#!/bin/bash
#<pre><code>

# What does this do.. and why?
# (and why is it so complicated?)
#
# What this does
#
#   1. Sets some vars and asks some questions
#   2. Installs everything into a single place
#      (inculding deps like node.js, with the correct version)
#   3. Depending on OS, creates a user for the service
#   4. Depending on OS, register with system launcher
#
# Why
#
#   So that you can get a fully configured, running product,
#   with zero manual configuration in a matter of seconds -
#   and have an uninstall that's just as easy.
#
# Why so complicated?
#
#  To support nuance differences between various versions of
#  Linux, macOS, and Android, including whether it's being
#  installed with user privileges, as root, wit a system user
#  system daemon launcher, etc. Also, this is designed to be
#  reusable with many apps and services, so it's very variabled...

set -e
set -u

### http_bash exported by get.sh

my_email=${1:-}
my_relay=${2:-}
my_servernames=${3:-}
my_secret=${4:-}
my_user="telebit"
my_app_pkg_name="cloud.telebit.remote"
my_app="telebit"
my_bin="telebit.js"
my_name="Telebit Remote"
my_repo="telebit.js"
my_root=${my_root:-} # todo better install script
sudo_cmd="sudo"
sudo_cmde="sudo "
exec 3<>/dev/tty
read_cmd="read -u 3"
# TODO detect if rsync is available and use rsync -a (more portable)
rsync_cmd="cp -pPR"

set +e
my_edit=$(basename "${EDITOR:-}")
if [ -z "$my_edit" ]; then
  my_edit=$(basename "$(type -p edit)")
fi
if [ -z "$my_edit" ]; then
  my_edit=$(basename "$(type -p nano)")
fi
if [ -z "$my_edit" ]; then
  my_edit=$(basename "$(type -p vim)")
fi
if [ -z "$my_edit" ]; then
  my_edit=$(basename "$(type -p vi)")
fi
if [ -z "$my_edit" ]; then
  my_edit="nano"
fi
set -e

if [ "root" == $(whoami) ] || [ 0 == $(id -u) ]; then
  sudo_cmd=" "
  sudo_cmde=""
fi

if [ -z "${my_email}" ]; then
  echo ""
  echo ""
  echo "Telebit uses Greenlock for free automated ssl through Let's Encrypt."
  echo ""
  echo "To accept the Terms of Service for Telebit, Greenlock and Let's Encrypt,"
  echo "please enter your email."
  echo ""
  $read_cmd -p "email: " my_email
  echo ""
  # UX - just want a smooth transition
  sleep 0.25
fi

if [ -z "${my_relay}" ]; then
  echo "What relay will you be using? (press enter for default)"
  echo ""
  $read_cmd -p "relay [default: telebit.cloud]: " my_relay
  echo ""
  my_relay=${my_relay:-telebit.cloud}
  # UX - just want a smooth transition
  sleep 0.25
fi

if [ -n "$my_relay" ] && [ "$my_relay" != "telebit.cloud" ]; then
  if [ -z "${my_servernames}" ]; then
    #echo "What servername(s) will you be relaying here? (press enter for default)"
    echo "What servername(s) will you be relaying here?"
    echo ""
    #$read_cmd -p "domain [default: <random>.telebit.cloud]: " my_servernames
    $read_cmd -p "domain: " my_servernames
    echo ""
    # UX - just want a smooth transition
    sleep 0.25
  fi

  if [ -z "${my_secret}" ]; then
    #echo "What's your authorization for the relay server? (press enter for default)"
    echo "What's your authorization for the relay server?"
    echo ""
    #$read_cmd -p "auth [default: new account]: " my_secret
    $read_cmd -p "secret: " my_secret
    echo ""
    # UX - just want a smooth transition
    sleep 0.25
  fi
fi

echo ""

if [ -z "${TELEBIT_PATH:-}" ]; then
  echo 'TELEBIT_PATH="'${TELEBIT_PATH:-}'"'
  TELEBIT_PATH=/opt/$my_app
fi

echo "Installing $my_name to '$TELEBIT_PATH'"
# v10.2+ has much needed networking fixes, but breaks ursa. v9.x has severe networking bugs. v8.x has working ursa, but requires tls workarounds"
NODEJS_VER="${NODEJS_VER:-v10}"
export NODEJS_VER
export NODE_PATH="$TELEBIT_PATH/lib/node_modules"
export NPM_CONFIG_PREFIX="$TELEBIT_PATH"
export PATH="$TELEBIT_PATH/bin:$PATH"
sleep 0.25
echo "(your password may be required to complete installation)"

