#!/bin/bash

#=================================================
# GENERIC STARTING
#=================================================
# IMPORT GENERIC HELPERS
#=================================================

source _common.sh
source /usr/share/yunohost/helpers

#=================================================
# LOAD SETTINGS
#=================================================
ynh_script_progression --message="Loading installation settings..." --weight=5

app=$YNH_APP_INSTANCE_NAME

domain=$(ynh_app_setting_get --app=$app --key=domain)
path_url=$(ynh_app_setting_get --app=$app --key=path)
admin_wordpress=$(ynh_app_setting_get --app=$app --key=admin)
language=$(ynh_app_setting_get --app=$app --key=language)
is_public=$(ynh_app_setting_get --app=$app --key=is_public)
multisite=$(ynh_app_setting_get --app=$app --key=multisite)
final_path=$(ynh_app_setting_get --app=$app --key=final_path)
db_name=$(ynh_app_setting_get --app=$app --key=db_name)

overwrite_nginx=$(ynh_app_setting_get --app=$app --key=overwrite_nginx)
overwrite_phpfpm=$(ynh_app_setting_get --app=$app --key=overwrite_phpfpm)
admin_mail_html=$(ynh_app_setting_get --app=$app --key=admin_mail_html)

fpm_footprint=$(ynh_app_setting_get --app=$app --key=fpm_footprint)
fpm_usage=$(ynh_app_setting_get --app=$app --key=fpm_usage)

phpversion=$(ynh_app_setting_get --app=$app --key=phpversion)

#=================================================
# CHECK VERSION
#=================================================

upgrade_type=$(ynh_check_app_version_changed)

#=================================================
# ENSURE DOWNWARD COMPATIBILITY
#=================================================
ynh_script_progression --message="Ensuring downward compatibility..."

if [ -z "$admin_wordpress" ]; then
	ynh_mysql_execute_as_root --sql="select MAX(user_login) from wp_users where user_status=0 INTO OUTFILE '/tmp/wordpressuser';" --database=$db_name
	admin_wordpress=$(cat /tmp/wordpressuser)
	ynh_secure_remove --file=/tmp/wordpressuser
	ynh_app_setting_set --app=$app --key=admin --value=$admin_wordpress
fi

# If final_path doesn't exist, create it
if [ -z "$final_path" ]; then
	final_path=/var/www/$app
	ynh_app_setting_set --app=$app --key=final_path --value=$final_path
fi

if [ -z "$language" ]; then
	language=$(grep WPLANG $final_path/wp-config.php | cut -d"'" -f4)
	ynh_app_setting_set --app=$app --key=language --value=$language
fi

# Fix is_public as a boolean
if [ "${is_public,,}" = "yes" ]; then
	ynh_app_setting_set --app=$app --key=is_public --value=1
	is_public=1
elif [ "${is_public,,}" = "no" ]; then
	ynh_app_setting_set --app=$app --key=is_public --value=0
	is_public=0
fi

# Fix multisite as a boolean
if [ "${multisite,,}" = "yes" ]; then
	ynh_app_setting_set --app=$app --key=multisite --value=1
	multisite=1
elif [ "${multisite,,}" = "no" ]; then
	ynh_app_setting_set --app=$app --key=multisite --value=0
	multisite=0
fi

# If db_name doesn't exist, create it
if [ -z "$db_name" ]; then
	db_name=$(ynh_sanitize_dbid --db_name=$app)
	ynh_app_setting_set --app=$app --key=db_name --value=$db_name
fi

# If some 'add_filter' are still in wp_config, remove them
if grep add_filter.*auto_update $final_path/wp-config.php; then
	sed --in-place '/add_filter.*auto_update/d' $final_path/wp-config.php
fi

# If admin_mail_html doesn't exist, create it
if [ -z "$admin_mail_html" ]; then
	admin_mail_html=1
	ynh_app_setting_set --app=$app --key=admin_mail_html --value=$admin_mail_html
fi

# If overwrite_nginx doesn't exist, create it
if [ -z "$overwrite_nginx" ]; then
	overwrite_nginx=1
	ynh_app_setting_set $app overwrite_nginx $overwrite_nginx
fi

# If overwrite_phpfpm doesn't exist, create it
if [ -z "$overwrite_phpfpm" ]; then
    overwrite_phpfpm=1
    ynh_app_setting_set --app=$app --key=overwrite_phpfpm --value=$overwrite_phpfpm
fi

# If the app is private, set the usage to low, otherwise to high.
if [ $is_public -eq 0 ]
then
    usage=low
else
    usage=high
fi

