#!/bin/bash

DEFAULT_VOLUMES=/media/volumes
PWD_GEN='< /dev/urandom tr -dc _A-Z-a-z-0-9 | head -c${1:-32};echo;'
#PWD_GEN='openssl rand -base64 20'
DEFAULT_LDAP_MAIL_UID='mail'
DEFAULT_LDAP_NEXTCLOUD_UID='nextcloud'
DEFAULT_LDAP_GITEA_UID='git'
DEFAULT_LDAP_HAUK_UID='hauk'

# main domain
read -p "Add main domain: " domain
while [[ ! $domain =~ ^.*\.[a-z]{2,}$ ]]; do
    read -p "Add domain (empty to finish): " domain
done
# TODO: more than 1 level domains
org=`echo ${domain} | cut -f1 -d'.'`
ext=`echo ${domain} | cut -f2 -d'.'`

# additional domain
virtual_domains=()
while :; do
    read -p "Add additional domains (empty to finish): " virtual_domain
    if [[ -z $virtual_domain ]]; then
        break;
    elif [[ ! $virtual_domain =~ ^.*\.[a-z]{2,}$ ]]; then
        echo "Please Enter a valid domain";
    else
        virtual_domains+=($virtual_domain);
    fi
done

read -p "Volumes path ($DEFAULT_VOLUMES): " volumes
if [[ ${#volumes} -eq 0 ]]; then
    volumes=$DEFAULT_VOLUMES
fi

read -p "DB admin password (a random one will be generated if empty): " db_pwd
if [[ ${#db_pwd} -eq 0 ]]; then
    db_pwd=`eval "$PWD_GEN"`
fi

read -p "LDAP admin password (a random one will be generated if empty): " ldap_pwd
if [[ ${#ldap_pwd} -eq 0 ]]; then
    ldap_pwd=`eval "$PWD_GEN"`
fi

read -p "LDAP Mail Bind DN uid ($DEFAULT_LDAP_MAIL_UID): " ldap_mail_uid
if [[ ${#ldap_mail_uid} -eq 0 ]]; then
    ldap_mail_uid=$DEFAULT_LDAP_MAIL_UID
fi

read -p "LDAP Mail Bind DN Pwd (a random one will be generated if empty): " ldap_mail_pwd
if [[ ${#ldap_mail_pwd} -eq 0 ]]; then
    ldap_mail_pwd=`eval "$PWD_GEN"`
fi

read -p "LDAP Nextcloud Bind DN uid ($DEFAULT_LDAP_NEXTCLOUD_UID): " ldap_nextcloud_uid
if [[ ${#ldap_nextcloud_uid} -eq 0 ]]; then
    ldap_nextcloud_uid=$DEFAULT_LDAP_NEXTCLOUD_UID
fi

read -p "LDAP Nextcloud Bind DN Pwd (a random one will be generated if empty): " ldap_nextcloud_pwd
if [[ ${#ldap_nextcloud_pwd} -eq 0 ]]; then
    ldap_nextcloud_pwd=`eval "$PWD_GEN"`
fi

read -p "LDAP Gitea Bind DN uid ($DEFAULT_LDAP_GITEA_UID): " ldap_gitea_uid
if [[ ${#ldap_gitea_uid} -eq 0 ]]; then
    ldap_gitea_uid=$DEFAULT_LDAP_GITEA_UID
fi

read -p "LDAP Gitea Bind DN Pwd (a random one will be generated if empty): " ldap_gitea_pwd
if [[ ${#ldap_gitea_pwd} -eq 0 ]]; then
    ldap_gitea_pwd=`eval "$PWD_GEN"`
fi

read -p "LDAP Hauk Bind DN uid ($DEFAULT_LDAP_HAUK_UID): " ldap_hauk_uid
if [[ ${#ldap_hauk_uid} -eq 0 ]]; then
    ldap_hauk_uid=$DEFAULT_LDAP_HAUK_UID
fi

read -p "LDAP Hauk Bind DN Pwd (a random one will be generated if empty): " ldap_hauk_pwd
if [[ ${#ldap_hauk_pwd} -eq 0 ]]; then
    ldap_hauk_pwd=`eval "$PWD_GEN"`
fi

read -p "Nextcloud Admin User Pwd (a random one will be generated if empty): " nextcloud_admin_pwd
if [[ ${#nextcloud_admin_pwd} -eq 0 ]]; then
    nextcloud_admin_pwd=`eval "$PWD_GEN"`
fi

