#!/bin/bash

export FPM_TUNE_VERSION=v5
export NGINX_CONF_VERSION=v5
export MY_CNF_VERSION=v5
export ENTRYPOINT_VERSION=v3

run_occ() {
    su -p www-data -s /bin/sh -c "/var/www/html/occ $@"
}

post_install_occ() {
    IFS='|' read -ra CMD <<<"$OCC_CMDS"
    for cmd in "${CMD[@]}"; do
        run_occ "$cmd"
    done
}

install_apps() {
    install_apps="$@"
    if [ -z "$install_apps" ]; then
        install_apps=$APPS
    fi
    for app in $install_apps; do
        run_occ "app:install $app"
    done
}

set_app_config() {
    APP=$1
    KEY=$2
    VALUE=$3
    run_occ "config:app:set $APP $KEY --value '$VALUE'"
}

set_system_config() {
    KEY=$1
    VALUE=$2
    run_occ "config:system:set $KEY --value '$VALUE'"
}

set_trusted_proxies() {
    trusted_proxies="$@"
    if [ -z "$1" ]; then
        trusted_proxies="$TRUSTED_PROXIES"
    fi
    set_system_config trusted_proxies "$trusted_proxies"
}

set_logfile_stdout() {
    set_system_config logfile '/dev/stdout'
}

install_bbb() {
    install_apps bbb
    set_app_config bbb app.navigation true
    set_app_config bbb api.url "$BBB_URL"
    set_app_config bbb api.secret "$(cat /run/secrets/bbb_secret)"
}

install_onlyoffice() {
    install_apps onlyoffice
    set_app_config onlyoffice DocumentServerUrl "$ONLYOFFICE_URL"
    set_app_config onlyoffice jwt_secret "$(cat /run/secrets/onlyoffice_jwt)"
    set_app_config onlyoffice customizationForcesave true
}

install_collabora() {
    install_apps richdocuments
    set_app_config richdocuments wopi_url "$COLLABORA_URL"
}

install_fulltextsearch() {
    install_apps fulltextsearch
    install_apps fulltextsearch_elasticsearch
    install_apps files_fulltextsearch
    set_app_config fulltextsearch search_platform "OCA\\FullTextSearch_Elasticsearch\\Platform\\ElasticSearchPlatform"
    set_app_config fulltextsearch_elasticsearch elastic_host "http://elastic:$(cat /run/secrets/elasticsearch_password)@elasticsearch:9200/"
    set_app_config fulltextsearch_elasticsearch elastic_index "nextcloud"
    set_app_config files_fulltextsearch files_local "1"
}

set_default_quota() {
    set_app_config files default_quota "$DEFAULT_QUOTA"
}

set_authentik() {
    install_apps sociallogin
    AUTHENTIK_SECRET=$(cat /run/secrets/authentik_secret)
    AUTHENTIK_ID=$(cat /run/secrets/authentik_id)
    set_app_config sociallogin custom_providers "
{
    \"custom_oidc\":[
    {
        \"name\":\"$AUTHENTIK_USER_PREFIX\",
        \"title\":\"authentik\",
        \"authorizeUrl\": \"https://$AUTHENTIK_DOMAIN/application/o/authorize/\",
        \"tokenUrl\": \"https://$AUTHENTIK_DOMAIN/application/o/token/\",
        \"displayNameClaim\":\"preferred_username\",
        \"userInfoUrl\": \"https://$AUTHENTIK_DOMAIN/application/o/userinfo/\",
        \"logoutUrl\": \"https://$AUTHENTIK_DOMAIN/if/session-end/nextcloud/\",
        \"clientId\":\"$AUTHENTIK_ID\",
        \"clientSecret\":\"$AUTHENTIK_SECRET\",
        \"scope\":\"openid profile email nextcloud\",
        \"groupsClaim\":\"nextcloud_groups\",
        \"style\":\"openid\",
        \"defaultGroup\":\"\",
        \"groupMapping\": {
          \"admin\": \"admin\",
          \"authentik Admins\": \"admin\"
        }
    }
]
}"

    set_app_config sociallogin update_profile_on_login 1
    set_app_config sociallogin auto_create_groups 1
    set_app_config sociallogin hide_default_login 1
    run_occ 'config:system:set social_login_auto_redirect --value true'
    run_occ 'config:system:set allow_user_to_change_display_name --value=false'
    run_occ 'config:system:set lost_password_link --value=disabled'
}