#!/bin/bash
set -e

case "$1" in
    configure)
        # Create necessary directories
        mkdir -p /etc/cybertection
        mkdir -p /var/lib/cybertection/threat-detect
        mkdir -p /var/log/cybertection

        # Set permissions
        chown -R root:root /etc/cybertection
        chown -R root:root /var/lib/cybertection
        chown -R root:root /var/log/cybertection
        chmod 750 /etc/cybertection
        chmod 750 /var/lib/cybertection
        chmod 755 /var/log/cybertection

        # Create default config if it doesn't exist
        if [ ! -f /etc/cybertection/threat-detect.conf ]; then
            cat > /etc/cybertection/threat-detect.conf << 'EOF'
# Cybertection Threat Detection Configuration
[threat_detect]
enabled = true
auto_start = false
log_level = INFO
monitor_dirs = /home,/opt,/srv
scan_interval = 3600
rules_dir = /var/lib/cybertection/threat-detect/rules
EOF
            chmod 600 /etc/cybertection/threat-detect.conf
        fi

        # Reload systemd daemon
        systemctl daemon-reload || true
        
        echo "Cybertection Threat Detect installed successfully"
        echo "To start the service: sudo systemctl start cybertection-threat-detect"
        echo "To enable auto-start: sudo systemctl enable cybertection-threat-detect"
        ;;
esac

exit 0
