%echo "#!/bin/bash -ex"

if [ ! -f /srv/nextcloud/keys/secret.txt ]; then
    sed -i "s/'config_is_read_only' => true,/'config_is_read_only' => false,/g" /etc/nextcloud/config.php
    /usr/bin/php /usr/share/nextcloud/occ maintenance:install --no-interaction --data-dir /srv/nextcloud/data/ --database "pgsql" --database-host "%%pg_client_server_domainname" --database-name "%%pg_client_database"  --database-user "%%pg_client_username" --database-pass "%%pg_client_password" --admin-user "admin" --admin-pass "%%nextcloud_admin_password"
    sed -i "s/'config_is_read_only' => false,/'config_is_read_only' => true,/g" /etc/nextcloud/config.php
    umask 027
    /usr/bin/php /usr/share/nextcloud/occ --no-warnings config:system:get passwordsalt > /srv/nextcloud/keys/passwordsalt.txt
    /usr/bin/php /usr/share/nextcloud/occ --no-warnings config:system:get secret > /srv/nextcloud/keys/secret.txt
    VERSION=$(/usr/bin/php /usr/share/nextcloud/occ --no-warnings config:system:get version)
    if ! echo "$VERSION"|grep -E '^[0-9][0-9.]*$'; then echo "unknown version: $VERSION"; exit 1; fi
    echo $VERSION > /srv/nextcloud/keys/version.txt

    /usr/bin/php /usr/share/nextcloud/occ app:enable user_ldap -q
    /usr/bin/php /usr/share/nextcloud/occ ldap:create-empty-config -q
else
    sed -i "s'{{SECRET}}'$(cat /srv/nextcloud/keys/secret.txt)'g" /etc/nextcloud/config.php
    sed -i "s'{{SALT}}'$(cat /srv/nextcloud/keys/passwordsalt.txt)'g" /etc/nextcloud/config.php
    sed -i "s'{{VERSION}}'$(cat /srv/nextcloud/keys/version.txt)'g" /etc/nextcloud/config.php
    sed -i "s/'installed' => false,/'installed' => true,/g" /etc/nextcloud/config.php
    # Upgrade
    cp -f /etc/nextcloud/config.php /srv/nextcloud/keys/config.ORI.php
    sha256sum /etc/nextcloud/config.php > /tmp/sha
    sed -i "s/'config_is_read_only' => true,/'config_is_read_only' => false,/g" /etc/nextcloud/config.php
    /usr/bin/php /usr/share/nextcloud/occ upgrade || true
    sed -i "s/'config_is_read_only' => false,/'config_is_read_only' => true,/g" /etc/nextcloud/config.php
    VERSION=$(/usr/bin/php /usr/share/nextcloud/occ --no-warnings config:system:get version)
    if ! echo "$VERSION"|grep -E '^[0-9][0-9.]*$'; then echo "unknown version: $VERSION"; exit 1; fi
    echo $VERSION > /srv/nextcloud/keys/version.txt
    ## if file is modified, copy upgraded version
    sha256sum -c /tmp/sha || cp -a /etc/nextcloud/config.php /srv/nextcloud/keys/config.UPGRADED.php
    # Configure LDAP
    /usr/bin/php /usr/share/nextcloud/occ app:enable user_ldap -q
fi
# SSO
/usr/bin/php /usr/share/nextcloud/occ app:enable oidc_login
# Feature
/usr/bin/php /usr/share/nextcloud/occ app:enable calendar
/usr/bin/php /usr/share/nextcloud/occ app:enable contacts
/usr/bin/php /usr/share/nextcloud/occ app:enable notes
/usr/bin/php /usr/share/nextcloud/occ app:enable tasks
# LDAP
/usr/bin/php /usr/share/nextcloud/occ config:app:set user_ldap bgjRefreshInterval --value=300 -q
/usr/bin/php /usr/share/nextcloud/occ ldap:set-config s01 ldapHost "ldaps://%%ldap_server_address"
/usr/bin/php /usr/share/nextcloud/occ ldap:set-config s01 ldapPort "%%ldap_port"
/usr/bin/php /usr/share/nextcloud/occ ldap:set-config s01 ldapAgentName "%%ldapclient_user"
/usr/bin/php /usr/share/nextcloud/occ ldap:set-config s01 ldapAgentPassword "%%ldapclient_user_password"
/usr/bin/php /usr/share/nextcloud/occ ldap:set-config s01 ldapBase "%%ldapclient_search_dn"
/usr/bin/php /usr/share/nextcloud/occ ldap:set-config s01 ldapBaseUsers "%%ldapclient_user_dn"
/usr/bin/php /usr/share/nextcloud/occ ldap:set-config s01 ldapBaseGroups "%%ldapclient_group_dn"
/usr/bin/php /usr/share/nextcloud/occ ldap:set-config s01 ldapExperiencedAdmin "0"
/usr/bin/php /usr/share/nextcloud/occ ldap:set-config s01 ldapExpertUUIDUserAttr "cn"
/usr/bin/php /usr/share/nextcloud/occ ldap:set-config s01 ldapLoginFilter "(&(cn=%uid)(ObjectClass=inetOrgPerson))"
/usr/bin/php /usr/share/nextcloud/occ ldap:set-config s01 ldapUserFilter "ObjectClass=inetOrgPerson"
/usr/bin/php /usr/share/nextcloud/occ ldap:set-config s01 ldapGroupFilter "ObjectClass=posixGroup"
/usr/bin/php /usr/share/nextcloud/occ ldap:set-config s01 ldapUserFilterObjectclass "inetOrgPerson"
/usr/bin/php /usr/share/nextcloud/occ ldap:set-config s01 ldapGroupFilterObjectclass "posixGroup"
/usr/bin/php /usr/share/nextcloud/occ ldap:set-config s01 ldapGroupMemberAssocAttr "memberUid"
/usr/bin/php /usr/share/nextcloud/occ ldap:set-config s01 ldapEmailAttribute "mail"
/usr/bin/php /usr/share/nextcloud/occ ldap:set-config s01 ldapCacheTTL "300"
/usr/bin/php /usr/share/nextcloud/occ ldap:set-config s01 ldapPagingSize "0"
/usr/bin/php /usr/share/nextcloud/occ ldap:set-config s01 ldapUserDisplayName "sn"
/usr/bin/php /usr/share/nextcloud/occ ldap:set-config s01 ldapConfigurationActive "1"
#/usr/bin/php /usr/share/nextcloud/occ ldap:set-config s01 ldapTLS "1"
# Cron
/usr/bin/php /usr/share/nextcloud/occ config:app:set core backgroundjobs_mode --value=cron
# Need network
/usr/bin/php /usr/share/nextcloud/occ app:disable weather_status
# Maintenance
/usr/bin/php /usr/share/nextcloud/occ files:scan --all -q
sha256sum /etc/nextcloud/config.php > /tmp/sha
sed -i "s/'config_is_read_only' => true,/'config_is_read_only' => false,/g" /etc/nextcloud/config.php
/usr/bin/php /usr/share/nextcloud/occ maintenance:repair -q
sed -i "s/'config_is_read_only' => false,/'config_is_read_only' => true,/g" /etc/nextcloud/config.php
## if file is modified, copy upgraded version
sha256sum -c /tmp/sha || cp -a /etc/nextcloud/config.php /srv/nextcloud/keys/config.UPGRADED.php

exit 0