#! /bin/bash


if [ "$(whoami)" != "root" ]; then
    SUDO=sudo
fi

DIR="/usr/local/src/authentik"
if [ -d "$DIR" ]; then
  ${SUDO} mkdir $DIR
  ${SUDO} $DIR
fi

${SUDO} wget https://goauthentik.io/docker-compose.yml
${SUDO} echo "PG_PASS=$(openssl rand -base64 36)" >> .envecho "PG_PASS=$(openssl rand -base64 36)" >> .env
${SUDO} echo "AUTHENTIK_SECRET_KEY=$(openssl rand -base64 36)" >> .env
${SUDO} echo "AUTHENTIK_ERROR_REPORTING__ENABLED=true" >> .env

${SUDO} read -p "Enable email notification[y/N]: " -ei 'N' EMAIL

if [ "$EMAIL" == "y" -o $EMAIL == "Y" ]; then
	# SMTP Host Emails are sent to
  read -p "Email host: " -ei 'localhost' E_HOST
  read -p "Email port: " -ei '25' E_PORT
  read -p "Username: " -e E_USER
  read -p "Password: " -e E_PASS
  read -p "ENABLE TLS[true/false]: " -ei 'false' E_TLS
  read -p "Email address: " -e E_FROM

  ${SUDO} echo "AUTHENTIK_EMAIL__HOST=$E_HOST" >> .env
  ${SUDO} echo "AUTHENTIK_EMAIL__PORT=$E_PORT" >> .env
  ${SUDO} echo "AUTHENTIK_EMAIL__USERNAME=$E_USER" >> .env
  ${SUDO} echo "AUTHENTIK_EMAIL__PASSWORD=$E_PASS" >> .env
  ${SUDO} echo "AUTHENTIK_EMAIL__USE_TLS=$E_TLS" >> .env
  ${SUDO} echo "AUTHENTIK_EMAIL__FROM=$E_FROM" >> .env
fi

${SUDO} docker-compose pull
${SUDO} docker-compose up


# Create cronjob to sync deleted users from LDAP
${SUDO} mkdir /usr/local/src/authentik_ldap_sync
${SUDO} cp authentik_deleted_user_sync.sh /usr/local/src/authentik_ldap_sync 
if [ ! -f "/var/spool/cron/crontabs/root" ]; then
  ${SUDO} echo "0 0 */7 * * /usr/local/src/authentik_ldap_sync/authentik_deleted_user_sync.sh" > /var/spool/cron/crontabs/root
else
  ${SUDO} echo "0 0 */7 * * /usr/local/src/authentik_ldap_sync/authentik_deleted_user_sync.sh" >> /var/spool/cron/crontabs/root
fi