#!/usr/bin/bash
# SPDX-License-Identifier: AGPL-3.0-or-later
# SPDX-FileCopyrightText: 2023 grommunio GmbH

set -e

PROGNAME="`basename $0`"
ADAPTOR_CONFIG_DIR='/var/cache/grommunio-auth/adaptor-config'
GWEB_ADAPTOR_CONFIG='keycloak-grommunio-web.json'
GWEB_ADAPTOR_PUBKEY='keycloak-grommunio-web.bearer_pubkey'


check_if_root () {
	local MY_EUID=$(id -u)
	if [ -n "$MY_EUID" -a $MY_EUID -ne 0 ]; then
		echo "${PROGNAME}: this program must be run as root" 1>&2
		exit 2
	fi
}

case "$PROGNAME" in
	setup-gk-app-g-web)
		check_if_root
		PHPFPM_UNIT=$(systemctl list-units | grep 'php.*fpm' | perl -pe 's/^\s+(\S+)\s+.*$/\1/')
		OLD_UMASK=`umask`
		umask '0027'
		cp -va "${ADAPTOR_CONFIG_DIR}/${GWEB_ADAPTOR_CONFIG}" /etc/gromox/keycloak.json
		chown root:groweb /etc/gromox/keycloak.json
		umask "$OLD_UMASK"
		cp -v "${ADAPTOR_CONFIG_DIR}/${GWEB_ADAPTOR_PUBKEY}" /etc/gromox/bearer_pubkey
		echo -n "Restarting/reloading g-web FPM - '$PHPFPM_UNIT'..."
		systemctl try-reload-or-restart "$PHPFPM_UNIT"
		echo " done."
		# Clean up stragglers
		rm -vf "${ADAPTOR_CONFIG_DIR}/${GWEB_ADAPTOR_CONFIG}" || true
		rm -vf "${ADAPTOR_CONFIG_DIR}/${GWEB_ADAPTOR_PUBKEY}" || true
		;;
	delete-gk-app-g-web)
		check_if_root
		PHPFPM_UNIT=$(systemctl list-units | grep 'php.*fpm' | perl -pe 's/^\s+(\S+)\s+.*$/\1/')
		rm -vf /etc/gromox/keycloak.json || true
		rm -vf /etc/gromox/bearer_pubkey || true
		echo -n "Restarting/reloading g-web FPM - '$PHPFPM_UNIT'..."
		systemctl try-reload-or-restart "$PHPFPM_UNIT"
		echo " done."
		;;
esac


