#!/bin/bash

# base settings
set -e

[ -e /firstboot ] || exit 0

echo 'Setting defaults...'
localectl --no-convert set-keymap de-latin1-nodeadkeys

echo 'Activate services...'
timedatectl set-ntp true

# variables
LABEL="DATA"
DATABASE_PASS="Di1sgMySQLPwd."

# Data partition
echo 'Mount data partition...'
mkdir -p /$LABEL
if [ ! -L "/dev/disk/by-label/$LABEL" ]; then
    echo 'ERROR: Data partition not found!'
    echo "Please create a data partition with ext4 filesystem and label \"$LABEL\":"
    echo "# cfdisk /dev/<disk> (use GPT label, create linux partition)"
    echo "# mkfs.ext4 -L $LABEL /dev/<partition>"
    exit 1
fi
if ! grep -Fq "LABEL=$LABEL" /etc/fstab; then
    echo "LABEL=$LABEL  /$LABEL  ext4  noatime  0 1" >> /etc/fstab
fi
mount -a
if ! mount | grep /$LABEL > /dev/null; then
    echo "ERROR: Could not mount data partition!"
    exit 1
fi

if [ ! -d "/$LABEL/var/lib/mysql/giteadb" ]; then
    echo 'Initialize MariaDB...'
    systemctl stop mariadb
    mkdir -p /$LABEL/var/lib/mysql
    rm -rf /$LABEL/var/lib/mysql/*
    cp -a /var/lib/mysql/. /$LABEL/var/lib/mysql
    sed -i "s:^datadir.*:datadir                                    = /$LABEL/var/lib/mysql:" /etc/mysql/mariadb.d/50-distro-server.cnf
    systemctl start mariadb

    echo 'Create Gitea database...'
    mysql -u root -e "CREATE DATABASE giteadb CHARACTER SET 'utf8mb4' COLLATE 'utf8mb4_unicode_ci';"
    mysql -u root -e "CREATE USER 'gitea'@'localhost' IDENTIFIED BY '$DATABASE_PASS';"
    mysql -u root -e "GRANT ALL PRIVILEGES ON giteadb.* TO 'gitea'@'localhost' IDENTIFIED by '$DATABASE_PASS';"
    mysql -u root -e "FLUSH PRIVILEGES;"
else
    echo 'Start MariaDB...'
    sed -i "s:^datadir.*:datadir                                    = /$LABEL/var/lib/mysql:" /etc/mysql/mariadb.d/50-distro-server.cnf
    systemctl start mariadb
fi
echo 'Enable database...'
systemctl enable mariadb

echo 'Start and enable Gitea...'
sed -i 's#^HOST = 127.0.0.1:3306#HOST = /run/mysqld/mysqld.sock#' /etc/gitea/app.ini
sed -i 's/^NAME = gitea/NAME = giteadb/' /etc/gitea/app.ini
sed -i 's/^USER = root/USER = gitea/' /etc/gitea/app.ini
sed -i 's/^PASSWD =/PASSWD = `$DATABASE_PASS`/' /etc/gitea/app.ini
sed -i 's/^CHARSET = utf8/CHARSET = utf8mb4/' /etc/gitea/app.ini
sed -i 's/^JWT_SECRET.*=.*$/JWT_SECRET = '`gitea generate secret JWT_SECRET`'/g' /etc/gitea/app.ini
sed -i 's/^INTERNAL_TOKEN.*=.*$/INTERNAL_TOKEN = '`gitea generate secret INTERNAL_TOKEN`'/g' /etc/gitea/app.ini
sed -i 's/^SECRET_KEY.*=.*$/SECRET_KEY = '`gitea generate secret SECRET_KEY`'/g' /etc/gitea/app.ini
if [ ! -d "/$LABEL/var/lib/gitea" ]; then
    mkdir -p /$LABEL/var/lib/gitea
    chown git:git /$LABEL/var/lib/gitea
    cp -a /var/lib/gitea/. /$LABEL/var/lib/gitea
fi
mv /var/lib/gitea /var/lib/gitea.orig
ln -s /$LABEL/var/lib/gitea /var/lib/gitea
systemctl start gitea
systemctl enable gitea

echo 'Start and enable Apache...'
if [ ! -d "/$LABEL/etc/ssl/apache2" ]; then
    mkdir -p /$LABEL/etc/ssl/apache2
    openssl req -new -newkey rsa:4096 -days 3650 -nodes -x509 -subj "/C=DE/ST=TH/L=Virtual/O=Appliance/CN=letsencrypt" -keyout /$LABEL/etc/ssl/apache2/server.key  -out /$LABEL/etc/ssl/apache2/server.crt
fi
rm -rf /etc/ssl/apache2
ln -s /$LABEL/etc/ssl/apache2 /etc/ssl/apache2
systemctl start apache2
systemctl enable apache2

rm /firstboot