#!/bin/bash

export PATH="${PATH}:/bin:/sbin:/usr/bin:/usr/sbin"

readonly AEMBIT_GROUP_NAME="aembit"
readonly AEMBIT_AGENT_CONTROLLER_USER_NAME="aembit_agent_controller"
readonly AEMBIT_AGENT_CONTROLLER_SYSTEMD_UNIT="aembit_agent_controller.service"
readonly AEMBIT_AGENT_CONTROLLER_VERSION="1.9.725"
readonly AEMBIT_AGENT_CONTROLLER_INSTALL_DIR="/opt/aembit/edge/agent_controller"
readonly AEMBIT_AGENT_CONTROLLER_SECRETS_FILENAME="credentials.json"
readonly AEMBIT_AGENT_CONTROLLER_INSTALL_DIR_BIN="${AEMBIT_AGENT_CONTROLLER_INSTALL_DIR}"/"${AEMBIT_AGENT_CONTROLLER_VERSION}"/bin
readonly AEMBIT_AGENT_CONTROLLER_INSTALL_DIR_SCRIPTS="${AEMBIT_AGENT_CONTROLLER_INSTALL_DIR}"/"${AEMBIT_AGENT_CONTROLLER_VERSION}"/scripts
readonly AEMBIT_AGENT_CONTROLLER_JOURNALD_CONFIG_FILE="/etc/systemd/journald@aembit_agent_controller.conf"
readonly AEMBIT_AGENT_CONTROLLER_VERSION_PATTERN="[[:digit:]]*.[[:digit:]]*.[[:digit:]]*"
readonly AEMBIT_AGENT_CONTROLLER_BIN="aembit_agent_controller"

INSTALLER_DIR=$(dirname "${0}")
readonly LOG_FILE="${INSTALLER_DIR}"/installer.log

readonly SYSTEMD_UNIT_FILES_FOLDER="/etc/systemd/system"

# OPTIONS
TO_UPGRADE=false

parse_options() {
    for _ in $(getopt --options "" --longoptions "upgrade" -- "${@}"); do
        case $1 in
            --upgrade)
                TO_UPGRADE=true ;;
        esac
        shift
    done

}

log() {
    local level="${1}"
    shift

    local log_fmt="%s %s\n"
    if [ "${level}" ]; then
        log_fmt="%s ${level} %s\n"
    fi

    for line in "$@"; do
        # shellcheck disable=SC2059
        printf "${log_fmt}" "$(date +"%H:%M:%S")" "${line}" | tee -a "${LOG_FILE}"
    done
}

log_info() {
    log "Info:" "$@"
}

log_warn() {
    log "Warning:" "$@"
}

log_err() {
    log "Error:" "$@"
}

check_running_as_root() {
    if [ "$(id --user)" -ne 0 ]; then
        log_err "Installer must be run as root."
        exit 1
    fi
}

check_for_required_env_var() {
    env_var_name=$1
    env_var_value="${!env_var_name}"

    if [ -z "${env_var_value}" ]; then
        log_err "Required environment variable \"${env_var_name}\" is not defined."
        exit 1
    fi
}

check_registration_method() {
  if [[ -z "${AEMBIT_DEVICE_CODE}" && -z "${AEMBIT_AGENT_CONTROLLER_ID}" ]]; then
        log_err "Either environment variable \"AEMBIT_DEVICE_CODE\" or \"AEMBIT_AGENT_CONTROLLER_ID\" is required to be present for registration."
        exit 1
    fi
}

set_default_stack_domain() {
    if [ -z "${StackDomain}" ]; then
        export StackDomain="useast2.aembit.io"
    fi
}

check_if_package_missing() {
    package=$1

    if ! which "${package}" > /dev/null 2>&1; then
        if [ -z "${missing_packages}" ]; then
            missing_packages="${package}"
        else
            missing_packages="${missing_packages}, ${package}"
        fi
    fi
}

check_required_dependencies() {
    log_info "Checking for required package dependencies."

    check_if_package_missing pgrep
    check_if_package_missing grep
    check_if_package_missing id
    check_if_package_missing getent
    check_if_package_missing useradd
    check_if_package_missing groupadd

    if [ -n "${missing_packages}" ]; then
        log_err "One or more necessary packages were missing. Please install the following package(s) and then rerun the installer: ${missing_packages}"
        exit 1
    fi
}

agent_controller_is_already_installed() {
    if ! [ -d "${AEMBIT_AGENT_CONTROLLER_INSTALL_DIR}" ]; then
        return 1
    fi

    for file in ${AEMBIT_AGENT_CONTROLLER_INSTALL_DIR}/${AEMBIT_AGENT_CONTROLLER_VERSION_PATTERN}; do
        # If there is no match, $file just refers to the pattern, instead of a
        # file name. No file exists with the name of the pattern literal.
        if [ -e "${file}" ]; then
            return 0
        else
            return 1
        fi
    done
}

agent_controller_is_already_running() {
    if pgrep --euid "${AEMBIT_AGENT_CONTROLLER_USER_NAME}" &>/dev/null; then
        return 0
    else
        return 1
    fi
}

