#!/bin/bash

#=================================================
# GENERIC START
#=================================================
# IMPORT GENERIC HELPERS
#=================================================

source _common.sh
source /usr/share/yunohost/helpers

#=================================================
# LOAD SETTINGS
#=================================================

app=$YNH_APP_INSTANCE_NAME

domain=$(ynh_app_setting_get $app domain)
path_url=$(ynh_app_setting_get $app path)
is_public=$(ynh_app_setting_get $app is_public)
final_path=$(ynh_app_setting_get $app final_path)

#=================================================
# ENSURE DOWNWARD COMPATIBILITY
#=================================================

# Fix is_public as a boolean value
if [ "$is_public" = "Yes" ]; then
	ynh_app_setting_set $app is_public 1
	is_public=1
elif [ "$is_public" = "No" ]; then
	ynh_app_setting_set $app is_public 0
	is_public=0
fi

# If final_path doesn't exist, create it
if [ -z $final_path ]; then
	final_path=/var/www/$app
	ynh_app_setting_set $app final_path $final_path
fi

#=================================================
# BACKUP BEFORE UPGRADE THEN ACTIVE TRAP
#=================================================

# Backup the current version of the app
ynh_backup_before_upgrade
ynh_clean_setup () {
	# restore it if the upgrade fails
	ynh_restore_upgradebackup
}
# Exit if an error occurs during the execution of the script
ynh_abort_if_errors

#=================================================
# CHECK THE PATH
#=================================================

# Normalize the URL path syntax
path_url=$(ynh_normalize_url_path $path_url)

#=================================================
# REMOVE APP MAIN DIR
#=================================================
 
# Create a temporary directory
tmpdir="$(mktemp -d)"
# Backup the config file in the temp dir
cp -a "$final_path/data" "$tmpdir/"

# Remove the app directory securely
ynh_secure_remove "$final_path"

#=================================================
# DOWNLOAD, CHECK AND UNPACK SOURCE
#=================================================

# Download, check integrity, uncompress and patch the source from app.src
ynh_setup_source "$final_path"
sudo cp -a "$tmpdir/data" "${final_path}/"
sudo rm -Rf "$tmpdir"

#=================================================
# NGINX CONFIGURATION
#=================================================

# Create a dedicated nginx config
ynh_add_nginx_config

# Install dependencies
ynh_install_app_dependencies 'php5-cli|php-cli' php-gettext 'php5-curl|php-curl' 'php-intl|php5-intl' 'php-gd|php5-gd' 'php-mbstring|base-files(<<9.0)' openssl

#=================================================
# CREATE DEDICATED USER
#=================================================

# Create a system user
ynh_system_user_create $app

#=================================================
# PHP-FPM CONFIGURATION
#=================================================

# Create a dedicated php-fpm config
ynh_add_fpm_config

#=================================================
# SETUP LOGROTATE
#=================================================

# Use logrotate to manage app-specific logfile(s)
ynh_use_logrotate --non-append

#=================================================
# SETUP FAIL2BAN
#=================================================

ynh_add_fail2ban_config "$final_path/data/log.txt" "\s-\s<HOST>\s-\sLogin failed for user.*$" 5

# Set right permissions 
chown -R $app: $final_path

#=================================================
# SETUP SSOWAT
#=================================================

# Make app public if necessary
if [ $is_public -eq 1 ]
then
	# unprotected_uris allows SSO credentials to be passed anyway
	ynh_app_setting_set $app unprotected_uris "/"
fi

#=================================================
# RELOAD NGINX
#=================================================

systemctl reload nginx