#!/usr/bin/env bash
set -eo pipefail

COLOR_INFO="\033[1;34m"
COLOR_RESET="\033[0m"
COLOR_WARNING="\033[0;33m"
COLOR_SUCCESS="\033[0;32m"

function usage_setup() {
    echo -e "Usage: ${0} [OPTIONS] COMMAND

Generate certificate and its key (except if you specified you do not want with --no-cert option)
then generate Nginx SSL configuration file.

OPTIONS:
  -nc, --no-cert   skip certificate generation with mkcert
  -h, --help       print this message

COMMAND:
  help              print this message
"
}

# Utility function to generate certificate and
# nginx configuration to reverse proxy richie app over https

with_cert=true

while true; do
  case "${1}" in
    -nc|--no-cert)
      with_cert=false
      break
      ;;
    -h | --help | help)
      usage_setup "${FUNCNAME[0]}"
      exit 0
      ;;
    *)
      break
      ;;
  esac
done

# Check if nginx ssl conf already exist and if certificate exists and is still valid
if [ -f "docker/files/etc/nginx/ssl/default.conf" ] &&
   [ -f "docker/files/etc/nginx/ssl/richie.local.dev.key" ] &&
   [ -f "docker/files/etc/nginx/ssl/richie.local.dev.pem" ] &&
   openssl x509 -checkend 0 -noout -in "docker/files/etc/nginx/ssl/richie.local.dev.pem" ;
then
  echo -e "${COLOR_SUCCESS}✅ SSL configuration is already enabled and certificate is valid.${COLOR_RESET}\\n"
else
  if [[ "$with_cert" = true ]] ; then
    echo -e "${COLOR_INFO}> Generating certificate for richie.local.dev domain${COLOR_RESET}"
    # Generate fresh key and certificate files for richie.local.dev domain
    mkcert -key-file "docker/files/etc/nginx/ssl/richie.local.dev.key" \
          -cert-file "docker/files/etc/nginx/ssl/richie.local.dev.pem" \
          richie.local.dev
  else
    echo -e "${COLOR_INFO}> Certificate generation skipped.${COLOR_RESET}"
    echo -e "\\n${COLOR_WARNING}⚠️  A certificate is required!
  Skipping generation supposes that you generated your certificate and its key manually,
  at the following locations
  - docker/files/etc/nginx/ssl/richie.local.key
  - docker/files/etc/nginx/ssl/richie.local.pem
  ${COLOR_RESET}"
  fi

  echo -e "${COLOR_INFO}> Generating nginx configuration${COLOR_RESET}"

  nginx_base_template="docker/files/etc/nginx/conf.d/default.conf"
  nginx_ssl_template="docker/files/etc/nginx/ssl/ssl.conf.tpl"

  disclaimer="# /!\ DO NOT EDIT: this file is autogenerated"
  printf "%s\n" "${disclaimer}" > "docker/files/etc/nginx/ssl/default.conf"

  # Replace listen 8070; in default conf by ssl configuration then generate default.conf  
  sed "/listen 8070;/d; /server {/r $nginx_ssl_template" \
      ${nginx_base_template} \
      >> "docker/files/etc/nginx/ssl/default.conf"

  echo -e "\\n✅ SSL is ready to use!\\n"
fi

echo -e "\\n${COLOR_INFO}> Starting SSL apps${COLOR_RESET}"
make run-ssl

echo -e "\\n${COLOR_SUCCESS}✅ Richie is up and running on https://richie.local.dev:8070 !"
echo -e "\\n${COLOR_WARNING}Next time, just use the command below to start richie over ssl"
echo -e "> make run-ssl\\n"

echo -e "${COLOR_INFO}> Do you wish to generate a demo site?${COLOR_RESET}"
while true; do
  read -p "Yes (y) or No (n) > " answer
  case $answer in
    Yes | yes | Y | y)
      make demo-site;
      break
      ;;
    No | no | N | n) 
      break
      ;;
  esac
done

exit 0