# Whether the installer is being run in upgrade mode.
is_upgrade() {
    if [ "${TO_UPGRADE}" == "true" ]; then
        return 0
    else
        return 1
    fi
}

handle_existing_agent_controller() {
    if (agent_controller_is_already_running || agent_controller_is_already_installed) && ! is_upgrade; then
        log_err "Aembit Agent Controller is already installed. Please uninstall it first or use the \"--upgrade\" option."
        exit 1
    fi
}

set_file_permissions() {
    file_path=$1
    permissions=$2

    if ! chmod "${permissions}" "${file_path}"; then
        log_err "Unable to set the permissions of ${file_path}."
        exit 1
    fi
}

set_file_user_and_group_owner() {
    file_path=$1
    user=$2
    group=$3

    if ! chown "${user}:${group}" "${file_path}"; then
        log_err "Unable to set the ownership of ${file_path}."
        exit 1
    fi
}

set_recursive_file_permissions() {
    file_path=$1
    permissions=$2

    if ! chmod --recursive "${permissions}" "${file_path}"; then
        log_err "Unable to set the permissions of ${file_path}."
        exit 1
    fi
}

set_recursive_file_user_and_group_owner() {
    file_path=$1
    user=$2
    group=$3

    if ! chown --recursive "${user}:${group}" "${file_path}"; then
        log_err "Unable to set the ownership of ${file_path}."
        exit 1
    fi
}

create_user_and_group() {
    if getent group "${AEMBIT_GROUP_NAME}" > /dev/null 2>&1; then
        log_info "Group \"${AEMBIT_GROUP_NAME}\" exists."
    else
        log_info "Group \"${AEMBIT_GROUP_NAME}\" does not exist. Creating."
        if groupadd "${AEMBIT_GROUP_NAME}"; then
            log_info "Group created."
        else
            log_err "Error creating the \"${AEMBIT_GROUP_NAME}\" group."
            exit 1
        fi
    fi

    if getent passwd "${AEMBIT_AGENT_CONTROLLER_USER_NAME}" > /dev/null 2>&1; then
        log_info "User \"${AEMBIT_AGENT_CONTROLLER_USER_NAME}\" exists."
    else
        log_info "User \"${AEMBIT_AGENT_CONTROLLER_USER_NAME}\" does not exist. Creating."
        if useradd --no-create-home --shell /bin/false  -g "${AEMBIT_GROUP_NAME}" "${AEMBIT_AGENT_CONTROLLER_USER_NAME}"; then
            log_info "User created."
        else
            log_err "There was an error creating the \"${AEMBIT_AGENT_CONTROLLER_USER_NAME}\" user."
            exit 1
        fi
    fi
}

set_up_logs() {
    if ! cp installer_components/journald@aembit_agent_controller.conf "${AEMBIT_AGENT_CONTROLLER_JOURNALD_CONFIG_FILE}"; then
        log_err "Unable to copy the journald configuration file to host."
        exit 1
    fi

    set_file_permissions "${AEMBIT_AGENT_CONTROLLER_JOURNALD_CONFIG_FILE}" 400 || exit 1
    set_file_user_and_group_owner "${AEMBIT_AGENT_CONTROLLER_JOURNALD_CONFIG_FILE}" root root || exit 1
}

copy_static_components_to_host() {
    if ! mkdir --parents "${AEMBIT_AGENT_CONTROLLER_INSTALL_DIR_BIN}"; then
        log_err "Unable to make installation directory for Agent Controller binary."
        exit 1
    fi

    if ! cp "${AEMBIT_AGENT_CONTROLLER_BIN}" "${AEMBIT_AGENT_CONTROLLER_INSTALL_DIR_BIN}"/"${AEMBIT_AGENT_CONTROLLER_BIN}"; then
        log_err "Unable to move the Agent Controller binary to the installation directory."
        exit 1
    fi

    if ! cp appsettings.json "${AEMBIT_AGENT_CONTROLLER_INSTALL_DIR_BIN}"/appsettings.json; then
        log_err "Unable to move the Agent Controller configuration to the installation directory."
        exit 1
    fi

    if ! mkdir --parents "${AEMBIT_AGENT_CONTROLLER_INSTALL_DIR_SCRIPTS}"; then
        log_err "Unable to make installation directory for Agent Controller scripts."
        exit 1
    fi

    if ! cp uninstall "${AEMBIT_AGENT_CONTROLLER_INSTALL_DIR_SCRIPTS}"/uninstall; then
        log_err "Unable to move the Agent Controller uninstall script to the installation directory."
        exit 1
    fi
    
    set_recursive_file_permissions "${AEMBIT_AGENT_CONTROLLER_INSTALL_DIR}" 500 || exit 1
	
    if ! echo "" > "${AEMBIT_AGENT_CONTROLLER_INSTALL_DIR}"/"${AEMBIT_AGENT_CONTROLLER_SECRETS_FILENAME}"; then
	    log_err "Unable to create Agent Controller secrets file."
        exit 1
    fi

