin/sh within /home/_sourcezap/src/ as the '_sourcezap' user