#!/usr/bin/env bash
# Install NPMplus (Docker + NPM) in container 10237 (NPMplus Mifos) on r630-02.
# Run after create-npmplus-mifos-container.sh. See docs/04-configuration/MIFOS_NPMPLUS_TUNNEL.md
set -euo pipefail

SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
PROJECT_ROOT="$(cd "$SCRIPT_DIR/../.." && pwd)"
source "$PROJECT_ROOT/config/ip-addresses.conf" 2>/dev/null || true
[ -f "$PROJECT_ROOT/.env" ] && set +u && source "$PROJECT_ROOT/.env" 2>/dev/null || true && set -u

VMID="${NPMPLUS_MIFOS_VMID:-10237}"
HOST="${PROXMOX_HOST_R630_02:-192.168.11.12}"
IP="${IP_NPMPLUS_MIFOS:-192.168.11.171}"
TZ="${TZ:-America/New_York}"
ACME_EMAIL="${NPM_EMAIL:-admin@example.org}"

log() { echo "[INFO] $1"; }
success() { echo "[OK] $1"; }
error() { echo "[ERROR] $1"; exit 1; }

log "Installing NPMplus in container $VMID on $HOST ($IP)..."

if ! ssh -o StrictHostKeyChecking=no -o ConnectTimeout=5 root@"$HOST" "pct status $VMID" >/dev/null 2>&1; then
  error "Container $VMID not found or not running. Create it first: ./scripts/npmplus/create-npmplus-mifos-container.sh"
fi

ssh -o StrictHostKeyChecking=no root@"$HOST" "pct exec $VMID -- bash -s" << INSTALL_EOF
set -e
export TZ="$TZ"
export ACME_EMAIL="$ACME_EMAIL"

echo "Installing Docker and NPMplus (Debian)..."

apt-get update -qq
apt-get install -y -qq ca-certificates curl gnupg lsb-release

if ! command -v docker >/dev/null 2>&1; then
  install -m 0755 -d /etc/apt/keyrings
  curl -fsSL https://download.docker.com/linux/debian/gpg | gpg --dearmor -o /etc/apt/keyrings/docker.gpg
  chmod a+r /etc/apt/keyrings/docker.gpg
  echo "deb [arch=\$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/debian \$(. /etc/os-release && echo \$VERSION_CODENAME) stable" | tee /etc/apt/sources.list.d/docker.list > /dev/null
  apt-get update -qq
  apt-get install -y -qq docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin
fi

systemctl start docker 2>/dev/null || true
systemctl enable docker 2>/dev/null || true
sleep 3

mkdir -p /opt /opt/npmplus
cd /opt
cat > compose.yaml << COMPOSE_EOF
name: npmplus
services:
  npmplus:
    container_name: npmplus
    image: docker.io/zoeyvid/npmplus:latest
    restart: unless-stopped
    network_mode: host
    volumes:
      - "/opt/npmplus:/data"
    environment:
      - "TZ=$TZ"
      - "ACME_EMAIL=$ACME_EMAIL"
COMPOSE_EOF

docker compose up -d

for i in \$(seq 1 30); do
  if docker ps --filter "name=npmplus" --format "{{.Status}}" | grep -qE "healthy|Up"; then
    echo "NPMplus ready"
    break
  fi
  sleep 2
done

CID=\$(docker ps --filter "name=npmplus" --format "{{.ID}}" | head -1)
if [ -n "\$CID" ]; then
  PWD=\$(docker logs "\$CID" 2>&1 | grep -i "Creating a new user" | tail -1 | grep -oP "password: \\K[^\\s]+" || echo "")
  if [ -n "\$PWD" ]; then
    echo "username: admin@example.org" > /opt/.npm_pwd
    echo "password: \$PWD" >> /opt/.npm_pwd
  fi
fi

echo "Install complete"
INSTALL_EOF

if [ $? -eq 0 ]; then
  success "NPMplus installed in container $VMID"
  log "Admin UI: https://${IP}:81"
  log "Get password: ssh root@$HOST 'pct exec $VMID -- cat /opt/.npm_pwd 2>/dev/null'"
  log "Add proxy host mifos.d-bis.org -> http://${MIFOS_IP:-192.168.11.85}:80, then point tunnel Service to https://${IP}:443"
else
  error "Installation failed"
fi