#!/bin/bash

source assets/shell/colors
source assets/config/deps/dependencies

### DEPENDENCY CHECK & INSTALLER

echo -e "\n  ${LCY}Dependency and Privilege Check running...${CRS}\n"

### PRIVILEGES

if (( $(id -u) == 0 )); then                                                        ### AM I ROOT?
    echo -e "    ${GRN}Privilege check passed...${CRS}\n"

else 
    echo -e "    ${RED}Privilege check failed... Please run script with sudo or as root!${CRS}\n"
    exit 1
fi

### DEPENDENCIES

if command -v "$pkgs_check" >/dev/null 2>&1; then
    echo -e "    ${GRN}Dependency check passed...${CRS}\n"
    
else
    echo -e "    ${RED}Dependencies not met.${CRS}\n"
        
    while true; do
        echo -e "  ${YEL}Do you wish to install via APT?"
        read -p "  (Y/n) --> " install
        echo ""
        if [[ "$install" = "" || "$install" = "y" || "$install" = "Y" ]]; then
            sudo apt update && sudo apt install -y $pkgs_apt
            echo -e "\n    ${GRN}Dependencies installed. Proceeding...${CRS}\n"
            break 

        elif [[ "$install" == "n" || "$install" = "N" ]]; then
            echo -e "\n    ${RED}Missing dependencies... Exiting!${CRS}\n"
            exit 1

        else
            echo -e "\n ${YEL}Invalid response... Try again...\n\n  ${GRN}Y ${YEL}= (Yes, install dependencies and continue)\n  ${RED}N ${YEL}= (No, don't install dependencies and exit)${CRS}\n "
        fi
    done
fi

### NGINX SETUP & CONFIG

###### HOST

onif=$(/sbin/ip route get 162.249.72.1 | awk '{print $5}' | cut -d/ -f1)            ### GET ACTIVE NETWORK INTERFACE

while true; do
    echo -e "  ${YEL}What network interface will nginx be using?${CRS}"
    read -p "  current = "$onif" --> " nif
    if ! [ "$nif" ]; then
        nif="$onif"
        break
    elif [ -d "/sys/class/net/$nif" ]; then
        break
    else
        echo -e "\n    ${LRD}Interface not found... Try again!${CRS}\n"
    fi
done

ip4=$(/sbin/ip -o -4 addr list "$nif" | awk '{print $4}' | cut -d/ -f1)             ### GET IP FOR CHOSEN INTERFACE
echo -e "\n  ${YEL}Current hostname : ${LCY}$HOSTNAME${CRS}"
echo -e "  ${YEL}Current ip address : ${LCY}$ip4 ${YEL}@ ${LCY}$nif${CRS}"
echo -e "\n  ${YEL}This information will be used to configure ${LCY}nginx.conf ${YEL}during the next steps.${CRS}"

while true; do
    read -p "  Would you like to change the hostname? (y/N) --> " conf_hostname
    if [[ "$conf_hostname" = "" || "$conf_hostname" = "n" || "$conf_hostname" = "N" ]]; then
        new_hostname=$HOSTNAME
        break
    elif [[ "$conf_hostname" = "y" || "$conf_hostname" = "Y" ]]; then
        read -p "  Enter new hostname --> " new_hostname
        sudo sed -i.backup "s/$HOSTNAME/$new_hostname/g" /etc/hosts
        sudo sed -i.backup "s/$HOSTNAME/$new_hostname/g" /etc/hostname
        sleep 3s
        sudo systemctl reload NetworkManager
        echo -e "\n    ${GRN}Host name changed to ${LCY}$new_hostname${CRS}"
        break
    else
        echo -e "\n  ${YEL}Invalid response... Try again...\n\n  Y = (Yes, set new hostname)\n  N = (No, leave as is)${CRS}\n "
    fi
done

###### CERTIFICATION & CONFIGURATION

while true; do
        echo -e "\n  ${YEL}Configure SSL and create a self signed cetrificate?${CRS}"
        read -p "  (Y/n) --> " installSSL

        if [[ "$installSSL" = "" || "$installSSL" = "y" || "$installSSL" = "Y" ]]; then
            echo -e "  ${YEL}Enter path to certificates folder${CRS}"
            read -p "  default = /etc/nginx/ssl --> " cert_path
            if ! [ "$cert_path" ]; then
                cert_path=/etc/nginx/ssl
            elif [[ "$cert_path" = "." ]]; then
                cert_path=$PWD
            else
                :
            fi
            echo -e "  ${YEL}Enter file name for certificate and key${CRS}"
            read -p "  default = $HOSTNAME --> " cert_name
            if ! [ "$cert_name" ]; then
                cert_name=$HOSTNAME
            else
                :
            fi
            echo ""
            sudo mkdir -p "$cert_path"
            sudo openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout "$cert_path"/"$cert_name".key -out "$cert_path"/"$cert_name".crt
            echo -e "\n    ${GRN}SSL certificate files ${LCY}$cert_name.crt ${GRN}and ${LCY}$cert_name.key ${GRN}created and stored in ${LCY}$cert_path${CRS}\n"
            sudo chmod 644 "$cert_path"/"$cert_name".crt
            sudo chmod 600 "$cert_path"/"$cert_name".key
            sudo cp assets/config/nginx/nginx_SSL.conf /etc/nginx/sites-enabled/$HOSTNAME.conf
            sudo sed -i.backup "s/DOMAIN/$HOSTNAME.local/g" /etc/nginx/sites-enabled/$HOSTNAME.conf
            sudo sed -i "s/IPADDR/$ip4/g" /etc/nginx/sites-enabled/$HOSTNAME.conf
            sudo sed -i "s|CERTPATH|$cert_path/$cert_name|" /etc/nginx/sites-enabled/$HOSTNAME.conf
            sudo sed -i "s|KEYPATH|$cert_path/$cert_name|" /etc/nginx/sites-enabled/$HOSTNAME.conf
            break
        elif [[ "$installSSL" == "n" || "$installSSL" = "N" ]]; then
            echo -e "\n    ${RED}Encryption disabled${CRS}\n"
            break
        else
            echo -e "\n  ${YEL}Invalid response... Try again...\n\n  Y = (Yes, configure SSL certificate and continue)\n  N = (No, leave unencrypted and continue)${CRS}\n "
        fi

done

###### MAINTENANCE

sudo nginx -t
sudo systemctl restart NetworkManager
sudo nginx -s reload

###### STATUS




### DEV STATUS

######   JEFF   ######
#
# test nginx config
# restart nginx
#
###### JEFF END ######


echo -e "\n   ${LGN}Script ran through...${CRS}"