#!/bin/bash

# Ubuntu 24.04 Setup Script for retailplayer
# This script must be run with sudo privileges

set -e  # Exit on any error

# Colors for output
RED='\033[0;31m'
GREEN='\033[0;32m'
YELLOW='\033[1;33m'
BLUE='\033[0;34m'
NC='\033[0m' # No Color

# Function to print colored output
print_status() {
    echo -e "${BLUE}[INFO]${NC} $1"
}

print_success() {
    echo -e "${GREEN}[SUCCESS]${NC} $1"
}

print_warning() {
    echo -e "${YELLOW}[WARNING]${NC} $1"
}

print_error() {
    echo -e "${RED}[ERROR]${NC} $1"
}

# Check if script is run as root
if [[ $EUID -ne 0 ]]; then
   print_error "This script must be run as root (use sudo)"
   exit 1
fi

print_status "Starting Ubuntu 24.04 setup script..."

# Create user "retailplayer" and set password
print_status "Creating user 'retailplayer'..."
if id "retailplayer" &>/dev/null; then
    print_warning "User 'retailplayer' already exists"
else
    useradd -m -s /bin/bash retailplayer
    print_success "User 'retailplayer' created"
fi

# Set password for retailplayer
print_status "Setting password for user 'retailplayer'..."
echo "retailplayer:retailplayer" | chpasswd
print_success "Password set for user 'retailplayer'"

# Add retailplayer to sudo group
print_status "Adding 'retailplayer' to sudo group..."
usermod -aG sudo retailplayer
print_success "User 'retailplayer' added to sudo group"

# Update package list
print_status "Updating package list..."
apt-get update

# Install Docker version 28.0.2
print_status "Installing Docker 28.0.2..."

# Remove any existing Docker installations
apt-get remove -y docker docker-engine docker.io containerd runc 2>/dev/null || true

# Install prerequisites
apt-get install -y \
    ca-certificates \
    curl \
    gnupg \
    lsb-release

# Add Docker's official GPG key
install -m 0755 -d /etc/apt/keyrings
curl -fsSL https://download.docker.com/linux/ubuntu/gpg | gpg --dearmor -o /etc/apt/keyrings/docker.gpg
chmod a+r /etc/apt/keyrings/docker.gpg

# Add Docker repository
echo \
  "deb [arch="$(dpkg --print-architecture)" signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/ubuntu \
  "$(. /etc/os-release && echo "$VERSION_CODENAME")" stable" | \
  tee /etc/apt/sources.list.d/docker.list > /dev/null

# Update package list with Docker repo
apt-get update

# Install specific Docker version 28.0.2
DOCKER_VERSION="5:28.0.2-1~ubuntu.24.04~noble"
apt-get install -y docker-ce=$DOCKER_VERSION docker-ce-cli=$DOCKER_VERSION containerd.io docker-buildx-plugin

# Hold Docker packages to prevent automatic updates
apt-mark hold docker-ce docker-ce-cli containerd.io

# Start and enable Docker service
systemctl start docker
systemctl enable docker

print_success "Docker 28.0.2 installed successfully"

# Install Docker Compose version 2.34.0
print_status "Installing Docker Compose 2.34.0..."

# Download Docker Compose binary
curl -L "https://github.com/docker/compose/releases/download/v2.34.0/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose

# Make it executable
chmod +x /usr/local/bin/docker-compose

# Create symlink for easier access
ln -sf /usr/local/bin/docker-compose /usr/bin/docker-compose

print_success "Docker Compose 2.34.0 installed successfully"

# Install whiptail to display license agreement correctly
print_status "Installing whiptail to display license agreement..."
apt-get install -y whiptail
print_success "whiptail installed successfully"

# Add retailplayer to docker group
print_status "Adding 'retailplayer' to docker group..."
usermod -aG docker retailplayer
print_success "User 'retailplayer' added to docker group"

# Test network connectivity
print_status "Testing network connectivity..."

# Temporarily disable exit-on-error for network tests
set +e

# URLs for HTTP(S) testing
declare -a http_urls=(
    "https://flexa-base.azurewebsites.net"
    "https://flexa-lookup.barix.com"
    "https://release.barixupdate.com"
    "https://acme-v02.api.letsencrypt.org"
    "https://letsencrypt.org"
    "http://letsencrypt.org"
)

# Hostnames for ping testing (license servers)
declare -a ping_hosts=(
    "rpp-license1.barix.com"
    "rpp-license2.barix.com"
)

echo ""
echo "=== Network Connectivity Test Results ==="
echo ""

success_count=0
total_tests=$((${#http_urls[@]} + ${#ping_hosts[@]}))

# Test HTTP(S) connections
for url in "${http_urls[@]}"; do
    if curl -s --connect-timeout 10 --max-time 15 "$url" > /dev/null 2>&1; then
        print_success "✓ $url - HTTP(S) connection successful"
        success_count=$((success_count + 1))
    else
        print_error "✗ $url - HTTP(S) connection failed"
    fi
done

# Test ping connectivity for license servers
for host in "${ping_hosts[@]}"; do
    if ping -c 4 -W 5 "$host" > /dev/null 2>&1; then
        print_success "✓ $host - Ping successful (license server reachable)"
        success_count=$((success_count + 1))
    else
        print_error "✗ $host - Ping failed (license server unreachable)"
    fi
done

# Re-enable exit-on-error
set -e

echo ""
echo "=== Connectivity Summary ==="
echo "Successful connections: $success_count/$total_tests"

if [ "$success_count" -eq "$total_tests" ]; then
    print_success "All network connectivity tests passed!"
else
    print_warning "Some network connectivity tests failed. Please check your internet connection and firewall settings."
fi

# Display installation summary
echo ""
echo "=== Installation Summary ==="
echo "✓ User 'retailplayer' created with password 'retailplayer'"
echo "✓ User 'retailplayer' added to sudo group"
echo "✓ Docker $(docker --version | cut -d' ' -f3 | cut -d',' -f1) installed"
echo "✓ Docker Compose $(/usr/local/bin/docker-compose --version | cut -d' ' -f4 | cut -d',' -f1) installed"
echo "✓ User 'retailplayer' added to docker group"
echo "✓ Network connectivity tests completed"

echo ""
print_status "Setup completed! Switching to retailplayer user..."

# Create a temporary script for the retailplayer user session
cat > /tmp/retailplayer_login.sh << 'EOF'
#!/bin/bash
echo "Welcome! You are now logged in as retailplayer user."
echo "Current directory: $(pwd)"
echo "Groups: $(groups)"
echo ""
echo "Docker version: $(docker --version)"
echo "Docker Compose version: $(docker-compose --version)"
echo ""
echo "Testing docker access..."
if docker ps > /dev/null 2>&1; then
    echo "✓ Docker is working correctly!"
else
    echo "⚠ Note: You may need to log out and back in for docker group to take full effect"
fi
echo ""
echo "Setup complete! You can now use Docker and Docker Compose."
echo "Type 'exit' to return to the previous user."
exec bash
EOF

# Make the script executable
chmod +x /tmp/retailplayer_login.sh

# Switch to retailplayer user in their home directory with updated groups
print_success "Logging in as 'retailplayer' user with docker group permissions..."
echo ""
print_status "Switching to retailplayer user..."

# Clean up the temporary script on exit
trap 'rm -f /tmp/retailplayer_login.sh' EXIT

# Execute as retailplayer user in their home directory
exec sudo -u retailplayer -i /tmp/retailplayer_login.sh