read -p "Gitea Admin User Pwd (a random one will be generated if empty): " gitea_admin_pwd
if [[ ${#gitea_admin_pwd} -eq 0 ]]; then
    gitea_admin_pwd=`eval "$PWD_GEN"`
fi

read -p "Hauk Server Pwd (a random one will be generated if empty): " hauk_server_pwd
if [[ ${#hauk_server_pwd} -eq 0 ]]; then
    hauk_server_pwd=`eval "$PWD_GEN"`
fi

read -p "Pi-Hole Web User Pwd (a random one will be generated if empty): " pihole_web_pwd
if [[ ${#pihole_web_pwd} -eq 0 ]]; then
    pihole_web_pwd=`eval "$PWD_GEN"`
fi

read -p "Admin E-mail, used for Let's Encrypt account and more (admin@${domain}): " admin_email
if [[ ${#admin_email} -eq 0 ]]; then
    admin_email=admin@${domain}
fi

echo "If you have a password salt and a secret from a previous installation, provide them here."
echo "They are used by Passman and need to remain the same for the vaults to be accessible"
read -p "Nextcloud Pwd Salt (a random one will be generated by NC if empty): " nextcloud_salt
read -p "Nextcloud Secret (a random one will be generated by NC if empty): " nextcloud_secret

# read -p "Paperless Web Server User (paperless): " paperless_webserver_user
# if [[ ${#paperless_webserver_user} -eq 0 ]]; then
#     paperless_webserver_user=paperless
# fi

# read -p "Paperless Web Server Pwd (a random one will be generated if empty): " paperless_webserver_pwd
# if [[ ${#paperless_webserver_pwd} -eq 0 ]]; then
#     paperless_webserver_pwd=`eval "$PWD_GEN"`
# fi

# read -p "Paperless Encryption Passphrase (a random one will be generated if empty): " paperless_passphrase
# if [[ ${#paperless_passphrase} -eq 0 ]]; then
#     paperless_=`eval "$PWD_GEN"`
# fi

read -p "SFTP User - SFTP server is used by paperless (consume): " paperless_ftp_user
if [[ ${#paperless_ftp_user} -eq 0 ]]; then
    paperless_ftp_user=consume
fi

read -p "SFTP Pwd (a random one will be generated if empty): " paperless_ftp_pwd
if [[ ${#paperless_ftp_pwd} -eq 0 ]]; then
    paperless_ftp_pwd=`eval "$PWD_GEN"`
fi

read -p "Blog 1 URL (https://blog.${domain})" blog_1_url
if [[ ${#blog_1_url} -eq 0 ]]; then
    blog_1_url=https://blog.${domain}
fi

echo $'\E[33m'
echo "//////////////////////////////////////////////////"
echo "///////////////// PLEASE CONFIRM /////////////////"
echo "//////////////////////////////////////////////////"
echo $'\E[1;30m'

echo Your main domain is:                  ${domain}
echo Your virtual domains are:             ${virtual_domains[*]}
echo Your Volumes path is:                 $volumes
echo Your LDAP Mail Bind DN Uid is:        $ldap_mail_uid
echo Your LDAP Nextcloud Bind DN Uid is:   $ldap_nextcloud_uid
echo Your LDAP Gitea Bind DN Uid is:       $ldap_gitea_uid
echo Your LDAP Hauk Bind DN Uid is:        $ldap_hauk_uid
echo Your Admin email. Let\'s Encrypt...:  $admin_email
echo Your Paperless Web Server User:       $paperless_webserver_user
echo Your SFTP User:                       $paperless_ftp_user
echo Your Blog 1 URL:                      $blog_1_url

echo $'\E[1;37m'
read -p "Are These Settings Correct? Yes (y), No (n): " confirm
while [[ ! $confirm =~ ^[yYnN]{1}$ ]]; do
    read -p "Please Enter 'y' or 'n' To Confirm Settings: " confirm
done

if [[ $confirm != [yY] ]]; then
    exit 1
fi

echo $'\E[33m'
echo "//////////////////////////////////////////////////"
echo "///////////// COPYING TEMPLATE FILES /////////////"
echo "//////////////////////////////////////////////////"
echo $'\E[1;30m'

cp env.template .env
cp mariadb.env.template mariadb.env
cp openldap.env.template openldap.env
cp mail.env.template mail.env
cp nextcloud.env.template nextcloud.env
cp haproxy.env.template haproxy.env
cp paperless.env.template paperless.env
cp sftp.env.template sftp.env
cp gitea.env.template gitea.env
cp hauk.env.template hauk.env
cp pihole.env.template pihole.env
chmod 600 *.env

