#!/bin/bash

#=================================================
# GENERIC STARTING
#=================================================
# IMPORT GENERIC HELPERS
#=================================================

source _common.sh
source /usr/share/yunohost/helpers
# Load common variables for all scripts.
source _variables

#=================================================
# MANAGE FAILURE OF THE SCRIPT
#=================================================

ynh_clean_setup () {
	# Clean installation remaining that are not handle by the remove script.
	ynh_clean_check_starting
	# Stop change_port()
	ynh_exec_warn_less kill -s 15 $pid_change_port

	# Clean hosts
	sed -i '/#jenkins/d' /etc/hosts
}
# Exit if an error occurs during the execution of the script
ynh_abort_if_errors

#=================================================
# RETRIEVE ARGUMENTS FROM THE MANIFEST
#=================================================

domain=$YNH_APP_ARG_DOMAIN
path_url=$YNH_APP_ARG_PATH
is_public=$YNH_APP_ARG_IS_PUBLIC

app=$YNH_APP_INSTANCE_NAME

#=================================================
# CHECK IF THE APP CAN BE INSTALLED WITH THIS ARGS
#=================================================

final_path=/var/lib/$app
test ! -e "$final_path" || ynh_die "This path already contains a folder"

# Normalize the url path syntax
path_url=$(ynh_normalize_url_path $path_url)

# Register (book) web path
ynh_webpath_register $app $domain $path_url

#=================================================
# STORE SETTINGS FROM MANIFEST
#=================================================

ynh_app_setting_set $app domain $domain
ynh_app_setting_set $app path $path_url
ynh_app_setting_set $app is_public $is_public
ynh_app_setting_set $app final_path $final_path
ynh_app_setting_set $app overwrite_nginx "1"

#=================================================
# STANDARD MODIFICATIONS
#=================================================
# FIND AND OPEN A PORT
#=================================================

# Find a free port
port=$(ynh_find_port 8080)
ynh_app_setting_set $app port $port

#=================================================
# INSTALL DEPENDENCIES
#=================================================

ynh_install_app_dependencies $app_depencencies

#=================================================
# NGINX CONFIGURATION
#=================================================

# Create a dedicated nginx config
ynh_add_nginx_config

#=================================================
# SPECIFIC SETUP
#=================================================
# FIX THE PORT TO USE
#=================================================

change_port() {
	# Wait for the creation of the jenkins service file
	timeout=600
	for j in `seq 1 $timeout`
	do
		# Wait for an update of plugin repositories
		if test -e /etc/default/jenkins; then
			break;
		else
			sleep 0.5
		fi
	done
	# And modify the port as soon as possible, to prevent a crach of jenkins if the default port is already used.
	ynh_replace_string "^HTTP_PORT=.*" "HTTP_PORT=$port" /etc/default/jenkins
}
change_port &
pid_change_port=$!

#=================================================
# INSTALL JENKINS
#=================================================

# Download jenkins deb file and install it.
ynh_download_file --dest_dir="../conf"
dpkg --install --force-confnew ../conf/jenkins.deb

#=================================================
# SETUP JENKINS
#=================================================

# Ignore Setup Wizard
ynh_replace_string "-Djava.awt.headless=true" "& -Djenkins.install.runSetupWizard=false" /etc/default/jenkins

if [ "$path_url" != "/" ];
then
	# Add the path, in case of sub-path installation, into jenkins' boot options
	sed -i "$ s@--httpPort=\$HTTP_PORT@& --prefix=$path_url@g" /etc/default/jenkins
fi

#=================================================
# FORCE PUBLIC ACCESS
#=================================================

# Jenkins has to be public, at least for jenkins-cli.jar
ynh_app_setting_set $app unprotected_uris "/"

ynh_systemd_action --action=reload --service_name=nginx
yunohost app ssowatconf

#=================================================
# ADVERTISE SERVICE IN ADMIN PANEL
#=================================================

yunohost service add $app --log /var/log/$app/$app.log

#=================================================
# CHECK JENKINS STARTING
#=================================================

config_OK=0
timeout=3600
# Add the domain to /etc/hosts, to prevent any dns delay
echo "127.0.0.1 $domain #jenkins" | tee -a /etc/hosts

# Wait for Jenkins to be fully started
ynh_systemd_action --action=restart --line_match="Jenkins is fully up and running" --log_path="/var/log/$app/$app.log" --timeout="$timeout"

