#!/bin/bash

# Ensure we're in the project root directory
PROJECT_ROOT="$(cd "$(dirname "${BASH_SOURCE[0]}")/../.." && pwd)"
cd "${PROJECT_ROOT}"

# Define directories relative to project root
CREDENTIALS_DIR="config/credentials"
DOCKER_DIR="docker"
KEYCLOAK_SCRIPTS_DIR="scripts/setup/keycloak"


# Create necessary directories
mkdir -p "${CREDENTIALS_DIR}"
mkdir -p "${DOCKER_DIR}"
mkdir -p "${KEYCLOAK_SCRIPTS_DIR}"

# Function to generate secure passwords
generate_password() {
    openssl rand -base64 24 | tr -dc 'a-zA-Z0-9' | head -c 24
}

# Date for documentation
SETUP_DATE=$(date '+%Y-%m-%d_%H-%M-%S')

# Generate passwords
KEYCLOAK_ADMIN_PASSWORD=$(generate_password)
KC_DB_PASSWORD=$(generate_password)
TESTADMIN_PASSWORD=$(generate_password)
TESTUSER_PASSWORD=$(generate_password)
NEXTCLOUD_DB_ROOT_PASSWORD=$(generate_password)
NEXTCLOUD_DB_USER=$(generate_password)
NEXTCLOUD_DB_PASSWORD=$(generate_password)
NEXTCLOUD_ADMIN_USER=$(generate_password)
NEXTCLOUD_ADMIN_PASSWORD=$(generate_password)


# Create .env file in docker directory
cat > "${DOCKER_DIR}/.env" << EOL
# Generated on ${SETUP_DATE}
# Keycloak Admin
KEYCLOAK_ADMIN_PASSWORD=${KEYCLOAK_ADMIN_PASSWORD}

# Keycloak Database
KC_DB_USERNAME=keycloak
KC_DB_PASSWORD=${KC_DB_PASSWORD}

# Nextcloud Database
NEXTCLOUD_DB_ROOT_PASSWORD=${NEXTCLOUD_DB_ROOT_PASSWORD}
NEXTCLOUD_DB_USER=${NEXTCLOUD_DB_USER}
NEXTCLOUD_DB_PASSWORD=${NEXTCLOUD_DB_PASSWORD}
NEXTCLOUD_ADMIN_USER=${NEXTCLOUD_ADMIN_USER}
NEXTCLOUD_ADMIN_PASSWORD=${NEXTCLOUD_ADMIN_PASSWORD}
EOL

# Create .env file for keycloak setup script
cat > "${KEYCLOAK_SCRIPTS_DIR}/.env" << EOL
# Generated on ${SETUP_DATE}
KEYCLOAK_URL=https://auth.mrx8086.com
KEYCLOAK_ADMIN_USER=admin
KEYCLOAK_ADMIN_PASSWORD=${KEYCLOAK_ADMIN_PASSWORD}
NEXTCLOUD_CLIENT_ID=nextcloud
PAPERLESS_CLIENT_ID=paperless
NODERED_CLIENT_ID=nodered
TESTADMIN_PASSWORD=${TESTADMIN_PASSWORD}
TESTUSER_PASSWORD=${TESTUSER_PASSWORD}
EOL

# Create encrypted credentials documentation
cat > "${CREDENTIALS_DIR}/credentials_${SETUP_DATE}.txt" << EOL
Setup Date: ${SETUP_DATE}

Keycloak Admin Credentials:
Username: admin
Password: ${KEYCLOAK_ADMIN_PASSWORD}

Keycloak Database Credentials:
Username: keycloak
Password: ${KC_DB_PASSWORD}
Test Admin Credentials:
Password: ${TESTADMIN_PASSWORD}
Test User Credentials:
Password: ${TESTUSER_PASSWORD}

Nextcloud Database Credentials:
Root Password: ${NEXTCLOUD_DB_ROOT_PASSWORD}
User: ${NEXTCLOUD_DB_USER}
Password: ${NEXTCLOUD_DB_PASSWORD}
Nextcloud Admin Credentials:
Username: ${NEXTCLOUD_ADMIN_USER}
Password: ${NEXTCLOUD_ADMIN_PASSWORD}
EOL

# Encrypt credentials file
gpg --symmetric --cipher-algo AES256 "${CREDENTIALS_DIR}/credentials_${SETUP_DATE}.txt"
rm "${CREDENTIALS_DIR}/credentials_${SETUP_DATE}.txt"

echo "Environment setup completed!"
echo "Credentials have been saved and encrypted in: ${CREDENTIALS_DIR}/credentials_${SETUP_DATE}.txt.gpg"
echo ".env file for docker-compose has been created in: ${DOCKER_DIR}/.env"
echo ".env file for setup_realm.js has been created in: ${KEYCLOAK_SCRIPTS_DIR}/.env"
echo ""
echo "To view credentials, use:"
echo "gpg -d ${CREDENTIALS_DIR}/credentials_${SETUP_DATE}.txt.gpg"