# vim: filetype=sh
# Macaron
# openssl rand -hex 32
# URI: postgres:///db_name

DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" >/dev/null && pwd )"
if ! $(echo "$PATH" | grep -q "$DIR/toolbox/scripts"); then
  PATH="$DIR/toolbox/scripts:$PATH"
fi

p() {
  if [ -z "$2" ]; then
    pass show Travail/Fretlink/$1
  else
    pass show Travail/Fretlink/$1 | grep "^$2:" | sed -e "s/^$2: //"
  fi | head -n1
}

build_macaroon() {
  if [ "$1" = "--old" ]; then
    shift
    action="old-realms"
    ttl=""
  else
    action="new"
    ttl="--no-ttl"
  fi

  if [ -z "$1" -o -z "$2" -o -z "$3" -o -z "$4" ]; then
    echo "build_macaroon [--old] secret src-key-id target realm" >&2
    return
  fi

  secret="$1"
  src="$2"
  target="uri://fretlink/$3"
  realm="$4"

  cd "$HOME/workdir/haskell-commons"
  MACAROON_PRIVATE_KEY="$secret" MACAROON_SECRET="$secret" stack exec macaroon-bakery -- $action --location "$target" --key-id "$src" $ttl "$realm"
}

APP=$(basename $(pwd))

FL_APPS_HOST="localhost"
FL_APPS_SCHEME="http"

FL_ADMIN_ROOT_PORT=8079
FL_ADMIN_ROOT_PRIVATE_KEY="{{ lookup('passwordstore', 'Travail/Fretlink/Macaroons/AdminRoot subkey=PrivateKey') }}"
FL_ADMIN_ROOT_URL="$FL_APPS_SCHEME://$FL_APPS_HOST:$FL_ADMIN_ROOT_PORT/api/"

FL_APP_PORT=8080
FL_APP_MONGO_URI="mongodb://localhost:27017/fretlink"
FL_APP_SECRET="{{ lookup('passwordstore', 'Travail/Fretlink/Macaroons/App subkey=Secret') }}"
FL_APP_URL="$FL_APPS_SCHEME://$FL_APPS_HOST:$FL_APP_PORT"

FL_CARRIER_DIRECTORY_PORT=8082
FL_CARRIER_DIRECTORY_SECRET="{{ lookup('passwordstore', 'Travail/Fretlink/Macaroons/CarrierDirectory subkey=Secret') }}"
FL_CARRIER_DIRECTORY_PRIVATE_KEY="{{ lookup('passwordstore', 'Travail/Fretlink/Macaroons/CarrierDirectory subkey=PrivateKey') }}"
FL_CARRIER_DIRECTORY_URL="$FL_APPS_SCHEME://$FL_APPS_HOST:$FL_CARRIER_DIRECTORY_PORT/api/"

FL_NOTIFIER_PORT=8081
FL_NOTIFIER_SECRET="{{ lookup('passwordstore', 'Travail/Fretlink/Macaroons/Notifier subkey=Secret') }}"
FL_NOTIFIER_PRIVATE_KEY="{{ lookup('passwordstore', 'Travail/Fretlink/Macaroons/Notifier subkey=PrivateKey') }}"
FL_NOTIFIER_URL="$FL_APPS_SCHEME://$FL_APPS_HOST:$FL_NOTIFIER_PORT/api"

FL_PRICER_PORT=8083
FL_PRICER_PRIVATE_KEY="{{ lookup('passwordstore', 'Travail/Fretlink/Macaroons/Pricer subkey=PrivateKey') }}"

FL_FREIGHT_PORT=8084
FL_FREIGHT_SECRET="{{ lookup('passwordstore', 'Travail/Fretlink/Macaroons/Freight subkey=Secret') }}"

FL_BOOKKEEPING_SECRET="dummy"

FL_PSQL_HOST="{{ lookup('passwordstore', 'Travail/Fretlink/Psql/Local subkey=Host') }}"
FL_PSQL_PORT="{{ lookup('passwordstore', 'Travail/Fretlink/Psql/Local subkey=Port') }}"
FL_PSQL_USER="{{ lookup('passwordstore', 'Travail/Fretlink/Psql/Local subkey=User') }}"
FL_PSQL_PASSWORD="{{ lookup('passwordstore', 'Travail/Fretlink/Psql/Local') }}"

