#!/bin/bash

# Bock in unserem Code rumzustochern? Schreib doch einfach eine Bewerbung!
# Feel like poking around in our code? Just send us a job application!
# https://nethinks.com/unternehmen/karriere/

script_dir=$(cd "$(dirname "${BASH_SOURCE[0]}")" &>/dev/null && pwd -P)

usage() {
  cat <<EOF
Usage: $(basename "${BASH_SOURCE[0]}") [-h] [-v] -p param_value arg1 [arg2...]

Script description here.

Available options:

-h, --help      Print this help and exit
EOF
  exit
}

setup_colors() {
  if [[ -t 2 ]] && [[ -z "${NO_COLOR-}" ]] && [[ "${TERM-}" != "dumb" ]]; then
    NOFORMAT='\033[0m' RED='\033[0;31m' GREEN='\033[0;32m' ORANGE='\033[0;33m' BLUE='\033[0;34m' PURPLE='\033[0;35m' CYAN='\033[0;36m' YELLOW='\033[1;33m'
  else
    NOFORMAT='' RED='' GREEN='' ORANGE='' BLUE='' PURPLE='' CYAN='' YELLOW=''
  fi
}


msg() {
  echo >&2 -e "${1-}"
}

die() {
  local msg=$1
  local code=${2-1} # default exit status 1
  msg "$msg"
  exit "$code"
}

parse_params() {
  # default values of variables set from params
  flag=0
  param=''

  while :; do
    case "${1-}" in
    -h | --help) usage ;;
    -v | --verbose) set -x ;;
    --no-color) NO_COLOR=1 ;;
    #-f | --flag) flag=1 ;; # example flag
    -n | --name) # Token Name
      token_name="${2-}"
      shift
      ;;
    -t | --token) # API Token
      api_token="${2-}"
      shift
      ;;
    -?*) die "Unknown option: $1" ;;
    *) break ;;
    esac
    shift
  done

  args=("$@")

  # check required params and arguments
  #[[ -z "${param-}" ]] && die "Missing required parameter: param"
  #[[ ${#args[@]} -eq 0 ]] && die "Missing script arguments"

  return 0
}

parse_params "$@"
setup_colors

if ! LATEST_VERSION=$(curl -sf -X GET 'https://install.hein.rich/latest'); then
  die "${RED}Unable to fetch latest version number from install.hein.rich${NOFORMAT}"
fi

read -e -p "Enter version number: " -i "${LATEST_VERSION}" VERSION < /dev/tty

FILENAME="heinrich-${VERSION}.tar.gz"
DOWNLOAD_URL="https://gitlab.nethinks.com/api/v4/projects/4/packages/generic/heinrich/${VERSION}/${FILENAME}"
TARGET_DIR="/opt/heinrich-${VERSION}"
TARGET_FILE="${TARGET_DIR}/${FILENAME}"


if ! grep "Ubuntu" /etc/os-release; then
  die "${ORANGE}This script only supports installations on Ubuntu for now. Sorry!${NOFORMAT}"
fi

if [ -z "$token_name" ]; then
  read -p "Enter the Token Name: " token_name < /dev/tty
fi

if [ -z "$api_token" ]; then
  read -p "Enter the Access Token: " api_token < /dev/tty
fi


if ! curl -sf -X GET -H "Private-Token: ${api_token}" 'https://gitlab.nethinks.com/api/v4/projects/4' >/dev/null; then
  die "${RED}Unable to access repository. Is the access token valid?${NOFORMAT}"
fi


msg "\n${CYAN}Installing script dependencies...${NOFORMAT}"

apt-get -y update
apt-get -y install ca-certificates curl gnupg lsb-release

# reset iptables
update-alternatives --auto iptables 

# set timezone Europe/Berlin
timedatectl set-timezone Europe/Berlin

# Change to heinrich dir after ssh login
echo 'cd $(docker inspect $(docker ps -q -f name=backend) -f '\''{{ index .Config.Labels "com.docker.compose.project.working_dir" }}'\'' 2>/dev/null ) 2>/dev/null' > /root/.bash_aliases

# Set dir Variable
echo 'HEINRICH=$(docker inspect $(docker ps -q -f name=backend) -f '\''{{ index .Config.Labels "com.docker.compose.project.working_dir" }}'\'' 2>/dev/null ) 2>/dev/null' >> /root/.bash_aliases