# Enable Jenkins CLI Protocol/2 for jenkins-cli
# That the only protocol that allow connection without an authenticated user...
ynh_replace_string "<slaveAgentPort>0</slaveAgentPort>" "&\n<enabledAgentProtocols><string>CLI2-connect</string></enabledAgentProtocols>" /var/lib/jenkins/config.xml

# Wait for Jenkins to be fully started
ynh_systemd_action --action=restart --line_match="Jenkins is fully up and running" --log_path="/var/log/$app/$app.log" --timeout="$timeout"

# If the log says that jenkins has started, install the plugins
wget -nv --no-check-certificate https://$domain$path_url/jnlpJars/jenkins-cli.jar -O /var/lib/jenkins/jenkins-cli.jar
for i in `seq 1 $timeout`
do
	# Wait for an update of plugin repositories
	if test -e /var/lib/jenkins/updates/default.json; then
		break;
	else
		echo -n "."
		sleep 1
	fi
done

jenkins_cli="ynh_exec_warn_less java -jar /var/lib/jenkins/jenkins-cli.jar -remoting -s http://$domain$path_url"

# Install plugins for http authentication and ldap.
$jenkins_cli install-plugin reverse-proxy-auth-plugin

# Install recommended plugins (those from Setup Wizard)
$jenkins_cli install-plugin cloudbees-folder	# Folders Plugin
$jenkins_cli install-plugin antisamy-markup-formatter	# OWASP Markup Formatter Plugin
$jenkins_cli install-plugin pam-auth	# PAM Authentication plugin
$jenkins_cli install-plugin mailer	# Mailer Plugin
$jenkins_cli install-plugin ldap	# LDAP Plugin
$jenkins_cli install-plugin matrix-auth	# Matrix Authorization Strategy Plugin
$jenkins_cli install-plugin build-timeout	# Build timeout plugin
$jenkins_cli install-plugin credentials-binding	# Credentials Binding Plugin
$jenkins_cli install-plugin timestamper	# Timestamper
$jenkins_cli install-plugin ws-cleanup	# Workspace Cleanup Plugin
$jenkins_cli install-plugin ant	# Ant Plugin
$jenkins_cli install-plugin gradle	# Gradle Plugin
$jenkins_cli install-plugin workflow-aggregator	# Pipeline
$jenkins_cli install-plugin pipeline-stage-view	# Pipeline: Stage View Plugin
$jenkins_cli install-plugin git	# Git plugin
$jenkins_cli install-plugin github-organization-folder	# GitHub Organization Folder Plugin
$jenkins_cli install-plugin subversion	# Subversion Plug-in
$jenkins_cli install-plugin email-ext	# Email Extension Plugin
$jenkins_cli install-plugin ssh-slaves	# SSH Slaves plugin

# Install extra comfort plugins
# Handle terminal colours. Enhance the readability of the terminal.
$jenkins_cli install-plugin ansicolor
# MOnitoring of the local file system. Allow to monitor a directory and trig a job if a file has been modified.
$jenkins_cli install-plugin fstrigger

# Set global security with ldap
cp ../conf/config.xml /var/lib/jenkins/
chown jenkins: /var/lib/jenkins/config.xml

# Wait for Jenkins to be fully started
ynh_systemd_action --action=restart --line_match="Jenkins is fully up and running" --log_path="/var/log/$app/$app.log" --timeout="$timeout"

#=================================================
# SETUP SSOWAT
#=================================================

if [ $is_public -eq 0 ]
then
	# Remove the public access
	ynh_app_setting_delete $app unprotected_uris
	# /path/github-webhook has to be accessible for github's webhooks
	ynh_app_setting_set $app skipped_uris "/github-webhook"
fi

#=================================================
# CLEAN HOSTS FILE
#=================================================

sed -i '/#jenkins/d' /etc/hosts

#=================================================
# SEND A README FOR THE ADMIN
#=================================================

# Get main domain and buid the url of the admin panel of the app.
admin_panel="https://$(grep portal_domain /etc/ssowat/conf.json | cut -d'"' -f4)/yunohost/admin/#/apps/$app"

message="You can configure this app easily by using the experimental config-panel feature: $admin_panel/config-panel.
You can also find some specific actions for this app by using the experimental action feature: $admin_panel/actions.

If you're facing an issue or want to improve this app, please open a new issue in this project: https://github.com/YunoHost-Apps/jenkins_ynh"

ynh_send_readme_to_admin --app_message="$message" --recipients="root" --type="install"