#!/bin/bash

MY_PATH="`dirname \"$0\"`"              # relative
MY_PATH="`( cd \"$MY_PATH\" && pwd )`"  # absolutized and normalized

[[ -f $MY_PATH/../.profile ]] && source $MY_PATH/../.profile
unset err
pwdDB=$(cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 42 | head -n 1)

args=$@
[[ $args =~ noask ]] && noask=o && askSSL=o

[[ ! $PSMS_DOMAIN ]] && echo -e "${c_yellow}Choisissez un nom de domain pour playsms: $c_" && read PSMS_DOMAIN

## Install PHP + MySQL
$MY_PATH/1-install_requirements.sh php

## Create database

if [[ ! $(sudo mysql -e "show databases;" | grep gammu) ]]; then
	sudo mysql -e "CREATE DATABASE gammu"
	sudo mysql -e "CREATE USER 'gammu'@'localhost' IDENTIFIED BY '$pwdDB';"
	sudo mysql -e "GRANT ALL PRIVILEGES ON playsms.* TO 'gammu'@'localhost';"
	sudo mysql -e "FLUSH PRIVILEGES;"
else
	sudo mysql -e "ALTER USER 'gammu'@'localhost' IDENTIFIED BY '$pwdDB';"
fi

## Clone repo playSMS
[[ -d $MY_PATH/playsms ]] && sudo rm -rf $MY_PATH/playsms
git clone https://github.com/antonraharja/playSMS.git $MY_PATH/playsms

cp $MY_PATH/templates/install-playsms.conf $MY_PATH/playsms/install.conf
sed -i "s/_pwdDB/$pwdDB/g" $MY_PATH/playsms/install.conf

[[ -d /var/www/playsms ]] && sudo rm -rf /var/www/playsms
sudo chmod u+x $MY_PATH/playsms/install-playsms.sh
cd $MY_PATH/playsms
sed -i "s/read /confirm=y; #read /g" install-playsms.sh
sudo ./install-playsms.sh
sudo sed -i "/ishttps/d" /var/www/playsms/config.php
sudo sed -i "/http or https*/a \$core_config['ishttps']		= true;" /var/www/playsms/config.php
[[ -d $MY_PATH/playsms ]] && sudo rm -rf $MY_PATH/playsms
cd $MY_PATH

## Start playsmsd on boot
sudo /usr/local/bin/playsmsd start

if [[ -f /etc/rc.local ]]; then
	[[ ! $(grep playsmsd /etc/rc.local) ]] && sudo sed -i '/^exit 0.*/i /usr/local/bin/playsmsd start' /etc/rc.local
else
	echo "/usr/local/bin/playsmsd start" | sudo tee /etc/rc.local
fi

## Tests
if [[ $(sudo playsmsd status) =~ "is running" ]]; then
	echo -e "${c_green}playSMS a été installé correctement et le daemon est démarré =)$c_"
else
	echo -e "${c_red}Une erreur est survenu$c_"
	err=1
fi

## Config NGINX

[[ ! -d /etc/nginx/def_conf ]] && sudo mkdir /etc/nginx/def_conf/
sudo cp $MY_PATH/templates/proxypass.conf /etc/nginx/def_conf/
sudo cp $MY_PATH/templates/playsms.conf /etc/nginx/conf.d/
sudo sed -i "s/_PSMS_DOMAIN/$PSMS_DOMAIN/" /etc/nginx/conf.d/playsms.conf

## Active SSL

manageSSL() {

	local action=$1
	[[ ! $action =~ ^(on|off|certif)$ ]] && echo "Veuillez choisir ssl, nonssl ou certif pour créer un certificat ssl" && exit 1

        install_certbot(){
		sudo apt update
		if [[ $(grep -E 'stretch|buster' /etc/os-release) ]]; then
                	sudo apt install certbot python-certbot-nginx  -y
		elif [[ $(grep -E '16.|17.|18.|19.' /etc/os-release) ]]; then
			sudo apt install software-properties-common
			sudo add-apt-repository universe
			sudo add-apt-repository ppa:certbot/certbot
			sudo apt update
			sudo apt install certbot python-certbot-nginx
		else
			echo "OS non supporté pour certbot." && exit 1
		fi
        }

        create_certificate() {
		sudo certbot --nginx certonly --non-interactive --agree-tos -m $USER@$PSMS_DOMAIN -d $PSMS_DOMAIN && echo "Le certificat de $PSMS_DOMAIN a bien été déployé" || echo "Une erreur s'est produite lors de la création du certificat SSL"

                ## Cronification
                [[ ! -e /opt/scripts ]] && sudo mkdir /opt/scripts
                sudo cp $MY_PATH/templates/ssl_renew.sh /opt/scripts/
                [[ -z $(sudo crontab -l | grep "/opt/scripts/ssl_renew.sh") ]] && (sudo crontab -l ; sudo echo "12 2 * * 1 /opt/scripts/ssl_renew.sh") | sudo crontab -u root -
        }


	case $action in
	on)
		sudo sed -i 's/ #if/ if/' /etc/nginx/conf.d/playsms.conf

		sudo sed -i "s/listen 443;/listen 443 ssl;/" /etc/nginx/conf.d/playsms.conf
		[[ ! -d /etc/nginx/includes ]] && sudo mkdir /etc/nginx/includes
		sudo cp $MY_PATH/templates/ssl.conf /etc/nginx/includes/
		sudo sed -i "/Content-Security-Policy/a \   include includes/ssl.conf;\n   ssl_certificate /etc/letsencrypt/live/$PSMS_DOMAIN/fullchain.pem;\n   ssl_certificate_key /etc/letsencrypt/live/$PSMS_DOMAIN/privkey.pem;" /etc/nginx/conf.d/playsms.conf
	;;

	off)
		sudo sed -i 's/ if/ #if/' /etc/nginx/conf.d/playsms.conf
		sudo sed -i '/ssl.conf;/d' /etc/nginx/conf.d/playsms.conf
		sudo sed -i '/ssl_certificate/d' /etc/nginx/conf.d/playsms.conf
	;;
        certif)
                [[ -z $(which certbot) ]] && install_certbot
                [[ -n /etc/letsencrypt/live/$PSMS_DOMAIN/fullchain.pem ]] && create_certificate
        ;;

	esac
}

echo -e "${c_yellow}playSMS ne fonctionne pas sans certifcat SSL.$c_"
[[ ! $noask ]] && printf "${c_yellow}Voulez-vous installer et activer un certificat SSL maintenant pour $PSMS_DOMAIN ? (o/n) $c_" && read askSSL
if [[ $askSSL =~ ^(o|y|yes|oui|Y|O|YES)$ ]]; then
	manageSSL certif
	if sudo test -f /etc/letsencrypt/live/$PSMS_DOMAIN/fullchain.pem; then manageSSL on; else manageSSL off && echo "Une erreur s'est produite, basculement vers le mode non SSL"; fi
	http=https
else
	manageSSL off
	http=http
fi

sudo service nginx restart

[[ ! $err ]] && echo -e "${c_green}Félicitation ! playSMS est accessible via l'URL $http://$PSMS_DOMAIN" || echo -e "${c_red}Installation incomplète$c_"

exit 0