#!/bin/bash

setupFilesApache_indexes() {
  if [ "$GROUPER_RUN_APACHE" = "true" ] && [ "$GROUPER_APACHE_DIRECTORY_INDEXES" = "false" ]
    then
      if [ "$GROUPER_ORIGFILE_HTTPD_CONF" = "true" ]; then
        # take out the directory indexes from the docroot
        cp /etc/httpd/conf/httpd.conf /etc/httpd/conf/httpd.conf.pre_noindexes
        returnCode=$?
        echo "grouperContainer; INFO: (librarySetupFilesApache.sh-setupFilesApache_indexes) cp /etc/httpd/conf/httpd.conf /etc/httpd/conf/httpd.conf.pre_noindexes, result: $returnCode"
        if [ $returnCode != 0 ]; then exit $returnCode; fi
        
        patch /etc/httpd/conf/httpd.conf /etc/httpd/conf.d/httpd.conf.noindexes.patch
        returnCode=$?
        echo "grouperContainer; INFO: (librarySetupFilesApache.sh-setupFilesApache_indexes) Patch httpd.conf to turn off indexes 'patch /etc/httpd/conf/httpd.conf /etc/httpd/conf.d/httpd.conf.noindexes.patch' result=$returnCode"
        if [ $returnCode != 0 ]; then exit $returnCode; fi
      else
        echo "grouperContainer; INFO: (librarySetupFilesApache.sh-setupFilesApache_indexes) /etc/httpd/conf/httpd.conf is not the original file so will not be changed"
      fi
  fi

}

setupFilesApache_ssl() {
    if [ "$GROUPER_RUN_APACHE" = "true" ] && [ "$GROUPER_USE_SSL" != "true" ]
       then
       if [ -f /etc/httpd/conf.d/ssl.conf ]
         then
           mv /etc/httpd/conf.d/ssl.conf /etc/httpd/conf.d/ssl.conf.dontuse
           returnCode=$?
           echo "grouperContainer; INFO: (librarySetupFilesApache.sh-setupFilesApache_ssl) mv /etc/httpd/conf.d/ssl.conf /etc/httpd/conf.d/ssl.conf.dontuse , result: $?"
           if [ $returnCode != 0 ]; then exit $returnCode; fi
       fi
       if [ -f /etc/httpd/conf.d/ssl-enabled.conf ]
         then
           mv -v /etc/httpd/conf.d/ssl-enabled.conf /etc/httpd/conf.d/ssl-enabled.conf.dontuse
           returnCode=$?
           echo "grouperContainer; INFO: (librarySetupFilesApache.sh-setupFilesApache_ssl) mv -v /etc/httpd/conf.d/ssl-enabled.conf /etc/httpd/conf.d/ssl-enabled.conf.dontuse , result: $?"
           if [ $returnCode != 0 ]; then exit $returnCode; fi
       fi
    fi
    if [ "$GROUPER_RUN_APACHE" = "true" ] && [ "$GROUPER_USE_SSL" = "true" ] && [ -f /etc/httpd/conf.d/ssl-enabled.conf ] && [ "$GROUPER_ORIGFILE_SSL_ENABLED_CONF" = "true" ] ; then
    
      if [ "$GROUPER_SSL_USE_STAPLING" = "true" ]; then
        sed -i "s|__GROUPER_SSL_USE_STAPLING__|on|g" /etc/httpd/conf.d/ssl-enabled.conf
        returnCode=$?
        echo "grouperContainer; INFO: (librarySetupFilesApache.sh-setupFilesApache_ports) sed -i \"s|__GROUPER_SSL_USE_STAPLING__|on|g\" /etc/httpd/conf.d/ssl-enabled.conf , result: $?"
        if [ $returnCode != 0 ]; then exit $returnCode; fi
      else 
        sed -i "s|__GROUPER_SSL_USE_STAPLING__|off|g" /etc/httpd/conf.d/ssl-enabled.conf
        returnCode=$?
        echo "grouperContainer; INFO: (librarySetupFilesApache.sh-setupFilesApache_ports) sed -i \"s|__GROUPER_SSL_USE_STAPLING__|on|g\" /etc/httpd/conf.d/ssl-enabled.conf , result: $?"
        if [ $returnCode != 0 ]; then exit $returnCode; fi
      
