#!/usr/bin/env bash
set -euo pipefail

SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
CONFIG_DIR="${SCRIPT_DIR}/Config"
TARGETS_DIR_DEFAULT="${CONFIG_DIR}/Targets"

TARGETS_DIR="${TARGETS_DIR:-$TARGETS_DIR_DEFAULT}"

TARGET=""
HOST=""
PORT="22"
BOOTSTRAP_USER=""
BOOTSTRAP_SSH_KEY=""
RUNTIME_USER=""
REPO_DIR=""
ENV_FILE=""
ENV_NAME=""
PGHOST=""
PGPORT=""
PGUSER=""
PGPASSWORD=""
DBS=""
BACKUP_SUBDIR=""
BACKUP_LOG_DIR=""
LOCAL_RESTORE_BASE_DIR=""
SSH_KEY_TARGET_PATH=""
ENABLE_BOOTSTRAP="yes"
ALLOW_PASSWORDLESS_SUDO="yes"
AUTO_INSTALL_POSTGRES="yes"
AUTO_CREATE_PGUSER="yes"
PGUSER_SUPERUSER="no"
AUTO_CONFIGURE_SUDOERS="no"
REMOTE_ROLES_DIR_NAME="user"
EXCLUDED_RESTORE_ROLES="postgres"
FORCE="no"

while [[ $# -gt 0 ]]; do
  case "$1" in
    --targets-dir) TARGETS_DIR="$2"; shift 2 ;;
    --target) TARGET="$2"; shift 2 ;;
    --host) HOST="$2"; shift 2 ;;
    --port) PORT="$2"; shift 2 ;;
    --bootstrap-user) BOOTSTRAP_USER="$2"; shift 2 ;;
    --bootstrap-key) BOOTSTRAP_SSH_KEY="$2"; shift 2 ;;
    --runtime-user) RUNTIME_USER="$2"; shift 2 ;;
    --repo-dir) REPO_DIR="$2"; shift 2 ;;
    --env-file) ENV_FILE="$2"; shift 2 ;;
    --env-name) ENV_NAME="$2"; shift 2 ;;
    --pghost) PGHOST="$2"; shift 2 ;;
    --pgport) PGPORT="$2"; shift 2 ;;
    --pguser) PGUSER="$2"; shift 2 ;;
    --pgpassword) PGPASSWORD="$2"; shift 2 ;;
    --dbs) DBS="$2"; shift 2 ;;
    --backup-subdir) BACKUP_SUBDIR="$2"; shift 2 ;;
    --backup-log-dir) BACKUP_LOG_DIR="$2"; shift 2 ;;
    --local-restore-base-dir) LOCAL_RESTORE_BASE_DIR="$2"; shift 2 ;;
    --ssh-key-target-path) SSH_KEY_TARGET_PATH="$2"; shift 2 ;;
    --enable-bootstrap) ENABLE_BOOTSTRAP="$2"; shift 2 ;;
    --allow-passwordless-sudo) ALLOW_PASSWORDLESS_SUDO="$2"; shift 2 ;;
    --auto-install-postgres) AUTO_INSTALL_POSTGRES="$2"; shift 2 ;;
    --auto-create-pguser) AUTO_CREATE_PGUSER="$2"; shift 2 ;;
    --pguser-superuser) PGUSER_SUPERUSER="$2"; shift 2 ;;
    --auto-configure-sudoers) AUTO_CONFIGURE_SUDOERS="$2"; shift 2 ;;
    --remote-roles-dir-name) REMOTE_ROLES_DIR_NAME="$2"; shift 2 ;;
    --excluded-restore-roles) EXCLUDED_RESTORE_ROLES="$2"; shift 2 ;;
    --force) FORCE="yes"; shift ;;
    *) echo "Argument inconnu : $1" >&2; exit 1 ;;
  esac
done

fail() {
  echo "ERROR: $*" >&2
  exit 1
}

to_bool_yes_no() {
  local v="${1:-}"
  v="${v,,}"
  case "$v" in
    yes|y|oui|o|true|1) echo "yes" ;;
    no|n|non|false|0|"") echo "no" ;;
    *) return 1 ;;
  esac
}

[[ -n "$TARGET" ]] || fail "--target manquant"
[[ "$TARGET" =~ ^[a-zA-Z0-9_-]+$ ]] || fail "target invalide"

[[ -n "$HOST" ]] || fail "--host manquant"
[[ -n "$BOOTSTRAP_USER" ]] || fail "--bootstrap-user manquant"
[[ -n "$BOOTSTRAP_SSH_KEY" ]] || fail "--bootstrap-key manquant"
[[ -n "$REPO_DIR" ]] || fail "--repo-dir manquant"
[[ -n "$ENV_NAME" ]] || fail "--env-name manquant"
[[ -n "$PGUSER" ]] || fail "--pguser manquant"
[[ -n "$PGPASSWORD" ]] || fail "--pgpassword manquant"
[[ -n "$DBS" ]] || fail "--dbs manquant"
[[ -n "$BACKUP_SUBDIR" ]] || fail "--backup-subdir manquant"
[[ "$PORT" =~ ^[0-9]+$ ]] || fail "--port invalide"

