#!/usr/bin/env bash
#############################################################
# Script name: install.sh
# Author: Gilles Mouchet (gilles.mouchet@gmail.com
# Version: 1.0.0
# Description: This script prepare own pki environment
# License: GNU GPL v3
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# Changelog
# [1.0.0] - 2026-04-12
# - Added
#   - create environment for cert
#   - create DB
# - Project initialization
#   - initialization by gilles.mouchet@gmail.com
#
############################################################
#
set -Eeuo pipefail

VERSION=1.0.0

############################################################
# FUNCTIONS
############################################################
#-----------------------------------------------------------
# init db
init_db(){
    mkdir -p "$(dirname "$DB_PATH")"
    sqlite3 $DB_PATH <<EOF
CREATE TABLE IF NOT EXISTS certs (
    id INTEGER PRIMARY KEY AUTOINCREMENT,
    common_name TEXT UNIQUE,
    san_dns TEXT,
    san_ip TEXT,
    cert_key TEXT,
    cert_csr TEXT,
    cert_crt TEXT,
    not_valid_before TEXT,
    not_valid_after TEXT,
    created_at DATETIME DEFAULT CURRENT_TIMESTAMP,
    updated_at DATETIME DEFAULT CURRENT_TIMESTAMP
);

CREATE TRIGGER IF NOT EXISTS update_certs_updated_at
AFTER UPDATE ON certs
FOR EACH ROW
BEGIN
    UPDATE certs
    SET updated_at = CURRENT_TIMESTAMP
    WHERE id = OLD.id;
END;
EOF
}
############################################################
# Main
############################################################

# path resolution 
SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
ROOT_DIR="$(dirname "$SCRIPT_DIR")"
ETC_PATH="/etc/own-pki"
ENABLE_COLOR=true
BIN_PATH="/opt/own-pki"
DB_PATH="/var/lib/own-pki/certificates.db"
ASSUME_YES=0

# read stdlib.sh
source "$ROOT_DIR/lib/set-color.sh"
source "$ROOT_DIR/lib/message.sh"
source "$ROOT_DIR/lib/check-rc.sh"
source "$ROOT_DIR/lib/yes-no.sh"

set_color

main(){
# check if user has sudo rigth
    if sudo ! -n true 2>/dev/null; then
        msg_error "Access denied: user $USER does not have sudo privileges or a password is required.."
        exit 1
   fi

# check if the effective user ID is 0 (root)
    if [[ $EUID -ne 0 ]]; then
        msg_error "\nThis script must be run as root or with sudo.\n"
        exit 1
    fi

# install sqlite
    echo -n -e "Install ${ORANGE}sqlite${NC}. Please wait...: "
    dnf install sqlite -y > /dev/null 2>&1
    check_rc $?

# create paths
    echo -n -e "Create path $BIN_PATH: "
    if [ ! -d "$BIN_PATH" ]; then
        mkdir -p "$BIN_PATH" 2>/dev/null
        check_rc $?
    else 
        msg_warn "$BIN_PATH already exists!"
    fi

    echo -n -e "Create path $BIN_PATH/lib: "
    if [ ! -d "$BIN_PATH/lib" ]; then
        mkdir -p "$BIN_PATH/lib" 2>/dev/null
        check_rc $?
    else 
        msg_warn "$BIN_PATH/lib already exists!"
    fi
    
    echo -e -n "Create $BIN_PATH/bin: "
    if [ ! -d "$BIN_PATH/bin" ]; then
        mkdir -p $BIN_PATH/bin 2>/dev/null
        check_rc $?
    else 
        msg_warn "$BIN_PATH/bin already exists!"
    fi
    
    echo -e -n "Create $ETC_PATH: "
    if [ ! -d "$ETC_PATH" ]; then
        mkdir -p $ETC_PATH 2>/dev/null
        check_rc $?
    else 
        msg_warn "$ETC_PATH already exists!"
    fi

# copy config file
    echo -e -n "Copy ${ORANGE}$ROOT_DIR/config/own-pki.conf${NC} to ${ETC_PATH}/: "
    cp "$ROOT_DIR/config/own-pki.conf" "${ETC_PATH}/."
    check_rc $?

# create DB
    echo -n -e "Create DB $DB_PATH: "
    if [ -f "$DB_PATH" ]; then
       msg_warn "$DB_PATH already exists!"
       yes_no "Are you sure you want to recreate a database"
       rm -rf "$DB_PATH"
       init_db
       check_rc $?
    else
       init_db
       check_rc $?
    fi

# copy script file to opt
    msg_info "Copy librairie scripts files"
    files=( $ROOT_DIR/lib/* )
    for f in "${files[@]}"; do
        echo -e -n "  copy ${ORANGE}$f${NC} to ${BIN_PATH}/lib: "
        cp "$f" "$BIN_PATH/lib/"
        check_rc $?
    done
    
    msg_info "Copy main scripts files"
    files=( $ROOT_DIR/bin/* )
    for f in "${files[@]}"; do
        # exclude install.sh
        if [ "$f" != "$ROOT_DIR/bin/install.sh" ]; then
            echo -e -n "  copy ${ORANGE}$f${NC} to ${BIN_PATH}/bin: "
            cp "$f" "$BIN_PATH/bin/"
            check_rc $?
        fi
    done

    msg_info "Create link"
    files=( $ROOT_DIR/bin/* )
    for f in "${files[@]}"; do
        # exclude install.sh
        if [ "$f" != "$ROOT_DIR/bin/install.sh" ]; then
            SCRIPT_FILE=$(basename "$f")
            echo -e -n "  create link ${ORANGE}$BIN_PATH/bin/$SCRIPT_FILE${NC} to /usr/local/bin/: "
            ln -f -s $BIN_PATH/bin/$SCRIPT_FILE /usr/local/bin/ #>"$out_tmp" 2>"$err_tmp"
            check_rc $?
            
        fi 
    done       
}
main "$@"