#!/bin/bash

#=================================================
# GENERIC START
#=================================================
# IMPORT GENERIC HELPERS
#=================================================

source _common.sh
source /usr/share/yunohost/helpers


admin_mail=$(ynh_user_get_info --username="$admin" --key=mail)

if  [ $public_library -eq 1 ]; then 
	calibre_dir=$DOSSIER_MEDIA/share/eBook
else # library is private
	calibre_dir=$DOSSIER_MEDIA/$admin/eBook
fi

#=================================================
# STANDARD MODIFICATIONS
#=================================================

#=================================================
# DOWNLOAD, CHECK AND UNPACK SOURCE
#=================================================
ynh_script_progression --message="Installing and patching sources to $install_dir..." --weight=10
#REMOVEME? ynh_app_setting_set $app install_dir $install_dir

#Set settings constant initializer of the app
ynh_add_config --template="../sources/patches/main-config_sql.py.patch.src" --destination="../sources/patches/main-config_sql.py.patch"
ynh_add_config --template="../sources/patches/main-ub.py.patch.src" --destination="../sources/patches/main-ub.py.patch"
ynh_add_config --template="../sources/patches/main-constants.py.patch.src" --destination="../sources/patches/main-constants.py.patch"

# Download, check integrity, uncompress and patch the source from app.src
ynh_setup_source --dest_dir="$install_dir"

# Remove the patch for web.py in case visitor are allowed
if $(ynh_permission_has_user --permission=main --user=visitors); then
	patch -u /$install_dir/cps/web.py -i ../conf/web.py.revert.patch
fi

#install kepubify converter
ynh_script_progression --message="Installing kepubify..." --weight=1
ynh_setup_source --dest_dir="/opt/kepubify/$app/" --source_id="kepubify"


#=================================================
# INSTALL DEPENDENCIES
#=================================================

#Use venv to install pip requirements - Inspired from https://github.com/YunoHost-Apps/pyinventory_ynh/blob/master/scripts/install
ynh_script_progression --message="Installing pip requirements..." --weight=70
# Always recreate everything fresh with current python version
if [ -d "${install_dir}/venv" ] ; then
	ynh_secure_remove "${install_dir}/venv"
fi

# Skip pip because of: https://github.com/YunoHost/issues/issues/1960
python3 -m venv --without-pip "${install_dir}/venv"
chown -R "$app:" "$install_dir"

#run source in a 'sub shell'
(
	set +o nounset
	source "${install_dir}/venv/bin/activate"
	set -o nounset
	ynh_exec_as $app $install_dir/venv/bin/python3 -m ensurepip
	ynh_exec_as $app $install_dir/venv/bin/pip3 install --upgrade wheel pip setuptools
	ynh_exec_as $app $install_dir/venv/bin/pip3 install --no-cache-dir --upgrade -r "$install_dir/requirements.txt"
	ynh_exec_as $app $install_dir/venv/bin/pip3 install --no-cache-dir --upgrade -r "$install_dir/optional-requirements.txt"
)

#=================================================
# CREATE FILES AND DIRECTORIES
#=================================================
ynh_script_progression --message="Creating files and directory..." --weight=5

#build multimedia directory
ynh_multimedia_build_main_dir
ynh_multimedia_addaccess $app

#Check if metadata.db file exists. If not create it (empty library)
if [ ! -e "$calibre_dir"/metadata.db ]; then
	cp -a ../conf/metadata.db.empty $calibre_dir/metadata.db
	chown $app:$app $calibre_dir/*
fi

ynh_app_setting_set $app calibre_dir $calibre_dir

#=================================================
# NGINX CONFIGURATION
#=================================================
ynh_script_progression --message="Setting up system configuration..." --weight=5

#Cannot use empty string for X-script-name, causes an issue in the python prg
#https://github.com/janeczku/calibre-web/wiki/Setup-Reverse-Proxy#nginx
if [ $path = "/" ] ; then
	ynh_replace_string "        proxy_set_header	X-Script-Name" "#        proxy_set_header	X-Script-Name" ../conf/nginx.conf
fi

#
if $(ynh_permission_has_user --permission=main --user=visitors); then
	ynh_replace_string --match_string="        proxy_set_header	X-Remote-User" \
	                   --replace_string="#       proxy_set_header	X-Remote-User" \
	                   --target_file="../conf/nginx.conf"
fi

# Create a dedicated nginx config
ynh_add_nginx_config


#=================================================
# SETUP SYSTEMD
#=================================================

# Create a dedicated systemd config
ynh_add_systemd_config

#=================================================
# SETUP LOGROTATE
#=================================================
# Use logrotate to manage application logfile(s)
ynh_use_logrotate --logfile="$log_file"
ynh_use_logrotate --logfile="$access_log_file"
chown -R $app:$app /var/log/$app


#=================================================
# SPECIFIC SETUP
#=================================================
#Update Imagick policy as per https://github.com/janeczku/calibre-web/wiki/FAQ#what-to-do-if-cover-pictures-are-not-extracted-from-pdf-files
ynh_replace_string --match_string="<policy domain="coder" rights="none" pattern="PDF" />" \
		--replace_string="<policy domain="coder" rights="read" pattern="PDF" />" \
		--target_file="/etc/ImageMagick-6/policy.xml"



#=================================================
# INTEGRATE SERVICE IN YUNOHOST
#=================================================

yunohost service add $app --description="Browse eBook in the web" --log="$log_file"


#=================================================
# GENERIC FINALIZATION
#=================================================
# SECURE FILES AND DIRECTORIES
#=================================================

chown -R $app: $install_dir
chmod 740 $install_dir
chown -R $app: /opt/kepubify/$app
chmod 770 /opt/kepubify/$app/kepubify

#=================================================
# SETUP FAIL2BAN
#=================================================
ynh_script_progression --message="Configuring Fail2Ban..." --weight=8

# Make sure a log file exists (mostly for CI tests)
if [ ! -f "$log_file" ]; then
	touch "$log_file"
	chown $app: "$log_file"
fi

# Create a dedicated Fail2Ban config
ynh_add_fail2ban_config --logpath="$log_file" --failregex="^.*LDAP Login failed for user .* IP-address: <HOST>.*$" --max_retry=5


#=================================================
# RELOAD NGINX
#=================================================
ynh_script_progression --message="Start $app..." --weight=5
ynh_systemd_action --service_name=$app --action="start" --line_match="Starting Gevent server on" -t 30

#Setting the proxy authentication in case calibre is not open to visitor. 
#https://github.com/janeczku/calibre-web/wiki/Setup-Reverse-Proxy#login-via-header-from-upstream-authentication-source
#We need to update the sso login parameter, but for that the app needs to have run at least once to initialize the tables.
if ! $(ynh_permission_has_user --permission=main --user=visitors); then
	ynh_systemd_action --service_name=$app --action="stop"
	sqlite3 $install_dir/app.db "UPDATE settings SET config_reverse_proxy_login_header_name='X-Remote-User', config_allow_reverse_proxy_header_login=1 WHERE ID=1;"
	ynh_systemd_action --service_name=$app --action="start" --line_match="Starting Gevent server on"
fi

#=================================================
# END OF SCRIPT
#=================================================
ynh_script_progression --message="Installation of $app completed" --last