#!/bin/bash

#=================================================
# GENERIC START
#=================================================
# IMPORT GENERIC HELPERS
#=================================================

source _common.sh
source ynh_send_readme_to_admin__2
source /usr/share/yunohost/helpers

#=================================================
# MANAGE SCRIPT FAILURE
#=================================================

ynh_clean_setup () {
	# Clean installation remaining that are not handle by the remove script.
	ynh_clean_check_starting
	# Stop change_port()
	ynh_exec_warn_less kill -s 15 $pid_change_port

	# Clean hosts
	sed -i '/#jenkins/d' /etc/hosts
}
# Exit if an error occurs during the execution of the script
ynh_abort_if_errors

#=================================================
# RETRIEVE ARGUMENTS FROM THE MANIFEST
#=================================================

domain=$YNH_APP_ARG_DOMAIN
path_url=$YNH_APP_ARG_PATH
is_public=$YNH_APP_ARG_IS_PUBLIC

app=$YNH_APP_INSTANCE_NAME

#=================================================
# CHECK IF THE APP CAN BE INSTALLED WITH THESE ARGS
#=================================================
ynh_script_progression --message="Validating installation parameters..."

final_path=/var/lib/$app
test ! -e "$final_path" || ynh_die --message="This path already contains a folder"

# Register (book) web path
ynh_webpath_register --app=$app --domain=$domain --path_url=$path_url

#=================================================
# STORE SETTINGS FROM MANIFEST
#=================================================
ynh_script_progression --message="Storing installation settings..." --weight=3

ynh_app_setting_set --app=$app --key=domain --value=$domain
ynh_app_setting_set --app=$app --key=path --value=$path_url
ynh_app_setting_set --app=$app --key=overwrite_nginx --value=1
ynh_app_setting_set --app=$app --key=admin_mail_html --value=1

#=================================================
# STANDARD MODIFICATIONS
#=================================================
# FIND AND OPEN A PORT
#=================================================
ynh_script_progression --message="Finding an available port..." --weight=2

# Find an available port
port=$(ynh_find_port --port=8080)
ynh_app_setting_set --app=$app --key=port --value=$port

#=================================================
# INSTALL DEPENDENCIES
#=================================================
ynh_script_progression --message="Installing dependencies..." --weight=30

ynh_install_app_dependencies $pkg_dependencies

#=================================================
# DOWNLOAD, CHECK AND UNPACK SOURCE
#=================================================
ynh_script_progression --message="Setting up source files..."

ynh_app_setting_set --app=$app --key=final_path --value=$final_path
# Download, check integrity, uncompress and patch the source from app.src
ynh_setup_source --dest_dir="../conf"

#=================================================
# NGINX CONFIGURATION
#=================================================
ynh_script_progression --message="Configuring NGINX web server..." --weight=2

# Create a dedicated NGINX config
ynh_add_nginx_config

#=================================================
# SPECIFIC SETUP
#=================================================
# FIX THE PORT TO USE
#=================================================
ynh_script_progression --message="Fixing the port in Jenkins config..." --weight=2

change_port() {
	# Wait for the creation of the jenkins service file
	timeout=600
	for j in `seq 1 $timeout`
	do
		# Wait for an update of plugin repositories
		if test -e /etc/default/jenkins; then
			break;
		else
			sleep 0.5
		fi
	done
	# And modify the port as soon as possible, to prevent a crach of jenkins if the default port is already used.
	ynh_replace_string --match_string="^HTTP_PORT=.*" --replace_string="HTTP_PORT=$port" --target_file=/etc/default/jenkins
}
change_port &
pid_change_port=$!

