#!/bin/bash

MY_PATH="`dirname \"$0\"`"              # relative
MY_PATH="`( cd \"$MY_PATH\" && pwd )`"  # absolutized and normalized

unset err

echo -e "${c_yellow}Choisissez un nom de domain pour playsms: $c_"
read PSMS_DOMAIN

sudo apt -y update
sudo apt -y install nginx php7.3-fpm php7.3-gd php7.3-mysql php7.3-curl php7.3-imap php7.3-mbstring php7.3-xml php7.3-cli mariadb-server

## Create database

if [[ ! $(sudo mysql -e "show databases;" | grep playsms) ]]; then
	sudo mysql -e "CREATE DATABASE playsms"
	sudo mysql -e "CREATE USER 'playsms'@'localhost' IDENTIFIED BY 'playsms@mdp+';"
	sudo mysql -e "GRANT ALL PRIVILEGES ON playsms.* TO 'playsms'@'localhost';"
	sudo mysql -e "FLUSH PRIVILEGES;"
fi

## Clone repo playSMS
git clone https://github.com/antonraharja/playSMS.git $MY_PATH/playsms

cp $MY_PATH/templates/install-playsms.conf $MY_PATH/playsms/install.conf
pwdDB=$(cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 42 | head -n 1)
sed -i "s/_pwdDB/$pwdDB/g" $MY_PATH/playsms/install.conf

sudo chmod u+x $MY_PATH/playsms/install-playsms.sh
cd $MY_PATH/playsms
sudo ./install-playsms.sh
cd $MY_PATH
sudo rm -rf playsms


## Start playsmsd on boot
sudo /usr/local/bin/playsmsd start
[[ ! $(grep playsmsd /etc/rc.local) ]] && sudo sed -i '/^exit 0.*/i /usr/local/bin/playsmsd start' /etc/rc.local

## Tests
if [[ $(sudo playsmsd status) =~ "is running" ]]; then
	echo -e "${c_green}playSMS a été installé correctement et le daemon est démarré =)$c_"
else
	echo -e "${c_red}Une erreur est survenu$c_"
	err=1
fi

## Config NGINX

[[ ! -d /etc/nginx/def_conf ]] && sudo mkdir /etc/nginx/def_conf/
sudo cp $MY_PATH/templates/proxypass.conf /etc/nginx/def_conf/
sudo cp $MY_PATH/templates/playsms.conf /etc/nginx/conf.d/
sudo sed -i "s/_PSMS_DOMAIN/$PSMS_DOMAIN/" /etc/nginx/conf.d/playsms.conf

## Active SSL

manageSSL() {

	local action=$1
	[[ ! $action =~ ^(on|off|certif)$ ]] && echo "Veuillez choisir ssl, nonssl ou certif pour créer un certificat ssl" && exit 1

        install_certbot(){
		if [[ $(grep buster /etc/os-release) ]]; then
                	[[ -z $(cat /etc/apt/sources.list | grep "buster-backports main") ]] && echo "deb http://deb.debian.org/debian buster-backports main" >> /etc/apt/sources.list
                	sudo apt update
                	sudo apt install certbot python-certbot-nginx -t buster-backports -y
		elif [[ $(grep stretch /etc/os-release) ]]; then
			sudo apt update
			sudo apt install certbot python-certbot-nginx -y
		fi
        }

        create_certificate() {
		sudo certbot --nginx certonly --non-interactive --agree-tos -m $USER@$PSMS_DOMAIN -d $PSMS_DOMAIN && echo "Le certificat de $PSMS_DOMAIN a bien été déployé" || echo "Une erreur s'est produite lors de la création du certificat SSL"

                ## Cronification
                [[ ! -e /opt/scripts ]] && sudo mkdir /opt/scripts
                sudo cp $MY_PATH/templates/ssl_renew.sh /opt/scripts/
                [[ -z $(sudo crontab -l | grep "/opt/scripts/ssl_renew.sh") ]] && (sudo crontab -l ; sudo echo "12 2 * * 1 /opt/scripts/ssl_renew.sh") | sudo crontab -u root -
        }


	case $action in
	on)
		sudo sed -i 's/ #if/ if/' /etc/nginx/conf.d/playsms.conf

		sudo sed -i "s/listen 443;/listen 443 ssl;/" /etc/nginx/conf.d/playsms.conf
		[[ ! -d /etc/nginx/includes ]] && sudo mkdir /etc/nginx/includes
		sudo cp $MY_PATH/templates/ssl.conf /etc/nginx/includes/
		sudo sed -i "/Content-Security-Policy/a \   include includes/ssl.conf;\n   ssl_certificate /etc/letsencrypt/live/$PSMS_DOMAIN/fullchain.pem;\n   ssl_certificate_key /etc/letsencrypt/live/$PSMS_DOMAIN/privkey.pem;" /etc/nginx/conf.d/playsms.conf
	;;

	off)
		sudo sed -i 's/ if/ #if/' /etc/nginx/conf.d/playsms.conf
		sudo sed -i '/ssl.conf;/d' /etc/nginx/conf.d/playsms.conf
		sudo sed -i '/ssl_certificate/d' /etc/nginx/conf.d/playsms.conf
	;;
        certif)
                [[ -z $(which certbot) ]] && install_certbot
                [[ -n /etc/letsencrypt/live/$PSMS_DOMAIN/fullchain.pem ]] && create_certificate
        ;;

	esac
}

echo -e "${c_yellow}playSMS ne fonctionne pas sans certifcat SSL.$c_"
printf "${c_yellow}Voulez activer installer un certificat SSL maintenant pour $PSMS_DOMAIN ? (o/n) $c_"
read askSSL
if [[ $askSSL =~ ^(o|y|yes|oui|Y|O|YES)$ ]]; then
	manageSSL certif
	if sudo test -f /etc/letsencrypt/live/$PSMS_DOMAIN/fullchain.pem; then manageSSL on; else manageSSL off && echo "Une erreur s'est produite, basculement vers le mode non SSL"; fi
	http=https
else
	manageSSL off
	http=http
fi

sudo service nginx restart

[[ ! $err ]] && echo -e "${c_green}Félicitation ! playSMS est accessible via l'URL $http://$PSMS_DOMAIN" || echo -e "${c_red}Installation incomplète$c_"

exit 0