#!/bin/bash

# Exit on command errors and treat unset variables as an error
set -eu

# Get multi-instances specific variables
app=$YNH_APP_INSTANCE_NAME
app_nb=$YNH_APP_INSTANCE_NUMBER

# Retrieve arguments
domain=$1
path=${2%/}
password=$3
is_public=$4
mysql_db=$5

# Source app helpers
. /usr/share/yunohost/helpers

# Check domain/path availability
sudo yunohost app checkurl "${domain}${path}" -a "$app" \
  || exit 1

# Check destination directory
DESTDIR="/var/www/${app}"
[[ -d "$DESTDIR" ]] && ynh_die \
"The destination directory '${DESTDIR}' already exists.\
 You should safely delete it before installing this app."

# Create the user account
user="webapp${app_nb}"
sudo useradd -c "${app} user account" \
    -d "$DESTDIR" -M -g www-data "$user" \
  || ynh_die "Unable to create user account"
sudo chpasswd <<< "${user}:${password}"

# Harden SSH connection for the user
echo "##-> ${app}
# Hardening user connection
Match User ${user}
  ChrootDirectory %h
  ForceCommand internal-sftp
  AllowTcpForwarding no
  PermitTunnel no
  X11Forwarding no
##<- ${app}" | sudo tee -a /etc/ssh/sshd_config

# Specify the user and the domain in the home page
sed -i "s@{DOMAIN}@${domain}@g" ../sources/www/index.html
sed -i "s@{USER}@${user}@g"     ../sources/www/index.html

# Initialize database as needed
if [[ $mysql_db -eq 1 ]]; then
    dbname=$app
    dbuser=$app
    dbpass=$(ynh_string_random)
    ynh_mysql_create_db "$dbname" "$dbuser" "$dbpass"

    # Store the database access
    echo -e "# MySQL Database
name: ${dbname}\nuser: ${dbuser}\npass: ${dbpass}" > ../sources/db_access.txt
    ynh_app_setting_set "$app" mysqlpwd "$dbpass"
fi

# Copy files to the right place and set permissions
sudo cp -r ../sources "$DESTDIR"
sudo chown -hR "${user}:" "$DESTDIR"

# Home directory of the user need to be owned by root to allow
# SFTP connections
sudo chown root: "$DESTDIR"

# Save app settings
ynh_app_setting_set "$app" is_public "$is_public"
ynh_app_setting_set "$app" mysql_db "$mysql_db"
ynh_app_setting_set "$app" password "$password"
ynh_app_setting_set "$app" user "$user"

# Set SSOwat rules
[[ $is_public -eq 1 ]] \
  && ynh_app_setting_set "$app" skipped_uris "/"

# Copy and set nginx configuration
nginx_conf="/etc/nginx/conf.d/${domain}.d/${app}.conf"
sed -i "s@{LOCATION}@${path:-/}@g" ../conf/nginx.conf
sed -i "s@{DESTDIR}@${DESTDIR}@g"  ../conf/nginx.conf
sed -i "s@{POOLNAME}@${app}@g"     ../conf/nginx.conf
sudo cp ../conf/nginx.conf "$nginx_conf"

# Copy and set php-fpm configuration
phpfpm_conf="/etc/php5/fpm/pool.d/${app}.conf"
sed -i "s@{USER}@${user}@g"       ../conf/php-fpm.conf
sed -i "s@{POOLNAME}@${app}@g"    ../conf/php-fpm.conf
sed -i "s@{DESTDIR}@${DESTDIR}@g" ../conf/php-fpm.conf
sudo cp ../conf/php-fpm.conf "$phpfpm_conf"

# Reload services
sudo service php5-fpm reload
sudo service nginx reload
sudo service sshd reload