#!/usr/bin/env bash

run_directory=$(dirname $(readlink -f "$0"))

# WARNING Unlike our usual install scripts, this one should NEVER be run unattended;
# Make sure to create .disabled file.
if [ -f $run_directory/.disabled ]; then
  echo "Installation is disabled. Exiting..."
  exit 0
fi

if [[ $user != 'root' ]]; then
  sudo="sudo"
else
  sudo=""
fi

echo "Copying Systemd units and drop-ins to system directory..."
$sudo cp $run_directory/etc-letsencrypt.mount /etc/systemd/system/
if [ ! -d /etc/systemd/system/nginx.service.d ]; then
  $sudo mkdir /etc/systemd/system/nginx.service.d
fi
$sudo cp $run_directory/start-lighttpd.conf /etc/systemd/system/nginx.service.d/
$sudo cp $run_directory/wait-for-dns.conf /etc/systemd/system/nginx.service.d/

echo "Setting up lighttpd..."
$sudo cp $run_directory/lighttpd-webssh.conf /etc/lighttpd/conf-available/99-webssh.conf
$sudo rm /etc/lighttpd/conf-enabled/*
$sudo ln -s /etc/lighttpd/conf-available/10-proxy.conf /etc/lighttpd/conf-enabled/
$sudo ln -s /etc/lighttpd/conf-available/10-ssl.conf /etc/lighttpd/conf-enabled/
$sudo ln -s /etc/lighttpd/conf-available/99-webssh.conf /etc/lighttpd/conf-enabled/
if [ ! -f /etc/lighttpd/server.pem ]; then
  echo "Creating an SSL certificate for lighttpd:"
  $sudo openssl req -newkey rsa:4096 -x509 -sha256 -days 999 -nodes -out /etc/lighttpd/server.pem -keyout \
  /etc/lighttpd/server.pem -subj "/C=/ST=/L=/O=/OU=/CN="
fi

echo "Reloading Systemd..."
$sudo systemctl daemon-reload
echo "Disabling nginx and enabling lighttpd..."
$sudo systemctl disable nginx
$sudo systemctl enable lighttpd

echo "Finished install. Exiting..."
echo "NOTE: Neither nginx nor lighttpd were started/stopped."
exit 0