FL_GEODATA_DEV_PSQL_HOST="{{ lookup('passwordstore', 'Travail/Fretlink/Psql/Dev/Geodata subkey=Host') }}"
FL_GEODATA_DEV_PSQL_PORT="{{ lookup('passwordstore', 'Travail/Fretlink/Psql/Dev/Geodata subkey=Port') }}"
FL_GEODATA_DEV_PSQL_USER="{{ lookup('passwordstore', 'Travail/Fretlink/Psql/Dev/Geodata subkey=User') }}"
FL_GEODATA_DEV_PSQL_PASSWORD="{{ lookup('passwordstore', 'Travail/Fretlink/Psql/Dev/Geodata') }}"
FL_GEODATA_DEV_PSQL_DB="{{ lookup('passwordstore', 'Travail/Fretlink/Psql/Dev/Geodata subkey=Database') }}"

FL_NOTIFIER_DEV_PSQL_HOST="{{ lookup('passwordstore', 'Travail/Fretlink/Psql/Dev/Notifier subkey=Host') }}"
FL_NOTIFIER_DEV_PSQL_PORT="{{ lookup('passwordstore', 'Travail/Fretlink/Psql/Dev/Notifier subkey=Port') }}"
FL_NOTIFIER_DEV_PSQL_USER="{{ lookup('passwordstore', 'Travail/Fretlink/Psql/Dev/Notifier subkey=User') }}"
FL_NOTIFIER_DEV_PSQL_PASSWORD="{{ lookup('passwordstore', 'Travail/Fretlink/Psql/Dev/Notifier') }}"
FL_NOTIFIER_DEV_PSQL_DB="{{ lookup('passwordstore', 'Travail/Fretlink/Psql/Dev/Notifier subkey=Database') }}"

FL_TOOLBOX_AGENT_MACAROON="{{ lookup('passwordstore', 'Travail/Fretlink/Macaroons/ToolboxAgent') }}"

if [ -f "local.env.example" ]; then
  source local.env.example
fi

if [ "$APP" != "app" ]; then
  name="${APP//-/_}"
  port_var="FL_${name^^}_PORT"
  secret_var="FL_${name^^}_SECRET"
  private_key_var="FL_${name^^}_PRIVATE_KEY"

  if [ -n "${!secret_var}" ]; then
    export MACAROON_SECRET="${!secret_var}"
  fi
  if [ -n "${!private_key_var}" ]; then
    export MACAROON_PRIVATE_KEY="${!private_key_var}"
  fi
  export PORT="${!port_var}"
  export PG_URI="postgres:///$name"

  if [ -z "$FL_ENV" ]; then
    export POSTGRESQL_ADDON_HOST="$FL_PSQL_HOST"
    export POSTGRESQL_ADDON_PORT="$FL_PSQL_PORT"
    export POSTGRESQL_ADDON_USER="$FL_PSQL_USER"
    export POSTGRESQL_ADDON_PASSWORD="$FL_PSQL_PASSWORD"
    export POSTGRESQL_ADDON_DB="$name"
  else
    postgresql_host="FL_${name^^}_${FL_ENV^^}_PSQL_HOST"
    postgresql_port="FL_${name^^}_${FL_ENV^^}_PSQL_PORT"
    postgresql_user="FL_${name^^}_${FL_ENV^^}_PSQL_USER"
    postgresql_password="FL_${name^^}_${FL_ENV^^}_PSQL_PASSWORD"
    postgresql_db="FL_${name^^}_${FL_ENV^^}_PSQL_DB"
    export FRETLINK_ENV="$FL_ENV"
    export POSTGRESQL_ADDON_HOST="${!postgresql_host}"
    export POSTGRESQL_ADDON_PORT="${!postgresql_port}"
    export POSTGRESQL_ADDON_USER="${!postgresql_user}"
    export POSTGRESQL_ADDON_PASSWORD="${!postgresql_password}"
    export POSTGRESQL_ADDON_DB="${!postgresql_db}"
  fi
fi

if [ "$APP" = "app" ]; then
  export FRETLINK_MONGO_URI="$FL_APP_MONGO_URI"
  export FRETLINK_PORT="$FL_APP_PORT"
  export FRETLINK_BASE_URL="$FL_APP_URL"

  # Dummies mandatory but not defined by default
  export FRETLINK_SMTP_PASSWORD="password"
  export FRETLINK_AMAZON_PUBLIC_KEY="password"
  export FRETLINK_AMAZON_PRIVATE_KEY="password"
  export FRETLINK_GMAPS_API_KEY="password"

