#!/bin/bash

check_global_const DOMAIN_NAME USERNAME CADDYFILE IP SSH_PORT

mkdir "/home/${USERNAME}/cms.${DOMAIN_NAME}"
chown -R "${USERNAME}:${USERNAME}" "/home/${USERNAME}/cms.${DOMAIN_NAME}"
cp assets/directus.docker-compose.yml "/home/${USERNAME}/cms.${DOMAIN_NAME}/docker-compose.yml"
cp assets/.env.example "/home/${USERNAME}/cms.${DOMAIN_NAME}/.env"

sed -i "s/^PROJECT_NAME=.*/PROJECT_NAME=${DOMAIN_NAME}/" "/home/${USERNAME}/cms.${DOMAIN_NAME}/.env"

set_admin_credentials() {
    echo -e "${ORANGE}${BOLD}Generate and store the credentials somewhere safe${RESET}"
    echo -e "${PURPLE}${BOLD}Enter the Directus admin email : ${RESET}"
    read directus_admin_email
    echo -e "${PURPLE}${BOLD}Enter the Directus admin password : ${RESET}"
    read -s directus_admin_password

    sed -i "s/^ADMIN_EMAIL=.*/ADMIN_EMAIL=${directus_admin_email}/" "/home/${USERNAME}/cms.${DOMAIN_NAME}/.env"
    sed -i "s/^ADMIN_PASSWORD=.*/ADMIN_PASSWORD=${directus_admin_password}/" "/home/${USERNAME}/cms.${DOMAIN_NAME}/.env"
}

set_port() {
    # @TODO: random port
    # @TODO: check if port is available
    port=8055
    sed -i "s/^PORT=.*/PORT=${port}/" "/home/${USERNAME}/cms.${DOMAIN_NAME}/.env"
}

set_secrets() {
    key=$(head -c 16 /dev/urandom | od -An -tx1 | tr -d ' \n')
    secret=$(head -c 16 /dev/urandom | od -An -tx1 | tr -d ' \n')
    sed -i "s/^KEY=.*/KEY=${key}/" "/home/${USERNAME}/cms.${DOMAIN_NAME}/.env"
    sed -i "s/^SECRET=.*/SECRET=${secret}/" "/home/${USERNAME}/cms.${DOMAIN_NAME}/.env"
}

docker_up() {
    docker compose -f "/home/${USERNAME}/cms.${DOMAIN_NAME}/docker-compose.yml" up -d
}

wait_for_DB() {
    echo "Waiting for Directus database to be ready..."
    until docker exec -i "${DOMAIN_NAME}_Directus_DB" mariadb -uroot -e "SELECT 1" &> /dev/null
    do
    echo "Database not ready yet... waiting 5 seconds"
    sleep 5
    done
    echo -e "${PURPLE}${BOLD}Create DB${RESET}"
    docker exec -i "${DOMAIN_NAME}_Directus_DB" mariadb -uroot -e "CREATE DATABASE directus; GRANT ALL PRIVILEGES ON directus.* TO 'root'@'%';"
    docker exec -i -u root "${DOMAIN_NAME}_Directus" sh -c "chown node:node uploads/"
}

echo -e "${PURPLE}${BOLD}Import the Directus database ? (y/N) ${RESET}"
read answer
if [[ "$answer" == "y" ]]; then
    set_port
    set_secrets
    docker_up
    wait_for_DB

    echo -e "${PURPLE}${BOLD}Import the .tar.gz archive from your local storage${RESET}"
    echo -e "${PURPLE}The archive should contain the sql dump and the upload directory${RESET}"
    echo -e "${PURPLE}Make sure the Website Directus user permissions are setup${RESET}"
    echo -e "${BLUE}scp -P ${SSH_PORT} /local/path/to/archive.tar.gz ${USERNAME}@${IP}:/home/${USERNAME}/${RESET}"
    echo -e "${PURPLE}${BOLD}Press any key when done${RESET}"
    read

    directus_archive=$(ls /home/${USERNAME}/*.tar.gz);
    tar -xzf "${directus_archive}" -C "/home/${USERNAME}/cms.${DOMAIN_NAME}" --strip-components=1
    rm "${directus_archive}"
    sql_dump=$(ls /home/${USERNAME}/cms.${DOMAIN_NAME}/*.sql)
    docker exec -i "${DOMAIN_NAME}_Directus_DB" mariadb -uroot directus < "${sql_dump}"

    docker exec -i "${DOMAIN_NAME}_Directus" sh -c "
        npx directus bootstrap --skipAdminInit &&\
        npx directus database migrate:latest
    "
else
    set_admin_credentials
    set_port
    set_secrets
    docker_up
    wait_for_DB
    docker exec -i "${DOMAIN_NAME}_Directus" sh -c "npx directus bootstrap"

