#!/bin/bash
trap "echo 'Script interrupted. Exiting...'; exit 1" SIGINT SIGTERM SIGHUP

# Check for snap and snap docker
if command -v snap &> /dev/null && snap list docker &> /dev/null; then
    echo "Snap and Snap Docker are detected on this system."
    read -p "Do you want to remove Snap Docker and restart the system? [y/N]: " answer

    if [[ "$answer" =~ ^[Yy]$ ]]; then
        echo "Snap Docker will be fully removed. This will require a system reboot."
        read -p "Are you sure you want to proceed? [y/N]: " confirm

        if [[ "$confirm" =~ ^[Yy]$ ]]; then
            echo "Removing Snap Docker..."
            sudo snap remove docker
            echo "System will reboot in 5 seconds..."
            echo -e "\nPlease run the script again after the system restarts by using:\n\ncurl https://get.ehrnepal.com | bash\n"
            sleep 5
            sudo reboot
        else
            echo "Operation cancelled. Exiting..."
            exit 0
        fi
    else
        echo -e "\n!!! Important: Our system cannot function properly with Snap-based Docker installed. Exiting... !!!"
        exit 1
    fi
fi

echo "Updating package lists and installing required packages..."
sudo apt update -y
sudo apt install -y git bash curl neovim

# Token and Credential Definitions
# [NOTE]: The tokens provided here have restricted access with rate limiting enabled.
# Misuse or unauthorized usage of these tokens may result in immediate access revocation.
# Permissions are fully managed, and these tokens grant pull access only.
# Any attempts to use them outside authorized environments will be blocked.
GH_TOKEN="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"
REGISTRY_USERNAME="robot\$newdeployment"
REGISTRY_PASSWORD="c2IsY9CkWUhXeVlXhobgugklFeppZgLN"


# Check if Docker is installed
if ! command -v docker &> /dev/null; then
  echo "Docker not found. Installing Docker..."
  curl -fsSL https://get.docker.com | sh
else
  echo "Docker is already installed."
fi

# Check if GitHub CLI is installed
if ! command -v gh &> /dev/null; then
  echo "GitHub CLI not found. Installing GitHub CLI..."
  curl -fsSL https://cli.github.com/packages/githubcli-archive-keyring.gpg | sudo dd of=/usr/share/keyrings/githubcli-archive-keyring.gpg
  sudo apt update && sudo apt install gh -y
fi

# Set up Git to use the GitHub CLI for authentication
git config --global --unset credential.helper


# Login to GitHub with token
echo "$GH_TOKEN" | gh auth login --with-token
gh auth setup-git
git config --global credential.helper store

# Login to registry.ehrnepal.com
echo "$REGISTRY_PASSWORD" | docker login registry.ehrnepal.com -u "$REGISTRY_USERNAME" --password-stdin

# Clone the repository
gh auth status
echo "Cloning the repository..."
git clone https://oauth2:${GH_TOKEN}@github.com/nepaliemr/ehrplus-docker.git /opt/ehrplus-docker
cd /opt/ehrplus-docker

# Run the installation script
echo "Running installation script..."
./tools/install.sh

# Detect the active Ethernet interface
ETH_INTERFACE=$(ip -o -4 route show to default | awk '{print $5}')

# Generate the netplan configuration
IP_ADDRESS=$(ip -o -4 addr show $ETH_INTERFACE | awk '{print $4}')
NETPLAN_CONFIG=$(cat <<EOF
network:
  version: 2
  renderer: networkd
  ethernets:
    $ETH_INTERFACE:
      dhcp4: no
      addresses:
        - $IP_ADDRESS
      routes:
        - to: default
          via: 192.168.0.1
      nameservers:
        addresses:
          - 8.8.8.8
          - 8.8.4.4
EOF
)

echo "Generated Netplan configuration:"
echo "$NETPLAN_CONFIG"

# Save netplan configuration to a file
NETPLAN_FILE="/etc/netplan/01-netcfg.yaml"
echo "$NETPLAN_CONFIG" | sudo tee "$NETPLAN_FILE" > /dev/null

echo "Please review the Netplan configuration in $NETPLAN_FILE. Update it if necessary, then apply with:"
echo "sudo netplan apply && sudo systemctl restart systemd-networkd"

# Find system IP and print the URL
SYSTEM_IP=$(hostname -I | awk '{print $1}')
echo "The system is live at http://$SYSTEM_IP/"