#=================================================
# INSTALL JENKINS
#=================================================
ynh_script_progression --message="Installing Jenkins..." --weight=30

# Download jenkins deb file and install it.
dpkg --install --force-confnew ../conf/jenkins.deb

#=================================================
# SETUP APPLICATION
#=================================================
ynh_script_progression --message="Setuping application..." --weight=30

# Set the app as temporarily public for jenkins-cli.jar
ynh_script_progression --message="Configuring SSOwat..."
# Making the app public for curl
ynh_permission_update --permission="main" --add="visitors"
# Reload SSOwat config
yunohost app ssowatconf

# Ignore Setup Wizard
ynh_replace_string --match_string="\-Djava.awt.headless=true" --replace_string="& -Djenkins.install.runSetupWizard=false" --target_file=/etc/default/jenkins

if [ "$path_url" != "/" ]
then
	# Add the path, in case of sub-path installation, into jenkins' boot options
	sed -i "$ s@--httpPort=\$HTTP_PORT@& --prefix=$path_url@g" /etc/default/jenkins
fi

config_OK=0
timeout=3600
# Add the domain to /etc/hosts, to prevent any dns delay
echo "127.0.0.1 $domain #jenkins" | tee -a /etc/hosts

# Wait for Jenkins to be fully started
ynh_systemd_action --service_name=$app --action="restart" --line_match="Jenkins is fully up and running" --log_path="/var/log/$app/$app.log" --timeout="$timeout"

# Enable Jenkins CLI Protocol/2 for jenkins-cli
# That the only protocol that allow connection without an authenticated user...
ynh_replace_string --match_string="<slaveAgentPort>0</slaveAgentPort>" --replace_string="&\n<enabledAgentProtocols><string>CLI2-connect</string></enabledAgentProtocols>" --target_file=/var/lib/jenkins/config.xml

# Wait for Jenkins to be fully started
ynh_systemd_action --service_name=$app --action="restart" --line_match="Jenkins is fully up and running" --log_path="/var/log/$app/$app.log" --timeout="$timeout"

ynh_script_progression --message="Installing plugins..." --weight=60

# If the log says that jenkins has started, install the plugins
wget -nv --no-check-certificate https://$domain${path_url%/}/jnlpJars/jenkins-cli.jar -O /var/lib/jenkins/jenkins-cli.jar 2>&1
for i in `seq 1 $timeout`
do
	# Wait for an update of plugin repositories
	if test -e /var/lib/jenkins/updates/default.json; then
		break;
	else
		echo -n "."
		sleep 1
	fi
done

# Remove the public access
ynh_permission_update --permission="main" --remove="visitors"

ynh_replace_string --match_string="<useSecurity>true</useSecurity>" --replace_string="<useSecurity>false</useSecurity>" --target_file=/var/lib/jenkins/config.xml
ynh_systemd_action --service_name=$app --action="restart" --line_match="Jenkins is fully up and running" --log_path="/var/log/$app/$app.log" --timeout="$timeout"

jenkins_cli="ynh_exec_warn_less java -jar /var/lib/jenkins/jenkins-cli.jar -s http://${domain}:${port}${path_url%/}"

# Install plugins for http authentication and ldap.
$jenkins_cli install-plugin reverse-proxy-auth-plugin

# Install recommended plugins (those from Setup Wizard)
$jenkins_cli install-plugin cloudbees-folder	# Folders Plugin
$jenkins_cli install-plugin antisamy-markup-formatter	# OWASP Markup Formatter Plugin
$jenkins_cli install-plugin pam-auth	# PAM Authentication plugin
$jenkins_cli install-plugin mailer	# Mailer Plugin
$jenkins_cli install-plugin ldap	# LDAP Plugin
$jenkins_cli install-plugin matrix-auth	# Matrix Authorization Strategy Plugin
$jenkins_cli install-plugin build-timeout	# Build timeout plugin
$jenkins_cli install-plugin credentials-binding	# Credentials Binding Plugin
$jenkins_cli install-plugin timestamper	# Timestamper
$jenkins_cli install-plugin ws-cleanup	# Workspace Cleanup Plugin
$jenkins_cli install-plugin ant	# Ant Plugin
$jenkins_cli install-plugin gradle	# Gradle Plugin
$jenkins_cli install-plugin workflow-aggregator	# Pipeline
$jenkins_cli install-plugin pipeline-stage-view	# Pipeline: Stage View Plugin
$jenkins_cli install-plugin git	# Git plugin
$jenkins_cli install-plugin github-organization-folder	# GitHub Organization Folder Plugin
$jenkins_cli install-plugin subversion	# Subversion Plug-in
$jenkins_cli install-plugin email-ext	# Email Extension Plugin
$jenkins_cli install-plugin ssh-slaves	# SSH Slaves plugin