      fi

      sed -i "s|__GROUPER_SSL_CERT_FILE__|$GROUPER_SSL_CERT_FILE|g" /etc/httpd/conf.d/ssl-enabled.conf
      returnCode=$?
      echo "grouperContainer; INFO: (librarySetupFilesApache.sh-setupFilesApache_ports) Set cert file: sed -i \"s|SSLCertificateChainFile __GROUPER_SSL_CERT_FILE__|$GROUPER_SSL_CERT_FILE|g\" /etc/httpd/conf.d/ssl-enabled.conf , result: $?"
      if [ $returnCode != 0 ]; then exit $returnCode; fi
      
      sed -i "s|__GROUPER_SSL_KEY_FILE__|$GROUPER_SSL_KEY_FILE|g" /etc/httpd/conf.d/ssl-enabled.conf
      returnCode=$?
      echo "grouperContainer; INFO: (librarySetupFilesApache.sh-setupFilesApache_ports) Set cert file: sed -i \"s|SSLCertificateChainFile __GROUPER_SSL_KEY_FILE__|$GROUPER_SSL_KEY_FILE|g\" /etc/httpd/conf.d/ssl-enabled.conf , result: $?"
      if [ $returnCode != 0 ]; then exit $returnCode; fi
      
      if [ "$GROUPER_SSL_USE_CHAIN_FILE" = "true" ]; then

        sed -i "s|__GROUPER_SSL_CHAIN_FILE__|$GROUPER_SSL_CHAIN_FILE|g" /etc/httpd/conf.d/ssl-enabled.conf
        returnCode=$?
        echo "grouperContainer; INFO: (librarySetupFilesApache.sh-setupFilesApache_ports) Setting chain: sed -i \"s|SSLCertificateChainFile __GROUPER_SSL_CHAIN_FILE__|$GROUPER_SSL_CHAIN_FILE|g\" /etc/httpd/conf.d/ssl-enabled.conf , result: $?"
        if [ $returnCode != 0 ]; then exit $returnCode; fi
        
    
      else
        sed -i "s|SSLCertificateChainFile __GROUPER_SSL_CHAIN_FILE__||g" /etc/httpd/conf.d/ssl-enabled.conf
        returnCode=$?
        echo "grouperContainer; INFO: (librarySetupFilesApache.sh-setupFilesApache_ports) No chain setting: sed -i \"s|SSLCertificateChainFile __GROUPER_SSL_CHAIN_FILE__||g\" /etc/httpd/conf.d/ssl-enabled.conf , result: $?"
        if [ $returnCode != 0 ]; then exit $returnCode; fi
    
      fi
    
    fi
}



setupFilesApache_serverName() {
  if [ "$GROUPER_RUN_APACHE" = "true" ] && [ ! -z "$GROUPER_APACHE_SERVER_NAME" ] && [ "$GROUPER_APACHE_SERVER_NAME" != "" ] && [ -f /etc/httpd/conf.d/grouper-www.conf ]
    then
      echo "grouperContainer; INFO: (librarySetupFilesApache.sh-setupFilesApache_serverName) Appending ServerName to grouper-www.conf"
      echo >> /etc/httpd/conf.d/grouper-www.conf
      echo "ServerName $GROUPER_APACHE_SERVER_NAME" >> /etc/httpd/conf.d/grouper-www.conf
      echo "UseCanonicalName On" >> /etc/httpd/conf.d/grouper-www.conf
      echo >> /etc/httpd/conf.d/grouper-www.conf
      returnCode=$?
      echo "grouperContainer; INFO: (librarySetupFilesApache.sh-setupFilesApache_serverName) Setup ServerName $GROUPER_APACHE_SERVER_NAME in /etc/httpd/conf.d/grouper-www.conf , result: $?"
      if [ $returnCode != 0 ]; then exit $returnCode; fi
  fi

