#!/bin/bash -e

usage() {
    cat << EOF
Usage: configure-web-proxy
Configure a local web proxy for openQA.

Options:
 -h, --help         display this help
 -p, --proxy=PROXY  web proxy to configure (default: apache)
                    choose from: nginx, apache
 -P, --port=PORT    port to configure
EOF
    exit "$1"
}

opts=$(getopt -o hp:P: -l help,proxy:,port: -n "$0" -- "$@") || usage 1
eval set -- "$opts"
web_proxy="apache"
web_port=""
while true; do
    case "$1" in
        -h | --help) usage 0 ;;
        -p | --proxy)
            web_proxy=${2#*=}
            shift 2
            ;;
        -P | --port)
            web_port=${2#*=}
            shift 2
            ;;
        --)
            shift
            break
            ;;
        *) break ;;
    esac
done

echo -e "[openid]\nhttpsonly = 0" > /etc/openqa/openqa.ini.d/01-enable-http-auth.ini

etc_proxy=/etc/${web_proxy/apache/apache2}
for v in vhosts.d sites-available; do
    if [[ -e "${etc_proxy}/${v}/openqa.conf.template" ]]; then
        vhosts_dir="${etc_proxy}/${v}"
        break
    fi
done

if [[ -z $vhosts_dir ]]; then
    printf "%s: ERROR: template file not found under '%s'\n" "$0" "$etc_proxy"
    exit 1
fi

if [[ $web_proxy == "nginx" ]]; then
    echo "Setting up nginx"
    sed "s/openqa.example.com/$(hostname)/" "${vhosts_dir}/openqa.conf.template" > "${vhosts_dir}/openqa.conf"
    # IPv6 uses [::]:80 syntax instead of just a port
    if [[ -n "$web_port" ]]; then
        sed -Ei "s@(.*listen.*)80@\1${web_port}@g" "${vhosts_dir}/openqa.conf" "${etc_proxy}/nginx.conf"
    fi
    sed -i -e 's/^\([^#]*server_name[[:space:]]\+localhost;\)/#\1/' /etc/nginx/nginx.conf
elif [[ $web_proxy == "apache" || $web_proxy == "apache2" ]]; then
    echo "Setting up apache"
    for i in headers proxy proxy_http proxy_wstunnel rewrite; do a2enmod $i; done
    sed "s/#ServerName.*$/ServerName $(hostname)/" "${vhosts_dir}/openqa.conf.template" > "${vhosts_dir}/openqa.conf"
    if [[ -n "$web_port" ]]; then
        sed -i "s/^Listen.*$/Listen $web_port/" "${etc_proxy}/listen.conf"
    fi
else
    echo "No supported proxy: $web_proxy"
    exit 1
fi

if which semanage &> /dev/null; then
    echo "Setting SELinux boolean httpd_can_network_connect to 1 allowing web proxy to connect to openQA daemon"
    semanage boolean -m -1 httpd_can_network_connect
fi
