#!/bin/bash

# Initialize Let's Encrypt SSL certificates with Certbot

if ! [ -x "$(command -v docker-compose)" ]; then
  echo 'Error: docker-compose is not installed.' >&2
  exit 1
fi

# Default domain and email settings
domains=${DOMAIN:-}
email=${EMAIL:-}
staging=${STAGING:-0} # Set to 1 if you're testing your setup

# Ask for domain if not provided
if [ -z "$domains" ]; then
  read -p "Enter your domain name (e.g., gametracker.example.com): " domains
fi

# Ask for email if not provided
if [ -z "$email" ]; then
  read -p "Enter your email (for Let's Encrypt notifications): " email
fi

# Create required directories
mkdir -p ./data/certbot/conf
mkdir -p ./data/certbot/www

# Generate Nginx config using template
export DOMAIN_NAME=$domains
envsubst < ./nginx/app.conf.template > ./nginx/app.conf

# Stop any existing services
docker-compose down

echo "### Starting Nginx..."
docker-compose up --force-recreate -d nginx
echo

echo "### Deleting any existing certificates for domain..."
if [ -d "./data/certbot/conf/live/$domains" ]; then
  docker-compose run --rm --entrypoint "\
    rm -rf /etc/letsencrypt/live/$domains && \
    rm -rf /etc/letsencrypt/archive/$domains && \
    rm -rf /etc/letsencrypt/renewal/$domains.conf" certbot
fi
echo

echo "### Requesting Let's Encrypt certificate..."
staging_arg=""
if [ "$staging" = 1 ]; then
  staging_arg="--staging"
fi

# Get certificates
domain_args="-d $domains"
docker-compose run --rm --entrypoint "\
  certbot certonly --webroot -w /var/www/certbot \
    $staging_arg \
    --email $email \
    --agree-tos \
    --no-eff-email \
    $domain_args" certbot
echo

echo "### Reloading nginx..."
docker-compose exec nginx nginx -s reload

# Start all services
docker-compose up -d

echo "
HTTPS setup completed!
Your app is now available at: https://$domains

The certificates will auto-renew, but make sure to keep the containers running.
"