#!/bin/bash

#=================================================
# GENERIC START
#=================================================
# IMPORT GENERIC HELPERS
#=================================================

source ../settings/scripts/_common.sh
source /usr/share/yunohost/helpers

#=================================================
# MANAGE SCRIPT FAILURE
#=================================================

# Exit if an error occurs during the execution of the script
ynh_abort_if_errors

#=================================================
# LOAD SETTINGS
#=================================================
ynh_print_info "Loading settings..."

app=$YNH_APP_INSTANCE_NAME

domain=$(ynh_app_setting_get $app domain)
path_url=$(ynh_app_setting_get $app path)
final_path=$(ynh_app_setting_get $app final_path)

#=================================================
# CHECK IF THE APP CAN BE RESTORED
#=================================================
ynh_print_info "Validating restoration parameters..."

ynh_webpath_available $domain $path_url \
	|| ynh_die "Path not available: ${domain}${path_url}"
test ! -d $final_path \
	|| ynh_die "There is already a directory: $final_path "

#=================================================
# STANDARD RESTORATION STEPS
#=================================================
# RESTORE THE NGINX CONFIGURATION
#=================================================

ynh_restore_file "/etc/nginx/conf.d/$domain.d/$app.conf"

#=================================================
# RESTORE THE APP MAIN DIR
#=================================================
ynh_print_info "Restoring the app main directory..."

ynh_restore_file "$final_path"

#=================================================
# RECREATE THE DEDICATED USER
#=================================================
ynh_print_info "Recreating the dedicated system user..."

# Create the dedicated user (if not existing)
ynh_system_user_create $app

#=================================================
# RESTORE USER RIGHTS
#=================================================

# Try to use "least privilege" to grant minimal access
# For details, see https://www.dokuwiki.org/install:permissions

# DokuWiki needs to write inside these folders. Make "DokuWiki" owner
chown $app:root $final_path/{conf,inc}

# Make "DokuWiki" owner of configuration files that must be writable
chown $app:root $final_path/conf/{local.php,local.php.bak,users.auth.php,acl.auth.php,plugins.local.php,plugins.local.php.bak}

# Usefull for some plugins like https://www.dokuwiki.org/plugin:siteexport
# See https://www.dokuwiki.org/devel:preload
chown $app:root $final_path/inc/preload.php

# Give write access to "data" and subfolders
chown -R $app:root $final_path/data

# Allow the web admin panel to run, aka "Extension Manager"
chown -R $app:root $final_path/lib/plugins
# Allow to install templates
chown -R $app:root $final_path/lib/tpl

#=================================================
# RESTORE THE PHP-FPM CONFIGURATION
#=================================================

ynh_restore_file "/etc/php/7.0/fpm/pool.d/$app.conf"

#=================================================
# RESTORE FAIL2BAN CONFIGURATION
#=================================================
ynh_script_progression --message="Restoring the fail2ban configuration..." --weight=7

ynh_restore_file --origin_path="/etc/fail2ban/jail.d/$app.conf"
ynh_restore_file --origin_path="/etc/fail2ban/filter.d/$app.conf"
ynh_systemd_action --action=restart --service_name=fail2ban

#=================================================
# GENERIC FINALIZATION
#=================================================
# RELOAD NGINX AND PHP-FPM
#=================================================
ynh_print_info "Reloading nginx web server and php-fpm..."

systemctl reload php7.0-fpm
systemctl reload nginx

#=================================================
# END OF SCRIPT
#=================================================

ynh_print_info "Restoration completed for $app"