  # secret
  export FRETLINK_MACAROON_SECRET=$FL_APP_SECRET

  # carrier directory
  export CARRIER_DIRECTORY_URI="$FL_CARRIER_DIRECTORY_URL"
  export FRETLINK_CARDIR_URL="$FL_CARRIER_DIRECTORY_URL"
  export FRETLINK_CARDIR_ENABLED="true"

  # notifier
  export FRETLINK_NOTIFIER_API=$FL_NOTIFIER_URL
  export FRETLINK_NOTIFIER_ACCESS_KEY="$(build_macaroon --old $FL_NOTIFIER_PRIVATE_KEY notifier notifier messaging)"
  export FRETLINK_NOTIFIER_TRANSPOREON_ACCESS_KEY="$(build_macaroon --old $FL_NOTIFIER_PRIVATE_KEY notifier notifier external)"
  export FRETLINK_NOTIFIER_TRANSPOREON_ENABLED="true"

  # admin-root
  export FRETLINK_ADMINROOT_URL=$FL_ADMIN_ROOT_URL
  export FRETLINK_ADMINROOT_ACCESS_KEY="$(build_macaroon $FL_ADMIN_ROOT_PRIVATE_KEY admin-root admin-root admin-root::token-delivery)"

  # geodata
  export FRETLINK_GEODATA_API="{{ lookup('passwordstore', 'Travail/Fretlink/Macaroons/GeodataDev subkey=Url') }}"
  export FRETLINK_GEODATA_ACCESS_KEY="{{ lookup('passwordstore', 'Travail/Fretlink/Macaroons/GeodataDev') }}"
fi

if [ "$APP" = "admin-root" ]; then
  export BASE_URL=$FL_APPS_HOST
  export API_ROOT="http://$BASE_URL:$PORT/api"
  export UI_ROOT="http://$BASE_URL:$PORT/admin"
  export TOK="$(build_macaroon $FL_ADMIN_ROOT_PRIVATE_KEY admin-root admin-root admin-root::provisioning)"

  export CARDIR_MACAROON_SECRET=$FL_CARRIER_DIRECTORY_SECRET
  export NOTIFIER_MACAROON_SECRET=$FL_NOTIFIER_SECRET
  export BOOKKEEPING_MACAROON_SECRET=$FL_BOOKKEEPING_SECRET
fi

if [ "$APP" = "carrier-directory" ]; then
  export ADMIN_BASE_URL=$FL_APP_URL
fi

if [ "$APP" = "notifier" ]; then
  export MAILGUN_API_KEY="dummy"
  export MAILGUN_DOMAIN="dummy"
  export TEMPLATES_ASSETS_BASE_URL="http://dummy/"
  export TRANSPOREON_USER="{{ lookup('passwordstore', 'Travail/Fretlink/Transporeon/ApiTest subkey=Login') }}"
  export TRANSPOREON_PASSWORD="{{ lookup('passwordstore', 'Travail/Fretlink/Transporeon/ApiTest') }}"
  export TRANSPOREON_HOST="api.test.transporeon.com"
  export TRANSPOREON_CALLBACK_USER="{{ lookup('passwordstore', 'Travail/Fretlink/Transporeon/NotifierCallbackTest subkey=Login') }}"
  export TRANSPOREON_CALLBACK_PASSWORD="{{ lookup('passwordstore', 'Travail/Fretlink/Transporeon/NotifierCallbackTest') }}"

  # Used by curl
  # v2
  #export MACAROON="$(build_macaroon $FL_NOTIFIER_SECRET notifier notifier external)"
  # v1
  export MACAROON="$(build_macaroon --old $FL_NOTIFIER_PRIVATE_KEY notifier notifier external)"

  # To push transporeon cargos to app
  APP_TRANSPOREON_PUSH_MACAROON="$(build_macaroon $FL_APP_SECRET notifier app app::transporeon-cargos-write)"
fi

if [ "$APP" = "pricer" ]; then
  export GOOGLE_AUTH_CLIENT_ID="dummy"
fi

if [ "$APP" = "toolbox" ]; then
  export AGENT_HOST=$FL_APP_URL
  export AGENT_PATH="/"
  export AGENT_MACAROON=$FL_TOOLBOX_AGENT_MACAROON
fi