echo "  - installing node.js runtime..."
http_bash https://git.coolaj86.com/coolaj86/node-installer.sh/raw/branch/master/install.sh --no-dev-deps >/dev/null 2>/dev/null

my_tree="telebit" # my_branch
my_node="$TELEBIT_PATH/bin/node"
my_npm="$my_node $TELEBIT_PATH/bin/npm"
my_tmp="$(mktemp -d)"
mkdir -p $my_tmp

echo "${sudo_cmde}mkdir -p '$TELEBIT_PATH'"
$sudo_cmd mkdir -p "$TELEBIT_PATH"
$sudo_cmd mkdir -p "$TELEBIT_PATH/etc"
$sudo_cmd mkdir -p "$TELEBIT_PATH/var/log"
$sudo_cmd chown -R $(id -u -n):$(id -g -n) "$TELEBIT_PATH"
#echo "${sudo_cmde}mkdir -p '/etc/$my_app/'"
#$sudo_cmd mkdir -p "/etc/$my_app/"
#$sudo_cmd chown $(id -u -n):$(id -g -n) "/etc/$my_app/"

#https://git.coolaj86.com/coolaj86/telebit.js.git
#https://git.coolaj86.com/coolaj86/telebit.js/archive/:tree:.tar.gz
#https://git.coolaj86.com/coolaj86/telebit.js/archive/:tree:.zip
set +e
my_unzip=$(type -p unzip)
my_tar=$(type -p tar)
if [ -n "$my_unzip" ]; then
  rm -f $my_tmp/$my_app-$my_tree.zip
  echo "  - installing telebit zip..."
  http_get https://git.coolaj86.com/coolaj86/$my_repo/archive/$my_tree.zip $my_tmp/$my_app-$my_tree.zip
  # -o means overwrite, and there is no option to strip
  $my_unzip -o $my_tmp/$my_app-$my_tree.zip -d $TELEBIT_PATH/ > /dev/null 2>&1
  $rsync_cmd  $TELEBIT_PATH/$my_repo/* $TELEBIT_PATH/ > /dev/null
  rm -rf $TELEBIT_PATH/$my_bin
elif [ -n "$my_tar" ]; then
  rm -f $my_tmp/$my_app-$my_tree.tar.gz
  echo "  - installing telebit tar.gz..."
  http_get https://git.coolaj86.com/coolaj86/$my_repo/archive/$my_tree.tar.gz $my_tmp/$my_app-$my_tree.tar.gz
  ls -lah $my_tmp/$my_app-$my_tree.tar.gz
  $my_tar -xzf $my_tmp/$my_app-$my_tree.tar.gz --strip 1 -C $TELEBIT_PATH/
else
  echo "Neither tar nor unzip found. Abort."
  exit 13
fi
set -e

pushd $TELEBIT_PATH >/dev/null
  echo "  - installing telebit npm dependencies..."
  $my_npm install >/dev/null 2>/dev/null
popd >/dev/null

echo "  - configuring telebit..."

cat << EOF > $TELEBIT_PATH/bin/$my_app
#!/bin/bash
$my_node $TELEBIT_PATH/bin/$my_bin
EOF
chmod a+x $TELEBIT_PATH/bin/$my_app

# Create uninstall script based on the install script variables
cat << EOF > $TELEBIT_PATH/bin/${my_app}_uninstall
#!/bin/bash
if [ "$(type -p launchctl)" ]; then
  sudo launchctl unload -w /Library/LaunchDaemons/${my_app_pkg_name}.plist
  sudo rm -rf /Library/LaunchDaemons/cloud.telebit.remote.plist
fi
if [ "$(type -p systemctl)" ]; then
  sudo systemctl disable telebit; sudo systemctl stop telebit
  sudo rm -rf /etc/systemd/system/$my_app.service
fi
sudo rm -rf $TELEBIT_PATH /usr/local/bin/$my_app
rm -rf ~/.config/$my_app ~/.local/share/$my_app
EOF
chmod a+x $TELEBIT_PATH/bin/${my_app}_uninstall

echo "${sudo_cmde}ln -sf $TELEBIT_PATH/bin/$my_app /usr/local/bin/$my_app"
$sudo_cmd ln -sf $TELEBIT_PATH/bin/$my_app /usr/local/bin/$my_app

set +e
if type -p setcap >/dev/null 2>&1; then
  #echo "Setting permissions to allow $my_app to run on port 80 and port 443 without sudo or root"
  echo "${sudo_cmde}setcap cap_net_bind_service=+ep $TELEBIT_PATH/bin/node"
  $sudo_cmd setcap cap_net_bind_service=+ep $TELEBIT_PATH/bin/node
fi
set -e

