#!/bin/bash

set -eux

readonly WP="/app/code/wp --allow-root"
readonly admin_password=$(pwgen -1)
readonly admin_email=${MAIL_SMTP_USERNAME}@${MAIL_DOMAIN}
echo "Admin password is ${admin_password} and email is ${admin_email}"

if [[ -z "$(ls -A /app/data)" ]]; then
    echo "Copying wp-content files on first run"
    mv /app/code/wp-content /app/data/wp-content/
    rm -rf /app/code/wp-content
    ln -sf /app/data/wp-content /app/code/wp-content

    # this also generates the salt in wp-config.php which must be backed up
    $WP core config --dbname="${MYSQL_DATABASE}" --dbuser="${MYSQL_USERNAME}" --dbpass="${MYSQL_PASSWORD}" --dbhost="${MYSQL_HOST}" --extra-php <<EOF
    // prevent user from changing the Settings->General, WordPress and Blog address values.
    define('WP_HOME',    'https://$(hostname -f)');
    define('WP_SITEURL', 'https://$(hostname -f)');

    /*
     http://cmanios.wordpress.com/2014/04/12/nginx-https-reverse-proxy-to-wordpress-with-apache-http-and-different-port/
     http://wordpress.org/support/topic/compatibility-with-wordpress-behind-a-reverse-proxy
     https://wordpress.org/support/topic/wp_home-and-wp_siteurl
     */
    // If WordPress is behind reverse proxy which proxies https to http
    if (!empty(\$_SERVER['HTTP_X_FORWARDED_FOR'])) {
        \$_SERVER['HTTP_HOST'] = \$_SERVER['HTTP_X_FORWARDED_HOST'];

        if (\$_SERVER['HTTP_X_FORWARDED_PROTO'] == 'https')
            \$_SERVER['HTTPS']='on';
    }
EOF

    $WP --url="https://$(hostname -f)" core install \
        --url="https://$(hostname -f)" \
        --title="My blog" \
        --admin_user=admin \
        --admin_password="${admin_password}" \
        --admin_email="${admin_email}"

    echo "Installing OAuth plugin"
    $WP plugin install --activate --force /app/code/wp-oauth.zip

    $WP plugin install --activate --force /app/code/disable-wordpress-updates.zip
    $WP plugin install --activate --force /app/code/wp-mail-smtp.zip

    $WP option update users_can_register 1 # without this, nothing works
    $WP option update wpoa_cloudron_api_enabled 1
    $WP option update wpoa_new_user_role administrator # TODO: let the plugin determine this from the oauth profile
    # $WP option update wpoa_hide_wordpress_login_form 1 # disabling this will make it impossible for users (commenters) to login
    $WP option update wpoa_suppress_welcome_email 1
else
    rm -rf /app/code/wp-content # upgrades & updates - starting out with existing data
    ln -sf /app/data/wp-content /app/code/wp-content
fi

# Settings to be updated on every run
sed -e "s/define('DB_NAME',.*/define('DB_NAME', '${MYSQL_DATABASE}');/" \
    -e "s/define('DB_USER',.*/define('DB_USER', '${MYSQL_USERNAME}');/" \
    -e "s/define('DB_PASSWORD',.*/define('DB_PASSWORD', '${MYSQL_PASSWORD}');/" \
    -e "s/define('DB_HOST',.*/define('DB_HOST', '${MYSQL_HOST}');/" \
    -e "s|define('WP_HOME',.*|define('WP_HOME', 'https://$(hostname -f)');|" \
    -e "s|define('WP_SITEURL',.*|define('WP_SITEURL', 'https://$(hostname -f)');|" \
    -i /app/data/wp-config.php # sed -i seems to destroy symlink

# reset the admin password
$WP user update $($WP user get admin --field=ID) --user_pass="${admin_password}"
$WP user update $($WP user get admin --field=ID) --user_email="${admin_email}"

# configure WP mail smtp plugin (smtp_user, smtp_pass can be set when supported)
$WP option update mailer smtp
$WP option update mail_from ${MAIL_SMTP_USERNAME}@${MAIL_DOMAIN}
$WP option update mail_from_name ${MAIL_SMTP_USERNAME}
$WP option update smtp_host ${MAIL_SMTP_SERVER}
$WP option update smtp_port ${MAIL_SMTP_PORT}
$WP option update smtp_auth false

$WP option update wpoa_cloudron_api_id "${OAUTH_CLIENT_ID}"
$WP option update wpoa_cloudron_api_secret "${OAUTH_CLIENT_SECRET}"

chown -R www-data:www-data /app/code /app/data

/usr/bin/supervisord --configuration /etc/supervisor/supervisord.conf --nodaemon -i WordPress