#!/bin/bash

#=================================================
# IMPORT GENERIC HELPERS
#=================================================

source _common.sh
source /usr/share/yunohost/helpers

#=================================================
# INITIALIZE AND STORE SETTINGS
#=================================================

# Generate random DES key & password
deskey=$(ynh_string_random --length=24)
ynh_app_setting_set --app="$app" --key="deskey" --value="$deskey"

#=================================================
# DOWNLOAD, CHECK AND UNPACK SOURCE
#=================================================
ynh_script_progression --message="Setting up source files..." --weight=6

# Download, check integrity, uncompress and patch the source from app.src
ynh_setup_source --dest_dir="$install_dir"

# Create log dir/file FIXME: is it useless?
mkdir -p "$install_dir/var/logs/"
touch "$install_dir/var/logs/prod.log"

# Set permissions to app files
chown -R "$app:www-data" "$install_dir"

# Restrict rights to Wallabag user only
if [ -e "$install_dir/var/cache/prod/appProdProjectContainer.php" ]; then
    chmod 700 "$install_dir/var/cache/prod/appProdProjectContainer.php"
fi

#=================================================
# APP INITIAL CONFIGURATION
#=================================================
ynh_script_progression --message="Adding $app's configuration files..." --weight=1

ynh_add_config --template="parameters.yml" --destination="$install_dir/app/config/parameters.yml"

chmod 600 "$install_dir/app/config/parameters.yml"
chown "$app:$app" "$install_dir/app/config/parameters.yml"

# Install dependencies and Wallabag
php_exec wallabag:install

# Add users to Wallabag
for username in $(ynh_user_list); do
    user_email=$(ynh_user_get_info --username="$username" --key=mail)
    # We don't care about that thanks to LDAP
    user_pass=$(ynh_string_random)
    php_exec fos:user:create "$username" "$user_email" "$user_pass"
done

# Set admin user
php_exec fos:user:promote --super "$admin"

# Configure Wallabag instance URL
ynh_mysql_connect_as --user="$db_user" --password="$db_pwd" --database="$db_name" \
    <<< "UPDATE internal_setting SET value = 'https://$domain$path' WHERE name = 'wallabag_url'"

# Set permissions to app files
chown -R "$app:www-data" "$install_dir"

#=================================================
# SETUP HOOKS
#=================================================

ynh_replace_string --match_string="__APP__" --replace_string="$app" --target_file="../hooks/post_user_create"
ynh_replace_string --match_string="__APP__" --replace_string="$app" --target_file="../hooks/post_user_delete"

#=================================================
# SYSTEM CONFIGURATION
#=================================================
ynh_script_progression --message="Adding system configurations related to $app..." --weight=1

# Create a dedicated NGINX config
ynh_add_nginx_config

# Create a dedicated PHP-FPM config
ynh_add_fpm_config

# Use logrotate to manage application logfile(s)
ynh_use_logrotate --logfile="$install_dir/var/logs/prod.log"

# Create a dedicated Fail2Ban config
ynh_add_fail2ban_config --logpath="$install_dir/var/logs/prod.log" --failregex='app.ERROR: Authentication failure for user "([\w]+)?", from IP "<HOST>"' --max_retry=5

#=================================================
# END OF SCRIPT
#=================================================

ynh_script_progression --message="Installation of $app completed" --last