if [ $1 -eq 1 ]; then
  # Initial installation
  # Add user and group
  if ! getent group sftpgo >/dev/null; then
    /usr/sbin/groupadd --system sftpgo
  fi
  if ! getent passwd sftpgo >/dev/null; then
    /usr/sbin/useradd --system \
      --gid sftpgo \
      --no-create-home \
      --home-dir /var/lib/sftpgo \
      --shell /sbin/nologin \
      --comment "SFTPGo user" \
      sftpgo
  fi
  # initialize data provider
  /usr/bin/sftpgo initprovider -c /etc/sftpgo
  # ensure files and folders have the appropriate permissions
  /usr/bin/chown -R sftpgo:sftpgo /etc/sftpgo /var/lib/sftpgo /srv/sftpgo
  /usr/bin/chmod 750 /etc/sftpgo /etc/sftpgo/env.d /var/lib/sftpgo /srv/sftpgo
  /usr/bin/chmod 640 /etc/sftpgo/sftpgo.json
fi

# adjust permissions for /srv/sftpgo, /etc/sftpgo/env.d and /var/lib/sftpgo
if [ -d /srv/sftpgo ]; then
    /usr/bin/chown sftpgo:sftpgo /srv/sftpgo
    /usr/bin/chmod 750 /srv/sftpgo
fi

if [ -d /etc/sftpgo/env.d ]; then
    /usr/bin/chown sftpgo:sftpgo /etc/sftpgo/env.d
    /usr/bin/chmod 750 /etc/sftpgo/env.d
fi

if [ -d /var/lib/sftpgo ]; then
    /usr/bin/chown sftpgo:sftpgo /var/lib/sftpgo
    /usr/bin/chmod 750 /var/lib/sftpgo
fi

# set the cap_net_bind_service capability so the service can bind to privileged ports
setcap cap_net_bind_service=+ep /usr/bin/sftpgo || :

# reload to pick up any changes to systemd files
/bin/systemctl daemon-reload >/dev/null 2>&1 || :