set +e
# TODO for macOS https://apple.stackexchange.com/questions/286749/how-to-add-a-user-from-the-command-line-in-macos
if type -p adduser >/dev/null 2>/dev/null; then
  if [ -z "$(cat $my_root/etc/passwd | grep $my_user)" ]; then
    $sudo_cmd adduser --home $TELEBIT_PATH --gecos '' --disabled-password $my_user >/dev/null 2>&1
  fi
  #my_user=$my_app_name
  my_group=$my_user
elif [ -n "$(cat /etc/passwd | grep www-data:)" ]; then
  # Linux (Ubuntu)
  my_user=www-data
  my_group=www-data
elif [ -n "$(cat /etc/passwd | grep _www:)" ]; then
  # Mac
  my_user=_www
  my_group=_www
else
  # Unsure
  my_user=$(id -u -n) # $(whoami)
  my_group=$(id -g -n)
fi
set -e

# TODO don't create this in TMP_PATH if it exists in TELEBIT_PATH
my_config="$TELEBIT_PATH/etc/$my_app.yml"
mkdir -p "$(dirname $my_config)"
if [ ! -e "$my_config" ]; then

  #$rsync_cmd examples/$my_app.yml "$my_config"

  if [ -n "$my_email" ]; then
    echo "email: $my_email" >> "$my_config"
    echo "agree_tos: true" >> "$my_config"
  else
    echo "#email: jon@example.com # used for Automated HTTPS and Telebit.Cloud registrations" >> "$my_config"
    echo "#agree_tos: true # must be enabled to use Automated HTTPS and Telebit.Cloud" >> "$my_config"
  fi

  if [ -n "$my_relay" ]; then
    echo "relay: $my_relay" >> "$my_config"

    if [ -n "$my_secret" ]; then
      echo "secret: $my_secret" >> "$my_config"
    fi
    if [ -n "$my_servernames" ]; then
      # TODO could use printf or echo -e,
      # just not sure how portable they are
      echo "servernames:" >> "$my_config"
      echo "  $my_servernames: {}" >> "$my_config"
    fi
  else
    echo "relay: telebit.cloud # the relay server to use" >> "$my_config"
  fi
  #echo "dynamic_ports:\n  []" >> "$my_config"
  cat $TELEBIT_PATH/usr/share/$my_app.tpl.yml >> "$my_config"

fi

#my_config_link="/etc/$my_app/$my_app.yml"
#if [ ! -e "$my_config_link" ]; then
#  echo "${sudo_cmde}ln -sf '$my_config' '$my_config_link'"
#  #$sudo_cmd mkdir -p /etc/$my_app
#  $sudo_cmd ln -sf "$my_config" "$my_config_link"
#fi

my_config="$HOME/.config/$my_app/$my_app.yml"
mkdir -p "$(dirname $my_config)"
if [ ! -e "$my_config" ]; then

  echo "cli: true" >> "$my_config"

  if [ -n "$my_email" ]; then
    echo "email: $my_email" >> "$my_config"
    echo "agree_tos: true" >> "$my_config"
  else
    echo "#email: jon@example.com # used for Automated HTTPS and Telebit.Cloud registrations" >> "$my_config"
    echo "#agree_tos: true # must be enabled to use Automated HTTPS and Telebit.Cloud" >> "$my_config"
  fi

  if [ -n "$my_relay" ]; then
    echo "relay: $my_relay" >> "$my_config"

    if [ -n "$my_secret" ]; then
      echo "secret: $my_secret" >> "$my_config"
    fi
  else
    echo "relay: telebit.cloud # the relay server to use" >> "$my_config"
  fi

  cat $TELEBIT_PATH/usr/share/$my_app.tpl.yml >> "$my_config"

fi

echo "${sudo_cmde}chown -R $my_user '$TELEBIT_PATH' # '/etc/$my_app'"
$sudo_cmd chown -R $my_user "$TELEBIT_PATH" # "/etc/$my_app"

