#!/bin/sh
# Installation wrapper to create Weblate instance on Hetzner cloud

set -e

if [ ! -f .venv/bin/activate ]; then
    echo "Missing virtual environment!"
    exit 2
fi

if [ -z "$1" ] || [ "$1" = "--help" ]; then
    echo "Usage: install-remote HOSTNAME [VERSION]"
    exit 1
fi

SERVER_NAME="$1"

# Set path to include script directory
PATH="$(dirname "$(readlink -f "$0")"):$PATH"
export PATH

BOOTSTRAP=$(mktemp --tmpdir weblate-bootstrap.XXXXXXXXXX)
TMPFILE=$(mktemp --tmpdir weblate-log.XXXXXXXXXX)

# Gather basic configuration
bootstrap "$BOOTSTRAP" "$2"
cat >> "$BOOTSTRAP" << EOT
WEBLATE_PASSWORD="$(apg -a 0 -M sncl -n 1 -x 10 -m 20)"
EOT

# shellcheck disable=SC1090
. "$BOOTSTRAP"
# shellcheck disable=SC1090,SC1091
. .venv/bin/activate
pip install -r requirements.txt

# Create server
# Type: cx22 / cax11 / cax21
# Location: nbg1 / fsn1 / hel1
# image is debian-12 for arm64
#
# debian-12 arm64: 114690389
# debian-12 amd64: 114690387
hcloud server create \
    --image 114690389 \
    --location fsn1 \
    --name "$SERVER_NAME" \
    --network 19990 \
    --firewall 13110 \
    --ssh-key 1056953 \
    --ssh-key 1494306 \
    --type cax11 | tee "$TMPFILE"

IPADDRESS=$(sed -n 's/IPv4: \(.*\)/\1/p' "$TMPFILE")
IP6ADDRESS=$(sed -n 's/IPv6: \(.*\)/\1/p' "$TMPFILE")

hcloud server set-rdns --ip "$IPADDRESS" --hostname "$WEBLATE_DOMAIN" "$SERVER_NAME"
hcloud server set-rdns --ip "$IP6ADDRESS" --hostname "$WEBLATE_DOMAIN" "$SERVER_NAME"
./dns-edit "$IPADDRESS" "$IP6ADDRESS" "$WEBLATE_CLOUD_DOMAIN"

ssh-keygen -f ~/.ssh/known_hosts -R "$IPADDRESS"

echo "Created server with address $IPADDRESS, please ensure $WEBLATE_DOMAIN points to that"
# shellcheck disable=SC2034
read -r dummy

s() {
    # shellcheck disable=SC2029
    ssh "root@$IPADDRESS" "$@"
}

# Configure mail sending
#echo "$WEBLATE_DOMAIN:$(openssl passwd -6 -salt "$(openssl rand -hex 6)" "$EXIM_PASS"):666:0:99999:7::" | ssh root@mail tee --append /etc/exim4/passwd

# Install the system
scp "$BOOTSTRAP" "root@$IPADDRESS:/etc/weblate-bootstrap"
s apt update
s apt install -y git
s git clone https://github.com/WeblateOrg/scripts.git
s ./scripts/configure-system
s ./scripts/install-exim
s ./scripts/install-docker
s ./scripts/install-weblate-docker
#s ./scripts/install-posgtresql
#s ./scripts/install-weblate
s ./scripts/upgrade-nginx-ssl
s ./scripts/install-munin
s ./scripts/install-graylog

# Print list of things to do
echo "TODO:"
echo " * Store password: $WEBLATE_PASSWORD"
echo " * Add $IPADDRESS to SSH configuration"
# AMD uses ens10
echo " * Add host to munin: $(s ip -f inet address show enp7s0 | sed -En -e 's/.*inet ([0-9.]+).*/\1/p')"
echo " * Link with purchased service"
echo " * Activate and verify backups"
echo " * Verify SMTP is working"
echo " * Add service to monitoring"

rm -f "$BOOTSTRAP" "$TMPFILE"