# If fpm_footprint doesn't exist, create it
if [ -z "$fpm_footprint" ]; then
    fpm_footprint=medium
    ynh_app_setting_set --app=$app --key=fpm_footprint --value=$fpm_footprint
fi

# If fpm_usage doesn't exist, create it
if [ -z "$fpm_usage" ]; then
    fpm_usage=$usage
    ynh_app_setting_set --app=$app --key=fpm_usage --value=$fpm_usage
fi

# If phpversion doesn't exist, create it
if [ -z "$phpversion" ]; then
    phpversion=$YNH_PHP_VERSION
    ynh_app_setting_set --app=$app --key=phpversion --value=$phpversion
fi

# Replace wp-fail2ban by wp-fail2ban-redux
ynh_exec_warn_less wget --no-verbose https://raw.githubusercontent.com/wp-cli/builds/gh-pages/phar/wp-cli.phar --output-document=$final_path/wp-cli.phar
wpcli_alias="php$phpversion $final_path/wp-cli.phar --allow-root --path=$final_path"
if [ $multisite -eq 1 ]; then
        plugin_network="--network"
fi
$wpcli_alias plugin is-installed wp-fail2ban && $wpcli_alias plugin deactivate $plugin_network wp-fail2ban && $wpcli_alias plugin uninstall wp-fail2ban
$wpcli_alias plugin is-installed wp-fail2ban-redux || $wpcli_alias plugin install wp-fail2ban-redux

#=================================================
# STANDARD UPGRADE STEPS
#=================================================
# BACKUP BEFORE UPGRADE THEN ACTIVE TRAP
#=================================================
ynh_script_progression --message="Backing up the app before upgrading (may take a while)..." --weight=15

# Backup the current version of the app
ynh_backup_before_upgrade
ynh_clean_setup () {
	# restore it if the upgrade fails
	ynh_restore_upgradebackup
}
# Exit if an error occurs during the execution of the script
ynh_abort_if_errors

#=================================================
# ACTIVATE MAINTENANCE MODE
#=================================================
ynh_script_progression --message="Activating maintenance mode..." --weight=2

ynh_maintenance_mode_ON

#=================================================
# NGINX CONFIGURATION
#=================================================

# Overwrite the NGINX configuration only if it's allowed
if [ $overwrite_nginx -eq 1 ]
then
    ynh_script_progression --message="Upgrading NGINX web server configuration..." --weight=2
	ynh_add_nginx_config
fi

#=================================================
# CREATE DEDICATED USER
#=================================================
ynh_script_progression --message="Making sure dedicated system user exists..."

# Create a dedicated user (if not existing)
ynh_system_user_create --username=$app

#=================================================
# PHP-FPM CONFIGURATION
#=================================================

# Overwrite the PHP-FPM configuration only if it's allowed
if [ $overwrite_phpfpm -eq 1 ]
then
    ynh_script_progression --message="Upgrading PHP-FPM configuration..." --weight=4
    # Create a dedicated PHP-FPM config
    ynh_add_fpm_config --usage=$fpm_usage --footprint=$fpm_footprint --package="$extra_php_dependencies"
fi

#=================================================
# SPECIFIC UPGRADE
#=================================================
# SAVE THE CONFIG FILE IF IT HAS BEEN MODIFIED
#=================================================

# Verify the checksum of a file, stored by `ynh_store_file_checksum` in the install script.
ynh_backup_if_checksum_is_different --file="$final_path/wp-config.php"

#=================================================
# CONFIGURE MULTISITE
#=================================================
ynh_script_progression --message="Configuring multisite..." --weight=2

if [ $multisite -eq 1 ]
then
	ynh_replace_string --match_string="#--MULTISITE--" --replace_string="" --target_file=/etc/nginx/conf.d/$domain.d/$app.conf

    ynh_store_file_checksum --file="/etc/nginx/conf.d/$domain.d/$app.conf"

    ynh_systemd_action --service_name=nginx --action=reload
	
	plugin_network="--network"
else
	multisite=0
	plugin_network=""
	if [ $is_public -eq 1 ]
	then
		ynh_replace_string --match_string="//--PUBLIC--define" --replace_string="define" --target_file=$final_path/wp-config.php
	fi
fi
ynh_app_setting_set --app=$app --key=multisite --value=$multisite

#=================================================
# UPDATE WORDPRESS PLUGINS
#=================================================
ynh_script_progression --message="Updating plugins" --weight=11

