#!/bin/bash

driglibash_run_retry=true
. driglibash-base
set -euo pipefail

###############################################################################
#                       Variables
###############################################################################

proxy_dir="/etc/nginx"
nginx_conf_path="$proxy_dir/sites-enabled"
new_nginx_conf_path="$proxy_dir/new-sites-enabled"

certs_path="/etc/letsencrypt/live"
dummy_cert_path="$certs_path/dummy"

###############################################################################
#                       Helpers
###############################################################################

# Returns the public IP4 address of a domain name
function ipof {
	resolv.sh "$1"
}

# Path to this directory
here="$(where 'follow_links')"

# Ip4 address
my_ip="$(ipof "$(cat /etc/hostname)")"
[ -z "$my_ip" ] && yell "Unable to find my IP" && exit 1


###############################################################################
#                       Nginx preparation
###############################################################################

driglibash_section_prefix="[Prepare nginx] "
section "Delete new conf directory (to recover)"
run rm -rf "$new_nginx_conf_path"

section "Create new conf file (for tests purposes)"
sed "s#$nginx_conf_path#$new_nginx_conf_path#" "/docker/_proxy/nginx.conf" > "$proxy_dir/new_nginx.conf"

section "Create proxy dir"
run mkdir -p "$proxy_dir" /docker /data
run chown root:root /docker
run chown root:root /data
run chmod 755 /docker
run chmod 755 /data

section "Check dummy cert exists "
#TODO check if expired
if [ ! -f "$dummy_cert_path/privkey.pem" ] ; then
    echo "Dummy cert generation"
    run mkdir -p "$dummy_cert_path"
    run openssl req -x509 -newkey rsa:2048 -keyout /etc/letsencrypt/live/dummy/privkey.pem -out /etc/letsencrypt/live/dummy/fullchain.pem -days 365 -nodes -subj "/C=FR/ST=France/O=IT/CN=jean-cloud.net"
fi

section "Create new conf directory"
run mkdir -p "$new_nginx_conf_path"

###############################################################################
#                       Deploy services
###############################################################################

for dir in /docker/* ; do
    service="$(basename "$dir")"

    # Ignore _ prefixed directories
    [ "${service::1}" == '_' ] && continue

    docker_service="$(echo "$service" | tr '.' '_')"
    driglibash_section_prefix="[$service] "
    cd "/docker/$service"

    # Is service meant to be on this server?
    ip="$(ipof "$service")"
    [ -z "$ip" ] && yell "No IP found for $service" && continue

    if [ "$ip" != "$my_ip" ] ; then
        if [ -n "$(docker ps | grep "$docker_service")" ] ; then
    	    section "--------------------"
            section "Removing service"
            docker-compose down --rmi all --remove-orphans
        fi
        continue
    fi

    # If there is a docker-compose file and it has services in it
    if [ -f "/docker/$service/docker-compose.yml" ] && [ -n "$(grep  '^[^#]*services' "/docker/$service/docker-compose.yml")" ] ; then
    	section "-------------------- $service"
        section "Logging to registry"
        # XXX Login to docker registry

        section "Pulling images"
        run docker-compose pull

        section "Starting service"
        run docker-compose up -d --remove-orphans
    fi

    # If there is a nginx conf file
    if [ -f "/docker/$service/nginx_server.conf" ] ; then
        section "Copy nginx conf"
        run cp "/docker/$service/nginx_server.conf" "$new_nginx_conf_path/$service"

        if [ -f "/docker/$service/.env" ] ; then
            section "Template nginx conf with vars from '.env' file"
			run template.sh "/docker/$service/.env" < "/docker/$service/nginx_server.conf" > "$new_nginx_conf_path/$service"
        fi
    fi

    # Do we need dummy cert?
    if [ ! -e "$certs_path/$service/fullchain.pem" ] ; then
        section "Create cert dir"
        run mkdir -p "$certs_path/$service"

        section "Link dummy to cert"
        run ln -s "$dummy_cert_path/fullchain.pem" "$certs_path/$service"
        run ln -s "$dummy_cert_path/privkey.pem" "$certs_path/$service"
    fi

    section "Testing nginx conf"
    run nginx -t -c /etc/nginx/new_nginx.conf

done

###############################################################################
#                       Nginx restart
###############################################################################

driglibash_section_prefix="[Restart nginx] "

section "Test if nginx conf is ok"
run nginx -t -c "$proxy_dir/new_nginx.conf"

section "Update nginx conf"
run rm -rf "$nginx_conf_path"
run mv "$new_nginx_conf_path" "$nginx_conf_path"
run cp "/docker/_proxy/nginx.conf" "$proxy_dir/nginx.conf"

section "Test nginx conf to be sure"
run nginx -t

if [ -z "$(cat /var/run/nginx.pid)" ] ; then
    section "Start nginx"
    run nginx
else
    section "Reload nginx"
    run nginx -s reload
fi

clean