#!/usr/bin/env bash

set -e

export POSTHOG_APP_TAG="${POSTHOG_APP_TAG:-latest-release}"

POSTHOG_SECRET=$(head -c 28 /dev/urandom | sha224sum -b | head -c 56)
export POSTHOG_SECRET

# Talk to the user
echo "Welcome to the single instance PostHog installer 🦔"
echo ""
echo "⚠️  You really need 4gb or more of memory to run this stack ⚠️"
echo ""
echo "What version of PostHog would you like to install? (We default to 'latest-release')"
echo "You can check out available versions here: https://hub.docker.com/r/posthog/posthog/tags"
read -r POSTHOG_APP_TAG_READ
if [ -z "$POSTHOG_APP_TAG_READ" ]
then
    echo "Using default and installing $POSTHOG_APP_TAG"
else
    export POSTHOG_APP_TAG=$POSTHOG_APP_TAG_READ
    echo "Using provided tag: $POSTHOG_APP_TAG"
fi
echo ""
while true; do
    echo "Should we setup a TLS certificate for you using Let's Encrypt?"
    echo "Select no if you are using this internally and PostHog will not be reachable from the internet. y/n"
    read -p "" yn
    case $yn in
        [Yy]* ) export USE_SELF_SIGNED_CERT=0; break ;;
        [Nn]* ) export USE_SELF_SIGNED_CERT=1; break ;;
        * ) echo "Please answer yes or no." ;;
    esac
done
echo "Let's get the exact domain PostHog will be installed on"
echo "Make sure that you have a Host A DNS record pointing to this instance!"
echo "This will be used for TLS 🔐"
echo "ie: test.posthog.net (NOT an IP address)"
read -r DOMAIN
export DOMAIN=$DOMAIN
echo "Ok we'll set up certs for https://$DOMAIN"
echo ""
echo "Do you have a Sentry DSN you would like for debugging should something go wrong?"
echo "If you do enter it now, otherwise just hit enter to continue"
read -r SENTRY_DSN
export SENTRY_DSN="${SENTRY_DSN:-'https://public@sentry.example.com/1'}"
echo ""
echo "We will need sudo access so the next question is for you to give us superuser access"
echo "Please enter your sudo password now:"
sudo echo ""
echo "Thanks! 🙏"
echo ""
echo "Ok! We'll take it from here 🚀"

echo "Making sure any stack that might exist is stopped"
sudo -E docker-compose -f docker-compose.yml stop &> /dev/null || true

# update apt cache
echo "Grabbing latest apt caches"
sudo apt update

# clone posthog
echo "Installing PostHog 🦔 from Github"
sudo apt install -y git
# try to clone - if folder is already there pull latest for that branch
git clone https://github.com/PostHog/posthog.git &> /dev/null || true
cd posthog
git pull
cd ..


# rewrite caddyfile
export TLS_BLOCK=""
if [[ $USE_SELF_SIGNED_CERT -eq 1 ]]; then
    echo "Using a self signed certificate as requested"
    export TLS_BLOCK="tls internal"
fi

rm -f Caddyfile
envsubst > Caddyfile <<EOF
$DOMAIN, :80, :443 {
$TLS_BLOCK
reverse_proxy http://web:8000
}
EOF

# Write .env file
envsubst > .env <<EOF
POSTHOG_SECRET=$POSTHOG_SECRET
SENTRY_DSN=$SENTRY_DSN
DOMAIN=$DOMAIN
EOF

# write entrypoint
rm -rf compose
mkdir -p compose
cat > compose/start <<EOF
#!/bin/bash
/compose/wait
./bin/migrate
./bin/docker-server
./bin/docker-frontend
EOF
chmod +x compose/start

# write wait script
cat > compose/wait <<EOF
#!/usr/bin/env python3

import socket
import time

def loop():
    print("Waiting for ClickHouse and Postgres to be ready")
    try:
        with socket.socket(socket.AF_INET, socket.SOCK_STREAM) as s:
            s.connect(('clickhouse', 9000))
        print("Clickhouse is ready")
        with socket.socket(socket.AF_INET, socket.SOCK_STREAM) as s:
            s.connect(('db', 5432))
        print("Postgres is ready")
    except ConnectionRefusedError as e:
        time.sleep(5)
        loop()

loop()
EOF
chmod +x compose/wait

# setup docker
echo "Setting up Docker"
sudo apt install -y apt-transport-https ca-certificates curl software-properties-common
curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo -E apt-key add -
sudo add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/ubuntu bionic stable"
sudo apt update
sudo apt-cache policy docker-ce
sudo apt install -y docker-ce


# setup docker-compose
echo "Setting up Docker Compose"
sudo curl -L "https://github.com/docker/compose/releases/download/1.27.4/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose || true
sudo chmod +x /usr/local/bin/docker-compose

# enable docker without sudo
sudo usermod -aG docker "${USER}"

# send log of this install for continued support!
curl -L --header "Content-Type: application/json" -d '{
    "api_key": "sTMFPsFhdP1Ssg",
    "properties": {"domain": "${DOMAIN}"},
    "type": "capture",
    "event": "magic_curl_install"
}' https://app.posthog.com/batch/

# start up the stack
echo "Configuring Docker Compose...."
rm -f docker-compose.yml
cp posthog/docker-compose.hobby.yml docker-compose.yml.tmpl
envsubst < docker-compose.yml.tmpl > docker-compose.yml
rm docker-compose.yml.tmpl
echo "Starting the stack!"
sudo -E docker-compose -f docker-compose.yml up -d

echo "We will need to wait ~5-10 minutes for things to settle down, migrations to finish, and TLS certs to be issued"
echo ""
echo "⏳ Waiting for PostHog web to boot (this will take a few minutes)"
bash -c 'while [[ "$(curl -s -o /dev/null -w ''%{http_code}'' localhost:8000/_health)" != "200" ]]; do sleep 5; done'
echo "⌛️ PostHog looks up!"
echo ""
echo "🎉🎉🎉  Done! 🎉🎉🎉"
echo ""
echo "To stop the stack run 'docker-compose stop'"
echo "To start the stack again run 'docker-compose start'"
echo "If you have any issues at all delete everything in this directory and run the curl command again"
echo ""
echo 'To upgrade: run /bin/bash -c "$(curl -fsSL https://raw.githubusercontent.com/posthog/posthog/HEAD/bin/upgrade-hobby)"'
echo ""
echo "PostHog will be up at the location you provided!"
echo "https://${DOMAIN}"
echo ""
echo "It's dangerous to go alone! Take this: 🦔"