#!/bin/bash

# Automatically generate a new secure password for the root user
new_root_password=$(openssl rand -base64 12)

# Generate random database name, user, and password for the new WordPress installation
DB_NAME="wp_$(openssl rand -hex 4)"
DB_USER="wp_user_$(openssl rand -hex 4)"
DB_PASSWORD="$(openssl rand -base64 12)"
DB_HOST="localhost" # Change if your database is hosted elsewhere

echo "New root password will be: $new_root_password"
echo "New WordPress database credentials:"
echo "Database Name: $DB_NAME"
echo "Database User: $DB_USER"
echo "Database Password: $DB_PASSWORD"

echo "Attempting to stop the MariaDB service..."
# Stop the MariaDB service
sudo systemctl stop mariadb

echo "Starting MariaDB in safe mode..."
# Start MariaDB in safe mode with no networking and no grants
sudo mysqld_safe --skip-grant-tables --skip-networking &

# Wait for MariaDB to fully start in safe mode
sleep 5

echo "Resetting the root password..."
# Reset the root password in safe mode
sudo mysql -u root <<EOF
FLUSH PRIVILEGES;
ALTER USER 'root'@'localhost' IDENTIFIED BY '$new_root_password';
FLUSH PRIVILEGES;
EOF

# Check if the password reset was successful
if [ $? -eq 0 ]; then
    echo "Root password reset successful."
else
    echo "Failed to reset the root password. Exiting."
    sudo pkill -f mariadbd
    sudo pkill -f mysqld_safe
    exit 1
fi

echo "Stopping the MariaDB safe mode process..."
# Terminate the MariaDB safe mode processes
sudo pkill -f mysqld_safe
sleep 2
sudo pkill -f mariadbd
sleep 2

echo "Starting the MariaDB service normally..."
# Start the MariaDB service normally
sudo systemctl start mariadb

# Check if MariaDB started successfully
if sudo systemctl is-active --quiet mariadb; then
    echo "MariaDB service is running. Root password has been reset to '$new_root_password'."
else
    echo "Failed to start MariaDB service. Please check the service status manually."
    exit 1
fi

# Create WordPress database and user with the new root password
echo "Creating WordPress database and user with the new root password..."
mysql -u root -p"$new_root_password" <<EOF
CREATE DATABASE ${DB_NAME};
CREATE USER '${DB_USER}'@'${DB_HOST}' IDENTIFIED BY '${DB_PASSWORD}';
GRANT ALL PRIVILEGES ON ${DB_NAME}.* TO '${DB_USER}'@'${DB_HOST}';
FLUSH PRIVILEGES;
EOF

# Check if the database and user creation was successful
if [ $? -eq 0 ]; then
    echo "WordPress database ${DB_NAME} and user ${DB_USER} created successfully with the specified password."
else
    echo "Failed to create WordPress database or user. Please check the MySQL status manually."
    exit 1
fi

# Backup the wp-config.php file before making changes
WP_CONFIG="/var/www/webroot/ROOT/wp-config.php"
sudo cp $WP_CONFIG $WP_CONFIG.bak

# Escape special characters for sed
escaped_db_name=$(printf '%s\n' "$DB_NAME" | sed 's:[\/&]:\\&:g')
escaped_db_user=$(printf '%s\n' "$DB_USER" | sed 's:[\/&]:\\&:g')
escaped_db_password=$(printf '%s\n' "$DB_PASSWORD" | sed 's:[\/&]:\\&:g')
escaped_db_host=$(printf '%s\n' "$DB_HOST" | sed 's:[\/&]:\\&:g')

echo "Updating wp-config.php with new WordPress database credentials..."

# Update wp-config.php with new database credentials using more precise sed commands
sudo sed -i.bak -e "s/define( *'DB_NAME'.*/define('DB_NAME', '${escaped_db_name}');/" \
               -e "s/define( *'DB_USER'.*/define('DB_USER', '${escaped_db_user}');/" \
               -e "s/define( *'DB_PASSWORD'.*/define('DB_PASSWORD', '${escaped_db_password}');/" \
               -e "s/define( *'DB_HOST'.*/define('DB_HOST', '${escaped_db_host}');/" $WP_CONFIG

# Check if wp-config.php was updated successfully
if grep -q "$DB_NAME" "$WP_CONFIG" && grep -q "$DB_USER" "$WP_CONFIG" && grep -q "$DB_PASSWORD" "$WP_CONFIG"; then
    echo "wp-config.php updated successfully with new WordPress database credentials."
else
    echo "Failed to update wp-config.php. Please check the file manually."
    exit 1
fi