# ~/.config/systemd/user/
# %h/.config/telebit/telebit.yml
echo "### Adding $my_app as a system service"
# TODO detect with type -p
my_system_launcher=""
if [ -d "/Library/LaunchDaemons" ]; then
  my_system_launcher="launchd"
  my_app_launchd_service="Library/LaunchDaemons/${my_app_pkg_name}.plist"
  echo "${sudo_cmde}$rsync_cmd $TELEBIT_PATH/usr/share/dist/$my_app_launchd_service /$my_app_launchd_service"
  $sudo_cmd $rsync_cmd "$TELEBIT_PATH/usr/share/dist/$my_app_launchd_service" "/$my_app_launchd_service"

  echo "${sudo_cmde}chown root:wheel $my_root/$my_app_launchd_service"
  $sudo_cmd chown root:wheel "$my_root/$my_app_launchd_service"
  echo "${sudo_cmde}launchctl unload -w $my_root/$my_app_launchd_service >/dev/null 2>/dev/null"
  $sudo_cmd launchctl unload -w "$my_root/$my_app_launchd_service" >/dev/null 2>/dev/null
  echo "${sudo_cmde}launchctl load -w $my_root/$my_app_launchd_service"
  $sudo_cmd launchctl load -w "$my_root/$my_app_launchd_service"

elif [ -d "$my_root/etc/systemd/system" ]; then
  my_system_launcher="systemd"
  echo "${sudo_cmde}$rsync_cmd $TELEBIT_PATH/usr/share/dist/etc/systemd/system/$my_app.service /etc/systemd/system/$my_app.service"
  $sudo_cmd $rsync_cmd "$TELEBIT_PATH/usr/share/dist/etc/systemd/system/$my_app.service" "/etc/systemd/system/$my_app.service"

  $sudo_cmd systemctl daemon-reload
  echo "${sudo_cmde}systemctl enable $my_app"
  $sudo_cmd systemctl enable $my_app
  echo "${sudo_cmde}systemctl start $my_app"
  $sudo_cmd systemctl restart $my_app
fi

sleep 2
echo ""
echo ""
echo ""
echo "=============================================="
echo "               Privacy Settings               "
echo "=============================================="
echo ""
echo "Privacy settings are managed in the config files:"
echo ""
echo "  $TELEBIT_PATH/etc/$my_app.yml"
echo "  $HOME/.config/$my_app/$my_app.yml"
echo ""
echo "Your current settings:"
echo ""
echo "  telemetry: true   # You ARE contributing project telemetry"
echo "  community: true   # You ARE receiving important email updates"
echo "  newsletter: false # You ARE NOT receiving regular emails"
echo ""
echo "Please edit the config file to meet your needs before starting."
echo ""
sleep 3

echo ""
echo ""
echo "=============================================="
echo "            Launcher Configuration            "
echo "=============================================="
echo ""
echo "You MUST verify your email address to activate this device for your account"

my_stopper=""
if [ "systemd" == "$my_system_launcher" ]; then

  my_stopper="${sudo_cmde}systemctl stop $my_app"
  echo "Edit the config and restart, if desired:"
  echo ""
  echo "    ${sudo_cmde}$my_edit $TELEBIT_PATH/etc/$my_app.yml"
  echo "    ${sudo_cmde}systemctl restart $my_app"
  echo ""
  echo "Or disabled the service and start manually:"
  echo ""
  echo "    ${sudo_cmde}systemctl stop $my_app"
  echo "    ${sudo_cmde}systemctl disable $my_app"
  echo "    $my_app --config $TELEBIT_PATH/etc/$my_app.yml"

elif [ "launchd" == "$my_system_launcher" ]; then

  my_stopper="${sudo_cmde}launchctl unload $my_root/$my_app_launchd_service"
  echo "Edit the config and restart, if desired:"
  echo ""
  echo "    ${sudo_cmde}$my_edit $TELEBIT_PATH/etc/$my_app.yml"
  echo "    ${sudo_cmde}launchctl unload $my_root/$my_app_launchd_service"
  echo "    ${sudo_cmde}launchctl load -w $my_root/$my_app_launchd_service"
  echo ""
  echo "Or disabled the service and start manually:"
  echo ""
  echo "    ${sudo_cmde}launchctl unload -w $my_root/$my_app_launchd_service"
  echo "    $my_app daemon --config $TELEBIT_PATH/etc/$my_app.yml"

else

  my_stopper="not started"
  echo "Edit the config, if desired:"
  echo ""
  echo "    ${sudo_cmde}$my_edit $my_config"
  echo ""
  echo "Run the service manually (we couldn't detect your system service to do that automatically):"
  echo ""
  echo "    $my_app --config $my_config"

fi
sleep 3

# TODO run 'telebit status'
if [ "telebit.cloud" == $my_relay ]; then
  echo ""
  echo ""
  echo "=============================================="
  echo "                 Hey, Listen!                 "
  echo "=============================================="
  echo ""
  echo "GO CHECK YOUR EMAIL"
  echo ""
  echo "You MUST verify your email address to activate this device."
  echo ""
fi

echo ""
sleep 1