    set_file_permissions "${AEMBIT_AGENT_CONTROLLER_INSTALL_DIR}/${AEMBIT_AGENT_CONTROLLER_SECRETS_FILENAME}" 600 || exit 1
    set_recursive_file_user_and_group_owner "${AEMBIT_AGENT_CONTROLLER_INSTALL_DIR}" "${AEMBIT_AGENT_CONTROLLER_USER_NAME}" "${AEMBIT_GROUP_NAME}" || exit 1
}

install_systemd_service() {
    if ! cp installer_components/aembit_agent_controller.service "${SYSTEMD_UNIT_FILES_FOLDER}"/"${AEMBIT_AGENT_CONTROLLER_SYSTEMD_UNIT}"; then
        log_err "Unable to copy the systemd service file to the destination."
        exit 1
    fi

    set_file_permissions "${SYSTEMD_UNIT_FILES_FOLDER}/${AEMBIT_AGENT_CONTROLLER_SYSTEMD_UNIT}" 400 || exit 1
    set_file_user_and_group_owner "${SYSTEMD_UNIT_FILES_FOLDER}/${AEMBIT_AGENT_CONTROLLER_SYSTEMD_UNIT}" root root || exit 1

    if ! sed --in-place "s#{{ AEMBIT_TENANT_ID }}#${AEMBIT_TENANT_ID}#" "${SYSTEMD_UNIT_FILES_FOLDER}"/"${AEMBIT_AGENT_CONTROLLER_SYSTEMD_UNIT}"; then
        log_err "Unable to update the Agent Controller Tenant Id in the systemd service file."
        exit 1
    fi

    if ! sed --in-place "s#{{ StackDomain }}#${StackDomain}#" "${SYSTEMD_UNIT_FILES_FOLDER}"/"${AEMBIT_AGENT_CONTROLLER_SYSTEMD_UNIT}"; then
        log_err "Unable to update the Agent Controller Stack Domain in the systemd service file."
        exit 1
    fi

    if ! sed --in-place "s#{{ AEMBIT_DEVICE_CODE }}#${AEMBIT_DEVICE_CODE}#" "${SYSTEMD_UNIT_FILES_FOLDER}"/"${AEMBIT_AGENT_CONTROLLER_SYSTEMD_UNIT}"; then
        log_err "Unable to update the Agent Controller Device Code in the systemd service file."
        exit 1
    fi

    if ! sed --in-place "s#{{ AEMBIT_AGENT_CONTROLLER_ID }}#${AEMBIT_AGENT_CONTROLLER_ID}#" "${SYSTEMD_UNIT_FILES_FOLDER}"/"${AEMBIT_AGENT_CONTROLLER_SYSTEMD_UNIT}"; then
        log_err "Unable to update the Agent Controller Agent Controller Id in the systemd service file."
        exit 1
    fi

    if ! systemctl enable "${AEMBIT_AGENT_CONTROLLER_SYSTEMD_UNIT}"; then
        log_err "Unable to enable the Agent Controller systemd service."
        exit 1
    fi
}

start_systemd_service() {
    if ! systemctl start "${AEMBIT_AGENT_CONTROLLER_SYSTEMD_UNIT}"; then
        log_err "Unable to start the Agent Controller systemd service."
        exit 1
    fi
}

upgrade_systemd_service() {
    if ! systemctl daemon-reload; then
        log_err "Unable to reload the Agent Controller systemd service."
        exit 1
    fi

    if ! systemctl restart "${AEMBIT_AGENT_CONTROLLER_SYSTEMD_UNIT}"; then
        log_err "Unable to restart the updated Agent Controller systemd service."
        exit 1
    fi

    if ! systemctl restart systemd-journald; then
        log_err "Unable to restart journald with the updated log configuration."
        exit 1
    fi
}

remove_all_previous_installations() {
    log_info "Deleting old Agent Controller versions."
    for dir in ${AEMBIT_AGENT_CONTROLLER_INSTALL_DIR}/${AEMBIT_AGENT_CONTROLLER_VERSION_PATTERN}; do
        case "${dir}" in
            # Don't delete the upgraded Agent Controller version.
            *"${AEMBIT_AGENT_CONTROLLER_VERSION}"*)
                # Do nothing
                ;;
            *)
                rm -rf "${dir}"
                ;;
        esac
    done
}

run_installer() {
    check_running_as_root || exit 1
    parse_options "${@}"

    check_for_required_env_var AEMBIT_TENANT_ID || exit 1
    check_registration_method || exit 1
    set_default_stack_domain

    check_required_dependencies || exit 1
    handle_existing_agent_controller || exit 1
    create_user_and_group || exit 1
    set_up_logs || exit 1
    copy_static_components_to_host || exit 1
    install_systemd_service || exit 1
    if is_upgrade; then
        upgrade_systemd_service || exit 1
        remove_all_previous_installations || exit 1
    else
        start_systemd_service || exit 1
    fi
}

main() {
    set -o pipefail
    log_info "Installing Aembit Agent Controller."
    run_installer "${@}" 2>&1
}

main "${@}" || exit 1
