#!/usr/bin/env bash

. /etc/tos/scripts/scripts

ter_nginx_cfg=/usr/tos/bin/ter_nginx_cfg
confile=/etc/nginx/nginx.conf
extdir=/etc/nginx/conf.d
service=nginx
NGINX_BIN=/usr/sbin/nginx
exeopts="-p /var/ -c $confile"
httpfile=/etc/.webserver.set
JUMPD=$(iniparse -c -f /etc/nasips.ini -s global -k jumpd)
ssljson=/etc/ssls/selected_ssl.json
pidfile=/var/run/nginx.pid

reloadIPS() {
    local pid=$(pidof nasips)
    [ ! -z "$pid" ] && killall -2 nasips
}

service_prepare() {
    rm -f $extdir/default.conf $extdir/example_ssl.conf
    reloadIPS

    # iniparse -c -f /etc/.default.sys -s system -k domain
    local domain=$(iniparse -c -f /etc/.default.sys -s system -k domain)
    [ -z "$domain" ] && domain="tnas.link"
    local pemFile=/etc/nginx/ssl/${domain}.crt
    local keyFile=/etc/nginx/ssl/${domain}.key
    if [ -f $pemFile -a -f $keyFile ]; then
        cp $pemFile /etc/nginx/tnas.link.crt -a
        cp $keyFile /etc/nginx/tnas.link.key -a
    fi

    # read json to sed ssl
    if [ -f ${ssljson} ]; then
        KEY=$(jq -r .HTTPS.key $ssljson)
        PEM=$(jq -r .HTTPS.pem $ssljson)
        if [ "${KEY}" != null ] && [ "${PEM}" != null ]; then
            sed -i "/ssl_certificate /cssl_certificate ${PEM};" $confile
            sed -i "/ssl_certificate_key/cssl_certificate_key ${KEY};" $confile
        fi
    fi

    #加载用户自定义配置
    $ter_nginx_cfg >/dev/null 2>&1
}

service_user_cfg() {
    local user=$(get_root_username)
    echo "user $user $user;" >/etc/nginx/nginx-worker-user.conf
}

check_app_cfg() {
    ERRORS=$(nginx -t 2>&1)

    if echo "$ERRORS" | grep -qP '/etc/nginx/conf\.d/[^": ]+'; then
        while IFS= read -r line; do
            FILE_PATH=$(echo "$line" | grep -oP '/etc/nginx/conf\.d/[^": ]+')
            if [[ -n "$FILE_PATH" ]]; then
                mv "$FILE_PATH" "$FILE_PATH.disabled"
                echo "File '$FILE_PATH' has been renamed to '$FILE_PATH.disabled'."
            fi
        done <<< "$(echo "$ERRORS" | grep "conf")"
        return 1
    else
        echo "No configuration errors found."
        return 0
    fi
}

while true; do
    check_app_cfg
    if [[ $? -eq 0 ]]; then
        break
    fi
done

service_user_cfg
service_prepare

