#!/bin/bash

# Simple Restic Installation Script
# Following Cloud Scripting best practices

set -e

echo "[INSTALL] Starting Restic installation..."

# Download and install Restic
echo "[INSTALL] Downloading Restic..."
curl -L https://github.com/restic/restic/releases/download/v0.15.2/restic_0.15.2_linux_amd64.bz2 -o restic.bz2
bzip2 -d restic.bz2
chmod +x restic
mv restic /usr/local/bin/
echo "[INSTALL] Restic installed successfully"

# Create password file with persistence across reinstalls
echo "[INSTALL] Setting up password file..."
SHARED_PASSWORD="/data/.restic-password"
LOCAL_PASSWORD="/etc/restic-password"

# Ensure /data directory exists
mkdir -p /data

# Strategy: Store password in shared storage (/data) to survive reinstalls
# Priority: shared storage > local existing > generate new
if [ -f "$SHARED_PASSWORD" ]; then
    echo "[INSTALL] Using existing password from shared storage"
    cp "$SHARED_PASSWORD" "$LOCAL_PASSWORD"
    echo "[INSTALL] Password restored from shared storage"
elif [ -f "$LOCAL_PASSWORD" ]; then
    echo "[INSTALL] Backing up existing local password to shared storage"
    cp "$LOCAL_PASSWORD" "$SHARED_PASSWORD"
    chmod 600 "$SHARED_PASSWORD"
    echo "[INSTALL] Password backed up to shared storage"
else
    echo "[INSTALL] Creating new password (first installation)"
    head /dev/urandom | tr -dc A-Za-z0-9 | head -c 16 > "$LOCAL_PASSWORD"
    cp "$LOCAL_PASSWORD" "$SHARED_PASSWORD"
    chmod 600 "$SHARED_PASSWORD"
    echo "[INSTALL] New password created and stored in shared storage"
fi
chmod 644 "$LOCAL_PASSWORD"

# Create directories
echo "[INSTALL] Creating directories..."
mkdir -p /home/litespeed/mb-backups/logs
chmod -R 755 /home/litespeed/mb-backups/logs

# Initialize repository (SAFE - preserves existing backups)
echo "[INSTALL] Initializing repository..."
export RESTIC_PASSWORD=$(cat /etc/restic-password)
export RESTIC_REPOSITORY=/data

# Check if repository is accessible with current password
if restic snapshots >/dev/null 2>&1; then
    echo "[INSTALL] Repository already exists and is accessible"
    SNAPSHOT_COUNT=$(restic snapshots --json | jq '. | length' 2>/dev/null || echo "0")
    echo "[INSTALL] Found $SNAPSHOT_COUNT existing snapshot(s)"
else
    # Try to initialize - only works on empty/new repositories
    echo "[INSTALL] Attempting to initialize repository..."
    if restic init 2>/dev/null; then
        echo "[INSTALL] New repository initialized successfully"
    else
        # Repository might exist but with different password or corrupted
        echo "[INSTALL] WARNING: Repository initialization failed"
        echo "[INSTALL] This could mean:"
        echo "[INSTALL]   1. Repository already exists (safe to ignore)"
        echo "[INSTALL]   2. Password mismatch with existing repository"
        echo "[INSTALL]   3. Permission issues"
        echo "[INSTALL] Please check repository manually if backups are missing"
    fi
fi

echo "[INSTALL] Installation completed successfully!"