# Install extra comfort plugins
# Handle terminal colours. Enhance the readability of the terminal.
$jenkins_cli install-plugin ansicolor
# Monitoring of the local file system. Allow to monitor a directory and trig a job if a file has been modified.
$jenkins_cli install-plugin fstrigger

# Set global security with ldap
cp ../conf/config.xml /var/lib/jenkins/
chown jenkins: /var/lib/jenkins/config.xml

# Clean hosts file
sed -i '/#jenkins/d' /etc/hosts

#=================================================
# STORE THE CONFIG FILE CHECKSUM
#=================================================
ynh_script_progression --message="Storing the config file checksum..."

# Calculate and store the config file checksum into the app settings
ynh_store_file_checksum --file="/etc/default/jenkins"
ynh_store_file_checksum --file="/var/lib/jenkins/config.xml"

#=================================================
# GENERIC FINALIZATION
#=================================================
# SECURE FILES AND DIRECTORIES
#=================================================
ynh_script_progression --message="Securing files and directories..."

# Set permissions to app files
chown -R $app:$app $final_path

#=================================================
# INTEGRATE SERVICE IN YUNOHOST
#=================================================
ynh_script_progression --message="Integrating service in YunoHost..."

yunohost service add $app --description="Extendable continuous integration server" --log="/var/log/$app/$app.log"

#=================================================
# START SYSTEMD SERVICE
#=================================================
ynh_script_progression --message="Starting a systemd service..." --weight=20

# Start a systemd service
ynh_systemd_action --service_name=$app --action="restart" --line_match="Jenkins is fully up and running" --log_path="/var/log/$app/$app.log" --timeout="$timeout"

#=================================================
# SETUP SSOWAT
#=================================================
ynh_script_progression --message="Configuring permissions..." --weight=9

# Make app public if necessary
if [ $is_public -eq 1 ]
then
	# Everyone can access the app.
	# The "main" permission is automatically created before the install script.
	ynh_permission_update --permission="main" --add="visitors"
fi

# /path/github-webhook has to be accessible for github's webhooks
ynh_permission_create --permission="github-webhook" --url "/github-webhook" --allowed="visitors" --show_tile="false" --protected="true"

#=================================================
# RELOAD NGINX
#=================================================
ynh_script_progression --message="Reloading NGINX web server..."

ynh_systemd_action --service_name=nginx --action=reload

#=================================================
# SEND A README FOR THE ADMIN
#=================================================

# Get main domain and buid the url of the admin panel of the app.
admin_panel="https://$(grep portal_domain /etc/ssowat/conf.json | cut -d'"' -f4)/yunohost/admin/#/apps/$app"

echo "You can configure this app easily by using the experimental __URL_TAG1__config-panel feature__URL_TAG2__$admin_panel/config-panel__URL_TAG3__.
You can also find some specific actions for this app by using the experimental __URL_TAG1__action feature__URL_TAG2__$admin_panel/actions__URL_TAG3__.

If you're facing an issue or want to improve this app, please open a new issue in this __URL_TAG1__project__URL_TAG2__https://github.com/YunoHost-Apps/jenkins_ynh__URL_TAG3__." > mail_to_send

ynh_send_readme_to_admin --app_message="mail_to_send" --recipients="root" --type=install

#=================================================
# END OF SCRIPT
#=================================================

ynh_script_progression --message="Installation of $app completed" --last