#!/bin/bash

# Ensure we're in the project root directory
PROJECT_ROOT="$(cd "$(dirname "${BASH_SOURCE[0]}")/../.." && pwd)"
cd "${PROJECT_ROOT}"

# Define directories relative to project root
CREDENTIALS_DIR="config/credentials"
DOCKER_DIR="docker"

# Create necessary directories
mkdir -p "${CREDENTIALS_DIR}"
mkdir -p "${DOCKER_DIR}"

# Function to generate secure passwords
generate_password() {
    openssl rand -base64 24 | tr -dc 'a-zA-Z0-9' | head -c 24
}

# Date for documentation
SETUP_DATE=$(date '+%Y-%m-%d_%H-%M-%S')

# Generate passwords
KEYCLOAK_ADMIN_PASSWORD=$(generate_password)
KC_DB_PASSWORD=$(generate_password)

# Create .env file in docker directory
cat > "${DOCKER_DIR}/.env" << EOL
# Generated on ${SETUP_DATE}
# Keycloak Admin
KEYCLOAK_ADMIN_PASSWORD=${KEYCLOAK_ADMIN_PASSWORD}

# Keycloak Database
KC_DB_USERNAME=keycloak
KC_DB_PASSWORD=${KC_DB_PASSWORD}
EOL

# Create encrypted credentials documentation
cat > "${CREDENTIALS_DIR}/credentials_${SETUP_DATE}.txt" << EOL
Setup Date: ${SETUP_DATE}

Keycloak Admin Credentials:
Username: admin
Password: ${KEYCLOAK_ADMIN_PASSWORD}

Keycloak Database Credentials:
Username: keycloak
Password: ${KC_DB_PASSWORD}
EOL

# Encrypt credentials file
gpg --symmetric --cipher-algo AES256 "${CREDENTIALS_DIR}/credentials_${SETUP_DATE}.txt"
rm "${CREDENTIALS_DIR}/credentials_${SETUP_DATE}.txt"

echo "Environment setup completed!"
echo "Credentials have been saved and encrypted in: ${CREDENTIALS_DIR}/credentials_${SETUP_DATE}.txt.gpg"
echo ".env file has been created in: ${DOCKER_DIR}/.env"
echo ""
echo "To view credentials, use:"
echo "gpg -d ${CREDENTIALS_DIR}/credentials_${SETUP_DATE}.txt.gpg"