#!/bin/bash

#
# This script expects to be run in the chef-bcpc directory with root under sudo
#

set -e

if [[ -f ./proxy_setup.sh ]] {
  source ./proxy_setup.sh
}

setglobal PROXY_INFO_FILE = '"/home/vagrant/proxy_info.sh'"
if [[ -f $PROXY_INFO_FILE ]] {
  source $PROXY_INFO_FILE
}

# define calling gem with a proxy if necessary
if [[ -z $http_proxy ]] {
    setglobal GEM_PROXY = ''""
} else {
    setglobal GEM_PROXY = ""-p $http_proxy""
}

if [[ -z "$1" ]] {
        setglobal BOOTSTRAP_IP = '10.0.100.3'
} else {
        setglobal BOOTSTRAP_IP = $1
}

# needed within build_bins which we call
if [[ -z "$CURL" ]] {
	echo "CURL is not defined"
	exit
}

if dpkg -s chef-server-core !2 >/dev/null | grep -q Status.*installed {
  echo chef server is installed
} else {
  dpkg -i cookbooks/bcpc/files/default/bins/chef-server.deb
  if test ! -s /etc/opscode/chef-server.rb {
    if test ! -d /etc/opscode {
      mkdir /etc/opscode
      chown 775 /etc/opscode
    }
    cat > /etc/opscode/chef-server.rb << """
# api_fqdn "$(BOOTSTRAP_IP)"
# allow connecting to http port directly
# nginx['enable_non_ssl'] = true
# have nginx listen on port 4000
nginx['non_ssl_port'] = 4000
# allow long-running recipes not to die with an error due to auth
#opscode_erchef['s3_url_ttl'] = 3600
"""
  }
  chef-server-ctl reconfigure
  chef-server-ctl user-create admin admin admin admin@localhost.com welcome --filename /etc/opscode/admin.pem
  chef-server-ctl org-create bcpc "BCPC" --association admin --filename /etc/opscode/bcpc-validator.pem
  chmod 0600 /etc/opscode/{bcpc-validator,admin}.pem
}

dpkg -E -i cookbooks/bcpc/files/default/bins/chef-client.deb

# copy our ssh-key to be authorized for root
if [[ -f $HOME/.ssh/authorized_keys && ! -f /root/.ssh/authorized_keys ]] {
  if [[ ! -d /root/.ssh ]] {
    mkdir /root/.ssh
  }
  cp $HOME/.ssh/authorized_keys /root/.ssh/authorized_keys
}

echo "HTTP proxy: $http_proxy"
echo "HTTPS proxy: $https_proxy"

# Bad hack for finnicky MITM proxies...
if [[ -n "$https_proxy" ]]  {
  ./proxy_cert_download_hack.sh rubygems.org
  ./proxy_cert_download_hack.sh supermarket.chef.io
}

# install knife-acl plugin
read shebang < $[type -P knife]
setglobal ruby_interp = $(shebang:2)
setglobal bindir = $(ruby_interp%/*)
$bindir/gem install $GEM_PROXY knife-acl