# wget -nv https://raw.githubusercontent.com/wp-cli/builds/gh-pages/phar/wp-cli.phar -O $final_path/wp-cli.phar
# wpcli_alias="php$phpversion $final_path/wp-cli.phar --allow-root --path=$final_path"
update_plugin () {
	( $wpcli_alias plugin is-installed $1 && $wpcli_alias plugin update $1 ) || $wpcli_alias plugin install $1
}
update_plugin simple-ldap-login
$wpcli_alias plugin activate simple-ldap-login $plugin_network
update_plugin companion-auto-update
$wpcli_alias plugin activate companion-auto-update $plugin_network
update_plugin wp-fail2ban-redux
$wpcli_alias plugin activate wp-fail2ban-redux $plugin_network

# Disable broken plugin http-authentication
$wpcli_alias plugin is-installed http-authentication && $wpcli_alias plugin deactivate http-authentication $plugin_network

#=================================================
# STORE THE CHECKSUM OF THE CONFIG FILE
#=================================================

# Recalculate and store the checksum of the file for the next upgrade.
ynh_store_file_checksum --file="$final_path/wp-config.php"

#=================================================
# CREATE A CRON TASK FOR AUTOMATIC UPDATE
#=================================================

echo "# Reach everyday wp-cron.php?doing_wp_cron to trig the internal wordpress cron.
0 3  *  *  * root wget -q -O - https://$domain$path_url/wp-cron.php?doing_wp_cron >/dev/null 2>&1" > /etc/cron.d/$app

#=================================================
# GENERIC FINALISATION
#=================================================
# SECURING FILES AND DIRECTORIES
#=================================================

# Set permissions to app files
# Files have to be own by the user of wordpress. To allow upgrade from the app.
chown -R $app: $final_path
# Except the file config wp-config.php
chown root: $final_path/wp-config.php

#=================================================
# UPGRADE FAIL2BAN
#=================================================
ynh_script_progression --message="Reconfiguring Fail2Ban..." --weight=9

# Create a dedicated Fail2Ban config
ynh_add_fail2ban_config --logpath="/var/log/auth.log" --failregex="Authentication (attempt for unknown user|failure for) .* from <HOST>" --max_retry=5

#=================================================
# SETUP SSOWAT
#=================================================
ynh_script_progression --message="Upgrading SSOwat configuration..."

# Remove skipped_uris if it's still present
ynh_app_setting_delete --app=$app --key=skipped_uris
if [ $is_public -eq 0 ]; then
	# Remove the public access
	ynh_app_setting_delete --app=$app --key=unprotected_uris
else
	# Or replace skipped_uris by unprotected_uris
	ynh_app_setting_set --app=$app --key=unprotected_uris --value="/"
fi

#=================================================
# RELOAD NGINX
#=================================================
ynh_script_progression --message="Reloading NGINX web server..."

ynh_systemd_action --service_name=nginx --action=reload

#=================================================
# REMOVE WP-CLI.PHAR
#=================================================

ynh_secure_remove --file=$final_path/wp-cli.phar

#=================================================
# DEACTIVE MAINTENANCE MODE
#=================================================
ynh_script_progression --message="Disabling maintenance mode..." --weight=5

ynh_maintenance_mode_OFF

#=================================================
# SEND A README FOR THE ADMIN
#=================================================

# Get main domain and buid the url of the admin panel of the app.
admin_panel="https://$(grep portal_domain /etc/ssowat/conf.json | cut -d'"' -f4)/yunohost/admin/#/apps/$app"

# If a html email is required. Apply html to the changelog.
if [ "$admin_mail_html" -eq 1 ]; then
    format=html
else
    format=plain
fi
ynh_app_changelog --format=$format

echo "You can configure this app easily by using the experimental __URL_TAG1__config-panel feature__URL_TAG2__$admin_panel/config-panel__URL_TAG3__.
You can also find some specific actions for this app by using the experimental __URL_TAG1__action feature__URL_TAG2__$admin_panel/actions__URL_TAG3__.

If you're facing an issue or want to improve this app, please open a new issue in this __URL_TAG1__project__URL_TAG2__https://github.com/YunoHost-Apps/wordpress_ynh__URL_TAG3__.

---

Changelog since your last upgrade:
$(cat changelog)" > mail_to_send

ynh_send_readme_to_admin --app_message="mail_to_send" --recipients="$admin_wordpress" --type=upgrade

#=================================================
# END OF SCRIPT
#=================================================

ynh_script_progression --message="Upgrade of $app completed" --last