# Set script aliases
echo 'alias astcmd='\''bash $HEINRICH/scripts/asterisk-console.sh'\'' 2>/dev/null' >> /root/.bash_aliases
echo 'alias astreload='\''bash $HEINRICH/scripts/asterisk-reload.sh'\'' 2>/dev/null' >> /root/.bash_aliases
echo 'alias kamcmd='\''bash $HEINRICH/scripts/kamcmd.sh'\'' 2>/dev/null' >> /root/.bash_aliases
echo 'alias heinrichdown='\''docker -l error compose -f $HEINRICH/docker-compose.yml down'\'' 2>/dev/null' >> /root/.bash_aliases
echo 'alias heinrichup='\''docker -l error compose -f $HEINRICH/docker-compose.yml up -d'\'' 2>/dev/null' >> /root/.bash_aliases
echo 'alias heinrichrestart='\''heinrichdown && heinrichup'\'' 2>/dev/null' >> /root/.bash_aliases

# checkmk Version script
mkdir -p /usr/lib/check_mk_agent/local/
cat << 'EOF' > /usr/lib/check_mk_agent/local/heinrich_version.sh
#!/bin/bash

# URL der Webseite, von der die Version überprüft werden soll
url="https://install.hein.rich/versions"

# Version, die überprüft werden soll
version=$(docker inspect $(docker ps -q -f name=backend) -f '{{ index .Config.Labels "com.docker.compose.project.working_dir" }}' | cut -f2 -d"-" )

# HTTP-Statuscode abrufen und prüfen, ob die Version auf der Webseite vorhanden ist
http_status=$(curl -s -o /dev/null -w "%{http_code}" "$url")

if [ "$http_status" -eq 200 ]; then
    # Webseite ist erreichbar, prüfen, ob die Version vorhanden ist
    if curl -s "$url" | grep -q "$version"; then
        status=$(curl -s "$url" | grep "$version" | cut -f2 -d":")
        if [ "$status" == "'ok'" ]; then
                echo "0 \"heinrich Version\" - Version $version update not necessary"
        elif [ "$status" == "'warning'" ]; then
                echo "1 \"heinrich Version\" - Version $version update recommended"
        fi
    else
        echo "2 \"heinrich Version\" - Version $version update required"
    fi
fi
EOF
chmod +x /usr/lib/check_mk_agent/local/heinrich_version.sh

msg "\n${CYAN}Installing Docker and Docker Compose...${NOFORMAT}"

if ! docker --version >/dev/null; then
  curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /etc/apt/keyrings/docker.gpg
  echo \
    "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/ubuntu \
    $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
  apt-get -y update
  apt-get install -y docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin
else
  msg "Docker is already installed: $(docker --version)"
fi


msg "\n${CYAN}Installing sngrep...${NOFORMAT}"

wget http://packages.irontec.com/public.key -q -O - | sudo gpg --yes --dearmor -o /etc/apt/keyrings/irontec.gpg
echo "deb [signed-by=/etc/apt/keyrings/irontec.gpg] http://packages.irontec.com/ubuntu $(lsb_release -cs) main" > /etc/apt/sources.list.d/irontec.list
apt -y update
apt -y install sngrep


msg "\n${CYAN}Downloading Heinrich...${NOFORMAT}"

if [ -d "${TARGET_DIR}" ]; then
  die "${RED}Directory ${TARGET_DIR} exists already. Please delete or move it if you want to proceed.${NOFORMAT}"
fi

if ! curl --header "Private-Token: ${api_token}" --create-dirs -o "${TARGET_FILE}" "${DOWNLOAD_URL}" >/dev/null; then
  die "${RED}Error downloading archive.${NOFORMAT}"
fi

if ! tar -xzf ${TARGET_FILE} -C "${TARGET_DIR}"; then
  die "${RED}Error unpacking archive.${NOFORMAT}"
fi

msg "\n${CYAN}Writing .env...${NOFORMAT}"
echo "RELEASE=$VERSION" > "${TARGET_DIR}/.env"


msg "\n${CYAN}Logging into Docker and pulling services...${NOFORMAT}"
cd "${TARGET_DIR}"

if ! docker login -u "${token_name}" -p "${api_token}" "https://registry.nethinks.com"; then
  die "${RED}Error logging into Docker.${NOFORMAT}"
fi

if ! docker compose pull; then
  die "${RED}Error pulling Docker images.${NOFORMAT}"
fi

docker logout "https://registry.nethinks.com"

# generate self signed cert
openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout ${TARGET_DIR}/certs/key.pem -out ${TARGET_DIR}/certs/cert.pem -subj "/C=DE/ST=Hessen/L=Fulda/O=NETHINKS GmbH/OU=VoIP/CN=heinrich/emailAddress=voip@nethinks.com" >/dev/null 2>&1



msg "\n${GREEN}Installation completed successfully.${NOFORMAT}"