# Passwords
echo MYSQL_ROOT_PWD=$db_pwd >> mariadb.env
echo MYSQL_ROOT_PWD=$db_pwd >> nextcloud.env

echo LDAP_ADMIN_PWD=$ldap_pwd >> openldap.env
echo LDAP_MAIL_PWD=$ldap_mail_pwd >> openldap.env
echo LDAP_NEXTCLOUD_PWD=$ldap_nextcloud_pwd >> openldap.env
echo LDAP_GITEA_PWD=$ldap_gitea_pwd >> openldap.env
echo LDAP_HAUK_PWD=$ldap_hauk_pwd >> openldap.env
echo LDAP_BIND_PWD=$ldap_mail_pwd >> mail.env
echo LDAP_BIND_PWD=$ldap_nextcloud_pwd >> nextcloud.env
echo LDAP_BIND_PWD=$ldap_gitea_pwd >> gitea.env
echo LDAP_BIND_PWD=$ldap_hauk_pwd >> hauk.env

echo NEXTCLOUD_ADMIN_PWD=$nextcloud_admin_pwd >> nextcloud.env
echo NEXTCLOUD_SALT=$nextcloud_salt >> nextcloud.env
echo NEXTCLOUD_SECRET=$nextcloud_secret >> nextcloud.env

#echo PAPERLESS_WEBSERVER_PWD=$paperless_webserver_pwd >> paperless.env
#echo PAPERLESS_PASSPHRASE=$paperless_passphrase >> paperless.env
echo PAPERLESS_FTP_PWD=$paperless_ftp_pwd >> sftp.env
echo GITEA_ADMIN_PWD=$gitea_admin_pwd >> gitea.env
echo HAUK_SERVER_PWD=$hauk_server_pwd >> hauk.env
#echo $pihole_web_pwd | docker secret create pihole_web_pwd -
sed -i "s/\${PIHOLE_WEB_PWD}/${pihole_web_pwd}/g" pihole.env

# IP for Pi-Hole
IP_LOOKUP="$(ip route get 8.8.8.8 | awk '{ print $NF; exit }')"  # May not work for VPN / tun0
IPv6_LOOKUP="$(ip -6 route get 2001:4860:4860::8888 | awk '{for(i=1;i<=NF;i++) if ($i=="src") print $(i+1)}')"  # May not work for VPN / tun0

for i in `ls *.env .env`; do
    sed -i "s/\${DOMAIN}/${domain}/g" $i
    sed -i "s/\${VIRTUAL_DOMAINS}/${virtual_domains[*]}/g" $i
    sed -i "s/\${ORGANIZATION}/${org}/g" $i
    sed -i "s/\${EXTENSION}/${ext}/g" $i
    sed -i "s/\${VOLUMES_PATH}/${volumes//\//\\/}/g" $i
    sed -i "s/\${LDAP_MAIL_UID}/${ldap_mail_uid}/g" $i
    sed -i "s/\${LDAP_NEXTCLOUD_UID}/${ldap_nextcloud_uid}/g" $i
    sed -i "s/\${LDAP_GITEA_UID}/${ldap_gitea_uid}/g" $i
    sed -i "s/\${LDAP_HAUK_UID}/${ldap_hauk_uid}/g" $i
    sed -i "s/\${ADMIN_EMAIL}/${admin_email}/g" $i
    sed -i "s/\${PAPERLESS_WEBSERVER_USER}/${paperless_webserver_user}/g" $i
    sed -i "s/\${PAPERLESS_FTP_USER}/${paperless_ftp_user}/g" $i
    sed -i "s/\${IP_LOOKUP}/${IP_LOOKUP}/g" $i
    sed -i "s/\${IPv6_LOOKUP}/${IPv6_LOOKUP}/g" $i
    sed -i "s/\${BLOG_1_URL}/${blog_1_url}/g" $i
    #sed -i "s/\${}/${}/g" $i
done;