    docker cp assets/directus_policies.sql "${DOMAIN_NAME}_Directus_DB:/directus_policies.sql"
    docker exec -i "${DOMAIN_NAME}_Directus_DB" sh -c "
        mariadb -uroot directus < /directus_policies.sql
    "

    website_role_uuid=$(docker exec -i "${DOMAIN_NAME}_Directus_DB" mariadb -N -uroot -e "SELECT id FROM directus.directus_roles WHERE name='Website'")
    user_role_uuid=$(docker exec -i "${DOMAIN_NAME}_Directus_DB" mariadb -N -uroot -e "SELECT id FROM directus.directus_roles WHERE name='User'")
    admin_role_uuid=$(docker exec -i "${DOMAIN_NAME}_Directus_DB" mariadb -N -uroot -e "SELECT id FROM directus.directus_roles WHERE name='Administrator'")

    website_password=$(head -c 16 /dev/urandom | od -An -tx1 | tr -d ' \n')

    docker exec -i "${DOMAIN_NAME}_Directus" sh -c "npx directus users create --email \"website@${DOMAIN_NAME}\" --password \"${website_password}\" --role \"${website_role_uuid}\""

    WEBSITE_TOKEN=$(head -c 16 /dev/urandom | od -An -tx1 | tr -d ' \n')

    docker exec -i "${DOMAIN_NAME}_Directus_DB" sh -c "
        mariadb -uroot -e \"
            UPDATE directus.directus_users SET role='${admin_role_uuid}' WHERE first_name='Admin';
            UPDATE directus.directus_users SET token='${WEBSITE_TOKEN}' WHERE email='website@${DOMAIN_NAME}';
        \" directus
    "

    echo -e "${PURPLE}${BOLD}Import Directus data model ? (y/N) ${RESET}"
    read answer
    if [[ "$answer" == "y" ]]; then
        echo -e "${PURPLE}${BOLD}Make sure your local Directus is the latest version${RESET}"
        echo -e "${BLUE}npx directus schema snapshot ./snapshot.yaml${RESET}"
        echo -e "${BLUE}scp -P ${SSH_PORT} /local/path/to/snapshot.yaml ${USERNAME}@${IP}:/home/${USERNAME}/snapshot.yaml${RESET}"
        echo -e "${PURPLE}${BOLD}Press any key when done${RESET}"
        read

        docker cp /home/${USERNAME}/snapshot.yaml "${DOMAIN_NAME}_Directus":/directus/snapshot.yaml
        docker exec -i "${DOMAIN_NAME}_Directus" sh -c "npx directus schema apply --yes ./snapshot.yaml"

        can_see_policy_id=$(docker exec -i "${DOMAIN_NAME}_Directus_DB" mariadb -N -uroot -e "SELECT id FROM directus.directus_policies WHERE name='CanSee'")
        can_edit_policy_id=$(docker exec -i "${DOMAIN_NAME}_Directus_DB" mariadb -N -uroot -e "SELECT id FROM directus.directus_policies WHERE name='CanEdit'")

        collections=$(docker exec -i "${DOMAIN_NAME}_Directus_DB" sh -c "mariadb -N -u root directus -e \"SELECT collection FROM directus_collections;\"" | tr -d '\r')
        for collection_name in $collections; do
            echo $collection_name
            docker exec -i "${DOMAIN_NAME}_Directus_DB" sh -c "
                mariadb -uroot directus -e \"
                    INSERT INTO directus_permissions (collection, action, permissions, fields, policy)
                    VALUES
                        ('${collection_name}', 'read', '{}', '*', '${can_see_policy_id}'),
                        ('${collection_name}', 'read', '{}', '*', '${can_edit_policy_id}'),
                        ('${collection_name}', 'create', '{}', '*', '${can_edit_policy_id}'),
                        ('${collection_name}', 'update', '{}', '*', '${can_edit_policy_id}'),
                        ('${collection_name}', 'delete', '{}', '*', '${can_edit_policy_id}');
                \"
            "
        done
    fi
fi

docker network connect web "${DOMAIN_NAME}_Directus"

if ! grep -q "cms.${DOMAIN_NAME}" "$CADDYFILE"; then
    echo "cms.${DOMAIN_NAME} {" >> "$CADDYFILE"
    echo "    reverse_proxy ${DOMAIN_NAME}_Directus:${port}" >> "$CADDYFILE"
    echo "}" >> "$CADDYFILE"
    docker restart caddy
    echo -e "${PURPLE}${BOLD}You can now add some content${RESET}"
else
    echo -e "${ORANGE}${BOLD}Entry for cms.${DOMAIN_NAME} already exists in $CADDYFILE.${RESET}"
fi