#!/bin/bash

source _common.sh
source /usr/share/yunohost/helpers

#=================================================
# NGINX CONFIGURATION
#=================================================
ynh_script_progression "Upgrading NGINX web server configuration..."

# Create a dedicated NGINX config
ynh_config_add_nginx

#=================================================
# UPGRADING COUCHDB
#=================================================

# FIXME: this is still supported but the recommendation is now to *always* re-setup the app sources wether or not the upstream sources changed
if ynh_app_upstream_version_changed
then
	ynh_script_progression "Upgrading CouchDB..."

	echo "\
	couchdb couchdb/mode select standalone
	couchdb couchdb/mode seen true
	couchdb couchdb/bindaddress string 127.0.0.1
	couchdb couchdb/bindaddress seen true
	couchdb couchdb/cookie string $password
	couchdb couchdb/adminpass password $password
	couchdb couchdb/adminpass seen true
	couchdb couchdb/adminpass_again password $password
	couchdb couchdb/adminpass_again seen true" | debconf-set-selections
	DEBIAN_FRONTEND=noninteractive # apt-get install -y --force-yes couchdb

	ynh_apt_install_dependencies_from_extra_repository \
		--repo="deb https://apache.jfrog.io/artifactory/couchdb-deb/ $(lsb_release -c -s) main" \
		--key="https://couchdb.apache.org/repo/keys.asc" \
		--package="couchdb"
fi

#=================================================
# UPDATE A CONFIG FILE
#=================================================
ynh_script_progression "Updating configuration..."

ynh_config_add --template="couch_ynh.ini" --destination="$install_dir/etc/local.d/couch_ynh.ini"

#REMOVEME? Assuming the install dir is setup using ynh_setup_source, the proper chmod/chowns are now already applied and it shouldn't be necessary to tweak perms | chmod 750 "$install_dir"
#REMOVEME? Assuming the install dir is setup using ynh_setup_source, the proper chmod/chowns are now already applied and it shouldn't be necessary to tweak perms | chmod -R o-rwx "$install_dir"
#REMOVEME? Assuming the install dir is setup using ynh_setup_source, the proper chmod/chowns are now already applied and it shouldn't be necessary to tweak perms | chown -R "$app:$app" "$install_dir"
#=================================================
# SETUP LOGROTATE
#=================================================
ynh_script_progression "Upgrading logrotate configuration..."

# Use logrotate to manage app-specific logfile(s)
ynh_config_add_logrotate

#=================================================
# INTEGRATE SERVICE IN YUNOHOST
#=================================================
ynh_script_progression "Integrating service in YunoHost..."

yunohost service add $app --description="Open-source document-oriented NoSQL database" --log="/var/log/$app/$app.log" --needs_exposed_ports "$port"

#=================================================
# UPGRADE FAIL2BAN
#=================================================
ynh_script_progression "Reconfiguring Fail2Ban..."

# Create a dedicated Fail2Ban config
ynh_config_add_fail2ban --logpath="/var/log/couchdb/couchdb.log" --failregex="[warning] .*couch_httpd_auth: Authentication failed for user .+ from <HOST>"

#=================================================
# END OF SCRIPT
#=================================================

ynh_script_progression "Upgrade of $app completed"