[[ -n "$RUNTIME_USER" ]] || RUNTIME_USER="$BOOTSTRAP_USER"
[[ -n "$ENV_FILE" ]] || ENV_FILE="${REPO_DIR}/.env"
[[ -n "$PGHOST" ]] || PGHOST="127.0.0.1"
[[ -n "$PGPORT" ]] || PGPORT="5432"
[[ "$PGPORT" =~ ^[0-9]+$ ]] || fail "--pgport invalide"
[[ -n "$BACKUP_LOG_DIR" ]] || BACKUP_LOG_DIR="/home/${RUNTIME_USER}/logs/rebuild_bdd"
[[ -n "$LOCAL_RESTORE_BASE_DIR" ]] || LOCAL_RESTORE_BASE_DIR="${REPO_DIR}/restore_tmp"
[[ -n "$SSH_KEY_TARGET_PATH" ]] || SSH_KEY_TARGET_PATH="/home/${RUNTIME_USER}/.ssh/id_ed25519_backup_readonly"

ENABLE_BOOTSTRAP="$(to_bool_yes_no "$ENABLE_BOOTSTRAP")" || fail "--enable-bootstrap invalide"
ALLOW_PASSWORDLESS_SUDO="$(to_bool_yes_no "$ALLOW_PASSWORDLESS_SUDO")" || fail "--allow-passwordless-sudo invalide"
AUTO_INSTALL_POSTGRES="$(to_bool_yes_no "$AUTO_INSTALL_POSTGRES")" || fail "--auto-install-postgres invalide"
AUTO_CREATE_PGUSER="$(to_bool_yes_no "$AUTO_CREATE_PGUSER")" || fail "--auto-create-pguser invalide"
PGUSER_SUPERUSER="$(to_bool_yes_no "$PGUSER_SUPERUSER")" || fail "--pguser-superuser invalide"
AUTO_CONFIGURE_SUDOERS="$(to_bool_yes_no "$AUTO_CONFIGURE_SUDOERS")" || fail "--auto-configure-sudoers invalide"

mkdir -p "$TARGETS_DIR" || fail "impossible de créer $TARGETS_DIR"

TARGET_FILE="${TARGETS_DIR}/${TARGET}.env"
if [[ -f "$TARGET_FILE" && "$FORCE" != "yes" ]]; then
  fail "fichier déjà existant : $TARGET_FILE (utiliser --force pour écraser)"
fi

cat >"$TARGET_FILE" <<EOF
TARGET_HOST=${HOST}
TARGET_PORT=${PORT}
TARGET_BOOTSTRAP_USER=${BOOTSTRAP_USER}
TARGET_BOOTSTRAP_SSH_KEY=${BOOTSTRAP_SSH_KEY}
TARGET_RUNTIME_USER=${RUNTIME_USER}

TARGET_ENABLE_BOOTSTRAP=${ENABLE_BOOTSTRAP}
TARGET_BOOTSTRAP_ALLOW_PASSWORDLESS_SUDO=${ALLOW_PASSWORDLESS_SUDO}

TARGET_REPO_DIR=${REPO_DIR}
TARGET_ENV_FILE=${ENV_FILE}

TARGET_ENV_NAME=${ENV_NAME}
TARGET_PGHOST=${PGHOST}
TARGET_PGPORT=${PGPORT}
TARGET_PGUSER=${PGUSER}
TARGET_PGPASSWORD=${PGPASSWORD}
TARGET_DBS=${DBS}

TARGET_BACKUP_SUBDIR=${BACKUP_SUBDIR}

TARGET_BACKUP_LOG_DIR=${BACKUP_LOG_DIR}
TARGET_LOCAL_RESTORE_BASE_DIR=${LOCAL_RESTORE_BASE_DIR}
TARGET_SSH_KEY=${SSH_KEY_TARGET_PATH}

TARGET_REMOTE_ROLES_DIR_NAME=${REMOTE_ROLES_DIR_NAME}
TARGET_EXCLUDED_RESTORE_ROLES=${EXCLUDED_RESTORE_ROLES}
TARGET_AUTO_INSTALL_POSTGRES=${AUTO_INSTALL_POSTGRES}
TARGET_AUTO_CREATE_PGUSER=${AUTO_CREATE_PGUSER}
TARGET_PGUSER_SUPERUSER=${PGUSER_SUPERUSER}
TARGET_AUTO_CONFIGURE_SUDOERS=${AUTO_CONFIGURE_SUDOERS}
EOF

chmod 600 "$TARGET_FILE" || fail "chmod impossible sur $TARGET_FILE"

echo "OK: ${TARGET_FILE}"