#!/bin/bash

echo -e "${PURPLE}${BOLD}If it does not already exists, create a webhook at the following url${RESET}"
echo -e "${PURPLE}${BOLD}${repo_url}/settings/hooks/gitea/new${RESET}"
echo -e "${BLUE}${BOLD}Target URL ${RESET}${BLUE}https://${DOMAIN_NAME}/webhook.php${RESET}"
echo -e "${BLUE}${BOLD}Branch filter ${RESET}${BLUE}prod${RESET}"
echo -e "${BLUE}${BOLD}Authorization Header ${RESET}${ORANGE}Generate a safe string using \`openssl rand -base64 32\`${RESET}"
echo -e "${PURPLE}${BOLD}Enter the Authorization Header${RESET}"
read -s auth_header

# check if the build flow already exists and get the auth header from there if so

install_pkg php
install_pkg php-fpm
install_pkg jq

rm /var/www/html/index.html
cp ./assets/webhook.php /var/www/html/
mkdir /var/www/webhook
cp ./assets/webhook.sh /var/www/webhook
chown www-data:www-data /var/www/webhook/webhook.sh
chmod u+x /var/www/webhook/webhook.sh
mkdir /var/www/webhook/logs
chown www-data:www-data /var/www/webhook/logs

get_ip

head -n $(($(wc -l < $CADDYFILE) - 2)) $CADDYFILE > temp_Caddyfile && mv temp_Caddyfile $CADDYFILE
echo "handle /webhook.php {" >> $CADDYFILE
echo "@unauthorized not header Authorization \"${auth_header}\"" >> $CADDYFILE
echo "respond @unauthorized \"Unauthorized access\"" >> $CADDYFILE
echo "root * /var/www/html" >> $CADDYFILE
echo "php_fastcgi unix//run/php/php8.2-fpm.sock" >> $CADDYFILE
echo "file_server" >> $CADDYFILE
echo "}" >> $CADDYFILE
echo "handle {" >> $CADDYFILE
echo "root * /var/www/html/public" >> $CADDYFILE
echo "file_server" >> $CADDYFILE
echo "}" >> $CADDYFILE
echo "}" >> $CADDYFILE
caddy fmt $CADDYFILE -w
caddy reload -c $CADDYFILE

if [[ -z "$DB_DIRECTUS_PASSWORD" ]]; then
    echo -e "${PURPLE}${BOLD}Enter the MariaDB Directus password : ${RESET}"
    read -s DB_DIRECTUS_PASSWORD
    echo
fi

FLOW_EXISTS=$(echo $(mariadb -u directus -p${DB_DIRECTUS_PASSWORD} directus -e "SELECT COUNT(*) FROM directus_flows WHERE name='build';") | awk '{print $2}')

website_role_uuid=$(echo $(mariadb -u directus -p${DB_DIRECTUS_PASSWORD} \
-e "SELECT id FROM directus.directus_roles WHERE name='Website'") | awk '{print $2}')

if [ $FLOW_EXISTS -eq 0 ]; then
    flow_id="fdd75914-80dd-44ac-9d62-c7a08bc9cae6"
    operation_id="371b1b41-312d-4df6-ab68-336b416e1f16"

    mariadb -u directus -p${DB_DIRECTUS_PASSWORD} directus -e \
    "INSERT INTO directus_flows (id, name, icon, color, description, status, \`trigger\`, accountability, options, operation, user_created) \
    VALUES (\"${flow_id}\", 'Build', 'bolt', '#FFA439', 'Trigger static site build on content modification', 'active', 'event', 'all', \
    '{\"type\":\"action\",\"scope\":[\"items.create\",\"items.update\",\"items.sort\",\"items.delete\",\"items.promote\"],\"collections\":[\"directus_files\"]}', \
    \"${operation_id}\", \"${website_role_uuid}\")"

    mariadb -u directus -p${DB_DIRECTUS_PASSWORD} directus -e \
    "INSERT INTO directus_operations (id, name, \`key\`, type, position_x, position_y, options, flow, user_created) \
    VALUES (\"${operation_id}\", 'Webhook / Request URL', 'request_56aby', 'request', 23, 2, \
    '{\"headers\":[{\"header\":\"Authorization\",\"value\":\"${auth_header}\"},{\"header\":\"Content-Type\",\"value\":\"application/json\"}],\"method\":\"POST\",\"url\":\"https://${DOMAIN_NAME}/webhook.php\",\"body\":null}', \
    \"${flow_id}\", \"${website_role_uuid}\")"
fi