#!/bin/bash
set -eu

# Charge les fonctions génériques habituellement utilisées dans le script
source fonctions

# Active trap pour arrêter le script si une erreur est détectée.
TRAP_ON

# Source app helpers
source /usr/share/yunohost/helpers

# We retrieve app parameters
app=$YNH_APP_INSTANCE_NAME

# We check variables are not empty
CHECK_VAR "$app" "app name not set"

path=$(ynh_app_setting_get $app path)
domain=$(ynh_app_setting_get $app domain)
final_path=$(ynh_app_setting_get $app final_path)
finalnginxconf=$(ynh_app_setting_get $app finalnginxconf)
finalphpconf=$(ynh_app_setting_get $app finalphpconf)
runninguser=$(ynh_app_setting_get $app runninguser)
calibrepath=$(ynh_app_setting_get $app calibrepath)
basicauthcreate=$(ynh_app_setting_get $app basicauthcreate)

# We check that calibrepath is correct
CHECK_CALIBREPATH

# Add basic auth if requested
if [ "$basicauthcreate" = "Yes" ];
then
	basicauthuser=$(ynh_app_setting_get $app basicauthuser)
	basicauthpass=$(ynh_app_setting_get $app basicauthpass)

        # Generation of the htpasswd file according https://www.nginx.com/resources/wiki/community/faq/
        SALT="$(openssl rand -base64 3)"
        (SHA1=$(printf "$basicauthpass$SALT" |
        openssl dgst -binary -sha1 | xxd -ps |
        sed 's#$#'"`echo -n $SALT | xxd -ps`"'#' |
        xxd -r -ps |
        base64);printf "$basicauthuser:{SSHA}$SHA1\n" >> ../sources/htpasswd)

        # Modif nginx
        sed -i "s|^.*\bauth_basic\b.*$|    auth_basic \"Private Library\";|" ../conf/nginx.conf;
        sed -i "s|^.*\bauth_basic_user_file\b.*$|    auth_basic_user_file $final_path/htpasswd;|" ../conf/nginx.conf;
else
        echo "No basic auth";
fi


# We install dependencies
sudo apt-get install --quiet --assume-yes php5-gd php5-sqlite php5-json php5-intl

# Modify Nginx configuration file and copy it to Nginx conf directory
sed -i "s@PATHTOCHANGE@$path@g" ../conf/nginx.conf
sed -i "s@ALIASTOCHANGE@$final_path/@g" ../conf/nginx.conf
sed -i "s@NAMETOCHANGE@$app@g" ../conf/nginx.conf
sudo cp ../conf/nginx.conf $finalnginxconf


sed -i "s@NAMETOCHANGE@$app@g" ../conf/php-fpm.conf
sed -i "s@FOLDERTOCHANGE@$final_path@g" ../conf/php-fpm.conf
sed -i "s@USERTOCHANGE@$runninguser@g" ../conf/php-fpm.conf

sudo cp ../conf/php-fpm.conf $finalphpconf
sudo chown root: $finalphpconf
sudo chmod 644 $finalphpconf

# Removal of old folder and restart from fresh
sudo rm -rf $final_path
sudo mkdir -p $final_path

# Site adjustments
sudo cp ../conf/config_local.php ../sources/
sed -i "s@CALIBRETOCHANGE@$calibrepath@g" ../sources/config_local.php
timezone=`sudo cat /etc/timezone`;
sed -i "s@TIMEZONETOCHANGE@$timezone@g" ../sources/config_local.php

sudo cp ../conf/robots.txt ../sources/

# Base site
sudo cp -a ../sources/* $final_path/

# We adjust permissions
sudo chmod 775 -R $final_path
sudo chown -hR $runninguser:$runninguser $final_path

if [ "$basicauthcreate" = "Yes" ];
then
        sudo chmod 440 $final_path/htpasswd
        sudo chown www-data:www-data $final_path/htpasswd
else
        echo "Nothing to do"
fi


# Make app public if necessary
is_public=$(ynh_app_setting_get $app is_public)
if [ "$is_public" = "Yes" ];
then
	ynh_app_setting_set $app skipped_uris "/"
else
	ynh_app_setting_set $app protected_uris "/"
fi

# Reload Nginx and regenerate SSOwat conf
sudo service php5-fpm reload
sudo service nginx reload
sudo yunohost app ssowatconf