#!/bin/sh
set -eu

echo "New nextcloud instance"
if [ -n "${NEXTCLOUD_ADMIN_USER+x}" ] && [ -n "${NEXTCLOUD_ADMIN_PASSWORD+x}" ]; then
    echo "starting nexcloud installation"
    max_retries=10
    try=0

    until sh -c "php /usr/src/nextcloud/occ maintenance:install -n --admin-user $NEXTCLOUD_ADMIN_USER --admin-pass $NEXTCLOUD_ADMIN_PASSWORD" || [ "$try" -gt "$max_retries" ]
        do
            echo "retrying install..."
            try=$((try+1))
            sleep 3s
        done

    if [ "$try" -gt "$max_retries" ]; then
        echo "installing of nextcloud failed!"
        exit 1
    fi
else
    echo "running web-based installer on first connect!"
fi

# Fix Nc...
sh -c "php /usr/src/nextcloud/occ db:convert-filecache-bigint -n"
sh -c "php /usr/src/nextcloud/occ db:add-missing-indices"
sh -c "php /usr/src/nextcloud/occ config:app:set core backgroundjobs_mode --value cron"

# DISABLE_APPS=firstrunwizard,contacts
if [ -n "${DISABLE_APPS+x}" ]; then
    sh -c "php /usr/src/nextcloud/occ app:disable $(echo $DISABLE_APPS | sed "s/,/ /g")"
fi
/usr/local/bin/php occ app:disable dashboard survey_client user_status weather_status bruteforcesettings nextcloud_announcements password_policy
/usr/local/bin/php /usr/src/nextcloud/occ app:enable files_versions_s3

# ENABLE_APPS=user_saml,apporder
if [ -n "${ENABLE_APPS+x}" ]; then
    sh -c "php /usr/src/nextcloud/occ app:enable $(echo $ENABLE_APPS | sed "s/,/ /g")"
fi

if [ -n "${ONLYOFFICE_JWT_SECRET+x}" ]; then
    sh -c "php /usr/src/nextcloud/occ app:enable onlyoffice"
    sh -c "php /usr/src/nextcloud/occ config:app:set onlyoffice jwt_secret --value ${ONLYOFFICE_JWT_SECRET}"
    sh -c "php /usr/src/nextcloud/occ config:app:set onlyoffice DocumentServerUrl --value ${ONLYOFFICE_SERVER}"
    sh -c "php /usr/src/nextcloud/occ config:app:set onlyoffice sameTab --value true"
    sh -c "php /usr/src/nextcloud/occ config:app:set onlyoffice versionHistory --value true"
    sh -c "php /usr/src/nextcloud/occ config:app:set onlyoffice customizationForcesave --value true"
fi

if [ -n "${PRIVACY_DATA_LOCATION+x}" ]; then
    sh -c "php /usr/src/nextcloud/occ config:app:set privacy readableLocation --value ${PRIVACY_DATA_LOCATION}"
fi

if [ -n "${SAML_IDP_URL+x}" ] && [ -n "${SAML_REALM+x}" ]; then
    
    export SAML_CERT=`awk 'BEGIN{RS="\n";ORS="\\n"}1' /etc/tls/saml/tls.crt`
    export SAML_KEY=`awk 'BEGIN{RS="\n";ORS="\\n"}1' /etc/tls/saml/tls.key`
    export SAML_IDP_CERT=`awk 'BEGIN{RS="\n";ORS="\\n"}1' /etc/tls/idp/tls.crt`
    
    sh -c "php /usr/src/nextcloud/occ config:app:set user_saml types --value authentication"
    sh -c "php /usr/src/nextcloud/occ config:app:set user_saml enabled --value yes"
    sh -c "php /usr/src/nextcloud/occ config:app:set user_saml general-allow_multiple_user_back_ends --value 0"
    sh -c "php /usr/src/nextcloud/occ config:app:set user_saml type --value saml"
    sh -c "php /usr/src/nextcloud/occ config:app:set user_saml general-use_saml_auth_for_desktop --value 1"
    sh -c "php /usr/src/nextcloud/occ config:app:set user_saml general-idp0_display_name --value $SAML_DISPLAY_NAME"
    sh -c "php /usr/src/nextcloud/occ config:app:set user_saml saml-attribute-mapping-displayName_mapping --value username"
    sh -c "php /usr/src/nextcloud/occ config:app:set user_saml saml-attribute-mapping-group_mapping --value groups"
    sh -c "php /usr/src/nextcloud/occ config:app:set user_saml saml-attribute-mapping-email_mapping --value email"
    sh -c "php /usr/src/nextcloud/occ config:app:set user_saml security-authnRequestsSigned --value 1"
    sh -c "php /usr/src/nextcloud/occ config:app:set user_saml security-logoutRequestSigned --value 1"
    sh -c "php /usr/src/nextcloud/occ config:app:set user_saml security-logoutResponseSigned --value 1"
    sh -c "php /usr/src/nextcloud/occ config:app:set user_saml security-wantMessagesSigned --value 1"
    sh -c "php /usr/src/nextcloud/occ config:app:set user_saml security-wantAssertionsSigned --value 1"
    sh -c "php /usr/src/nextcloud/occ config:app:set user_saml general-uid_mapping --value username"
    sh -c "php /usr/src/nextcloud/occ config:app:set user_saml idp-singleLogoutService.url --value ${SAML_IDP_URL}/auth/realms/${SAML_REALM}/protocol/saml"
    sh -c "php /usr/src/nextcloud/occ config:app:set user_saml idp-singleSignOnService.url --value ${SAML_IDP_URL}/auth/realms/${SAML_REALM}/protocol/saml"
    sh -c "php /usr/src/nextcloud/occ config:app:set user_saml idp-entityId --value ${SAML_IDP_URL}/auth/realms/${SAML_REALM}"
    sh -c "php /usr/src/nextcloud/occ config:app:set user_saml sp-x509cert --value=\"$SAML_CERT\""
    sh -c "php /usr/src/nextcloud/occ config:app:set user_saml sp-privateKey --value=\"$SAML_KEY\""
    sh -c "php /usr/src/nextcloud/occ config:app:set user_saml idp-x509cert --value=\"$SAML_IDP_CERT\""
fi

/usr/local/bin/php occ config:app:set theming url --value="https://indiehosters.net"
/usr/local/bin/php occ config:app:set theming color --value="#0DB4C7"
/usr/local/bin/php occ config:app:set theming name --value="Nuage Liiibre"
/usr/local/bin/php occ config:app:set theming slogan --value="Fabriquer l'avenir et rester libres."
/usr/local/bin/php /usr/src/nextcloud/occ config:app:set files default_quota --value="10 GB"