#!/usr/bin/env bash

run_directory=$(dirname $(readlink -f "$0"))

if [[ $user != 'root' ]]; then
  sudo="sudo"
else
  sudo=""
fi

echo "Setting CUPS configuration"
$sudo mv /etc/cups/cupsd.conf /etc/cups/cupsd.conf.orig
$sudo cp $run_directory/cupsd.conf /etc/cups/cupsd.conf

echo "Installing scanservjs directly from GitHub..."
curl -s https://raw.githubusercontent.com/sbs20/scanservjs/master/packages/server/installer.sh | $sudo bash -s -- -a

echo "Generating TLS certificate"
$sudo openssl req -newkey rsa:4096 -x509 -sha256 -days 999 -nodes -out /etc/ssl/cert.crt -keyout /etc/ssl/cert.key \
  -subj "/C=/ST=/L=/O=/OU=/CN="
$sudo chmod o+r /etc/ssl/cert.key

echo "Setting up Apache HTTP Server"
$sudo cp $run_directory/apache-sites/scanservjs.conf /etc/apache2/sites-available/
$sudo a2dissite 000-default
$sudo a2ensite scanservjs
$sudo a2enmod ssl proxy proxy_http proxy_http2

# TODO add a firewall rule to prevent access to http:8080 from other than local

exit 0