#!/bin/sh
#
# 2017 ungleich GmbH (cdist at ungleich.ch)
# 2018 ungleich glarus ag (cdist at ungleich.ch)
#
# This file is part of cdist.
#
# cdist is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# cdist is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with cdist. If not, see <http://www.gnu.org/licenses/>.
#

os=$(cat "$__global/explorer/os")
case "$os" in
    debian|devuan)
        :
        ;;
    *)
        echo "OS $os is currently not supported." >&2
        exit 1
        ;;
esac

os_version=$(cat "$__global/explorer/os_version")
case "$os_version" in
    9*|ascii|ascii/ceres)
        php_version=7.0
        ;;
    10*)
        php_version=7.3
        ;;
    *)
        echo "Unsupported version $os_version of $os." >&2
        exit 1
    ;;
esac

db_pass=$(cat "$__object/parameter/db-pass")
nameserver fd00::2e3a:fdff:fef6:130e
db_user=$(cat "$__object/parameter/db-user")
db_name=$(cat "$__object/parameter/db-name")
domain=$(cat "$__object/parameter/domain")

tmpdir="$__object/files"
mkdir "$tmpdir"

for package in php-gd php-json php-pgsql php-curl \
			          php-intl php-imagick \
                      php-zip php-apcu php-mbstring php-xml php-fpm; do
    __package $package
done

__package postgresql --state=present
#require="__apt_update_index" __package curl --state=present

# Configure packages
## PHP 7
sed "s/VERSION/$php_version/" "$__type/files/fpm.conf" > "$tmpdir/fpm"
require="__package/php-fpm" __file /etc/php/${php_version}/fpm/pool.d/www.conf \
    --owner root --group root --mode 644 --source "$tmpdir/fpm"


## Nginx
### HTTP only server to allow access
__ungleich_http_server_ssl_redirect_letsencrypt --webroot /var/www/html/ "$domain"

### Get the certificates
require="__ungleich_http_server_ssl_redirect_letsencrypt/$domain" \
       __letsencrypt_cert --admin-email sre@ungleich.ch \
       --webroot /var/www/html/ \
       --renew-hook "service nginx reload" \
       --domain "$domain" --automatic-renewal \
       "$domain"

### The SSL configuration
sed "s/DOMAIN/$domain/" "$__type/files/nextcloud.nginx" > "$tmpdir/nginx"
sed -i "s/VERSION/$php_version/" "$tmpdir/nginx"
require="__letsencrypt_cert/$domain __package/nginx" __file /etc/nginx/sites-enabled/nextcloud \
       --owner www-data \
       --group www-data \
       --mode 755 \
       --source "$tmpdir/nginx"


## Postgres
require="__package/postgresql" __postgres_role "${db_user}" --password "${db_pass}" \
                                                            --login --createdb

require="__package/postgresql __postgres_role/${db_user}" __postgres_database "${db_name}"\
                                                          --owner "${db_user}" --state present


# Start on boot
require="__package/postgresql" __start_on_boot postgresql
require="__package/nginx" __start_on_boot nginx
require="__package/php-fpm" __start_on_boot php${php_version}-fpm