# read variables
. .env
# repeated env variables
# domains available for all, just in case
for i in `ls *.env`; do
    echo "" >> $i
    echo "# Domains" >> $i
    echo "DOMAIN=${DOMAIN}" >> $i
    echo "VIRTUAL_DOMAINS=${VIRTUAL_DOMAINS}" >> $i
    echo "DOMAINS=${DOMAINS}" >> $i
done

echo "" >> mail.env
echo "MAIL_DATA_PATH=${MAIL_DATA_PATH}" >> mail.env
echo "" >> nextcloud.env
echo "NEXTCLOUD_SERVER_NAME=${NEXTCLOUD_SERVER_NAME}" >> nextcloud.env
echo "NEXTCLOUD_DB_BACKUP=${NEXTCLOUD_DATA_PATH}/nextcloud_db_backup.sql" >> nextcloud.env
echo "NEXTCLOUD_DATA_PATH=${NEXTCLOUD_DATA_PATH}" >> nextcloud.env
echo "NEXTCLOUD_BACKUP_PATH=${NEXTCLOUD_BACKUP_PATH}" >> nextcloud.env
echo "" >> gitea.env
echo "GITEA_SERVER_NAME=${GITEA_SERVER_NAME}" >> gitea.env
echo "GITEA_HTTP_PORT=${GITEA_HTTP_PORT}" >> gitea.env
echo "" >> paperless.env
echo "PAPERLESS_CONSUMPTION_DIR=${PAPERLESS_CONSUMPTION_PATH}" >> paperless.env
echo "PAPERLESS_EXPORT_DIR=${PAPERLESS_EXPORT_PATH}" >> paperless.env
echo "" >> sftp.env
echo "PAPERLESS_CONSUMPTION_DIR=${PAPERLESS_CONSUMPTION_PATH}" >> sftp.env
echo "" >> haproxy.env
echo "NEXTCLOUD_SERVER_NAME=${NEXTCLOUD_SERVER_NAME}" >> haproxy.env
echo "GITEA_SERVER_NAME=${GITEA_SERVER_NAME}" >> haproxy.env
echo "BLOG_1_SERVER_NAME=${BLOG_1_SERVER_NAME}" >> haproxy.env
echo "HAUK_SERVER_NAME=${HAUK_SERVER_NAME}" >> haproxy.env

echo $'\E[33m'
echo "//////////////////////////////////////////////////"
echo "//////////////// CREATING FOLDERS ////////////////"
echo "//////////////////////////////////////////////////"
echo $'\E[1;30m'

# openldap
sudo mkdir -p ${LDAP_DATA_VOLUME_PATH}
sudo mkdir -p ${LDAP_CONFIG_VOLUME_PATH}
sudo mkdir -p ${LDAP_CERTS_VOLUME_PATH}
# db
sudo mkdir -p ${DB_DATA_VOLUME_PATH}
#sudo mkdir -p ${DB_CONFIG_VOLUME_PATH}
# mail
sudo mkdir -p ${MAIL_DATA_VOLUME_PATH}
sudo mkdir -p ${MAIL_DATA_VOLUME_PATH}/getmail
#sudo mkdir -p ${MAIL_STATE_VOLUME_PATH}
# nextcloud
sudo mkdir -p ${NEXTCLOUD_DATA_VOLUME_PATH}
sudo mkdir -p ${NEXTCLOUD_BACKUP_VOLUME_PATH}
# paperless
sudo mkdir -p ${PAPERLESS_DATA_VOLUME_PATH}
sudo mkdir -p ${PAPERLESS_MEDIA_VOLUME_PATH}
sudo mkdir -p ${PAPERLESS_CONSUMPTION_VOLUME_PATH}
sudo mkdir -p ${PAPERLESS_EXPORT_VOLUME_PATH}
# gitea
sudo mkdir -p ${GITEA_DATA_VOLUME_PATH}
# blogs
sudo mkdir -p ${BLOG_1_VOLUME_PATH}
# Pi-Hole
sudo mkdir -p ${PIHOLE_CONFIG_VOLUME_PATH}
sudo mkdir -p ${PIHOLE_DNSMASQ_VOLUME_PATH}
# let's Encrypt
sudo mkdir -p ${LETSENCRYPT_VOLUME_PATH}

echo "Copying getmail confs"
cp images/email/getmail/getmailrc-* ${MAIL_DATA_VOLUME_PATH}/getmail/