#!/bin/bash

#=================================================
# GENERIC START
#=================================================
# IMPORT GENERIC HELPERS
#=================================================

source _common.sh
source /usr/share/yunohost/helpers

#=================================================
# MANAGE SCRIPT FAILURE
#=================================================

# Exit if an error occurs during the execution of the script
ynh_abort_if_errors

#=================================================
# RETRIEVE ARGUMENTS FROM THE MANIFEST
#=================================================

domain=$YNH_APP_ARG_DOMAIN
path_url=$YNH_APP_ARG_PATH
user=$YNH_APP_ARG_USER

app=$YNH_APP_INSTANCE_NAME

#=================================================
# CHECK IF THE APP CAN BE INSTALLED WITH THESE ARGS
#=================================================
ynh_script_progression --message="Validating installation parameters..." --weight=2

final_path=/var/www/$app
test ! -e "$final_path" || ynh_die --message="This path already contains a folder"

# Register (book) web path
ynh_webpath_register --app=$app --domain=$domain --path_url=$path_url

#=================================================
# STORE SETTINGS FROM MANIFEST
#=================================================
ynh_script_progression --message="Storing installation settings..."

ynh_app_setting_set --app=$app --key=domain --value=$domain
ynh_app_setting_set --app=$app --key=path --value=$path_url
ynh_app_setting_set --app=$app --key=final_path --value=$final_path

ynh_app_setting_set --app=$app --key=admin_mail_html --value=1

#=================================================
# STANDARD MODIFICATIONS
#=================================================
# NGINX CONFIGURATION
#=================================================
ynh_script_progression --message="Configuring NGINX web server..." --weight=2

# Create a dedicated NGINX config
ynh_add_nginx_config

#=================================================
# CREATE DEDICATED USER
#=================================================
ynh_script_progression --message="Configuring system user..."

ynh_system_user_create --username=$app

#=================================================
# SPECIFIC SETUP
#=================================================
# MODIFY A CONFIG FILE
#=================================================

# TODO
# yunohost domain main-domain | sed "s/current_main_domain: //g"


mkdir "$final_path"

git clone https://github.com/prasathmani/tinyfilemanager.git "$final_path"

cp $final_path/config-sample.php $final_path/config.php

ynh_replace_string --match_string="\$use_auth = true;" --replace_string="\$use_auth = false;" --target_file=$final_path/config.php
ynh_replace_string --match_string="\$default_timezone = 'Etc/UTC'; // UTC" --replace_string="\$default_timezone = 'America/Toronto';" --target_file=$final_path/config.php
ynh_replace_string --match_string="\$root_path = \$_SERVER\['DOCUMENT_ROOT'\];" --replace_string="\$root_path = '/var/www';" --target_file=$final_path/config.php
ynh_replace_string --match_string="\$max_upload_size_bytes = 5000;" --replace_string="\$max_upload_size_bytes = 5000000;" --target_file=$final_path/config.php

chown -R $app: "$final_path"

ynh_package_install proftpd-mod-ldap

echo "<IfModule mod_ldap.c>
    LDAPServer ldap://localhost/??sub
    LDAPUsers ou=users,dc=yunohost,dc=org (uid=%u)
</IfModule>

PassivePorts                  50000 50100

<IfModule mod_tls.c>
    TLSEngine                               on
    TLSLog                                  /var/log/proftpd/tls.log
    TLSProtocol                             SSLv23
    TLSRSACertificateFile                   /etc/yunohost/certs/$domain/crt.pem
    TLSRSACertificateKeyFile                /etc/yunohost/certs/$domain/key.pem
    TLSVerifyClient                         off
    TLSOptions                              NoSessionReuseRequired
    TLSRequired                             on
</IfModule>" > /etc/proftpd/conf.d/yunohost.conf

systemctl restart proftpd

yunohost firewall allow TCP 21
yunohost firewall allow TCP 50000:50100

# Allow app to browse content of /var/www
setfacl -m g:$app:rx /var/www
setfacl -m g:$app.main:rx /var/www

#=================================================
# GENERATE GLOBAL SSH KEY
#=================================================

ssh-keygen -t ed25519 -f /etc/yunohost/sshkey -q -N ""
chmod 600 /etc/yunohost/sshkey
setfacl -m g:$app.main:x /etc/yunohost
setfacl -m g:$app.main:r /etc/yunohost/sshkey
chown daemon /etc/yunohost/sshkey

ssh-keyscan github.com >> /etc/ssh/known_hosts
grep -qF 'GlobalKnownHostsFile /etc/ssh/known_hosts' /etc/ssh/ssh_config || echo '    GlobalKnownHostsFile /etc/ssh/known_hosts' >> /etc/ssh/ssh_config

# Automatically add link to www folder to new users
ln -s /var/www /etc/skel/www

#=================================================
# PHP-FPM CONFIGURATION
#=================================================
ynh_script_progression --message="Configuring PHP-FPM..." --weight=2

# Create a dedicatedPHP-FPM config
ynh_add_fpm_config --usage=low --footprint=low
phpversion=$(ynh_app_setting_get --app=$app --key=phpversion)

#=================================================
# GENERIC FINALIZATION
#=================================================
# SETUP SSOWAT
#=================================================
ynh_script_progression --message="Configuring permissions..." --weight=1

ynh_permission_update --permission="main" --remove=all_users

ynh_permission_update --permission="main" --add=$user

#=================================================
# RELOAD NGINX
#=================================================
ynh_script_progression --message="Reloading NGINX web server..."

ynh_systemd_action --service_name=nginx --action=reload

#=================================================
# END OF SCRIPT
#=================================================

ynh_script_progression --message="Installation of $app completed" --last