}

setupFilesApache_remoteip() {
  if [ "$GROUPER_RUN_APACHE" = "true" ] && [ ! -z "$GROUPER_APACHE_REMOTE_IP_HEADER" ] && [ "$GROUPER_APACHE_REMOTE_IP_HEADER" != "" ] && [ -f /etc/httpd/conf.d/grouper-www.conf ]
    then
      echo "grouperContainer; INFO: (librarySetupFilesApache.sh-setupFilesApache_remoteip) Appending RemoteIPHeader to grouper-www.conf"
      echo >> /etc/httpd/conf.d/grouper-www.conf
      echo "RemoteIPHeader $GROUPER_APACHE_REMOTE_IP_HEADER" >> /etc/httpd/conf.d/grouper-www.conf
      returnCode=$?
      echo >> /etc/httpd/conf.d/grouper-www.conf
      echo "grouperContainer; INFO: (librarySetupFilesApache.sh-setupFilesApache_remoteip) echo \"RemoteIPHeader $GROUPER_APACHE_REMOTE_IP_HEADER\" >> /etc/httpd/conf.d/grouper-www.conf , result: $?"
      if [ $returnCode != 0 ]; then exit $returnCode; fi
  fi
  if [ "$GROUPER_RUN_APACHE" = "true" ] && [ ! -z "$GROUPER_APACHE_REMOTE_IP_TRUSTED_PROXY" ] && [ "$GROUPER_APACHE_REMOTE_IP_TRUSTED_PROXY" != "" ] && [ -f /etc/httpd/conf.d/grouper-www.conf ]
    then
      echo "grouperContainer; INFO: (librarySetupFilesApache.sh-setupFilesApache_remoteip) Appending RemoteIPTrustedProxy to grouper-www.conf"
      echo >> /etc/httpd/conf.d/grouper-www.conf
      echo "RemoteIPTrustedProxy $GROUPER_APACHE_REMOTE_IP_TRUSTED_PROXY" >> /etc/httpd/conf.d/grouper-www.conf
      returnCode=$?
      echo >> /etc/httpd/conf.d/grouper-www.conf
      echo "grouperContainer; INFO: (librarySetupFilesApache.sh-setupFilesApache_remoteip) echo \"RemoteIPTrustedProxy $GROUPER_APACHE_REMOTE_IP_TRUSTED_PROXY\" >> /etc/httpd/conf.d/grouper-www.conf , result: $?"
      if [ $returnCode != 0 ]; then exit $returnCode; fi
  fi
  if [ "$GROUPER_RUN_APACHE" = "true" ] && [ ! -z "$GROUPER_APACHE_REMOTE_IP_INTERNAL_PROXY" ] && [ "$GROUPER_APACHE_REMOTE_IP_INTERNAL_PROXY" != "" ] && [ -f /etc/httpd/conf.d/grouper-www.conf ]
    then
      echo "grouperContainer; INFO: (librarySetupFilesApache.sh-setupFilesApache_remoteip) Appending RemoteIPInternalProxy to grouper-www.conf"
      echo >> /etc/httpd/conf.d/grouper-www.conf
      echo "RemoteIPInternalProxy $GROUPER_APACHE_REMOTE_IP_INTERNAL_PROXY" >> /etc/httpd/conf.d/grouper-www.conf
      returnCode=$?
      echo >> /etc/httpd/conf.d/grouper-www.conf
      echo "grouperContainer; INFO: (librarySetupFilesApache.sh-setupFilesApache_remoteip) echo \"RemoteIPInternalProxy $GROUPER_APACHE_REMOTE_IP_INTERNAL_PROXY\" >> /etc/httpd/conf.d/grouper-www.conf , result: $?"
      if [ $returnCode != 0 ]; then exit $returnCode; fi
  fi
  if [ "$GROUPER_RUN_APACHE" = "true" ] && [ ! -z "$GROUPER_APACHE_REMOTE_IP_HEADER" ] && [ "$GROUPER_APACHE_REMOTE_IP_HEADER" != "" ] && [ -f /etc/httpd/conf.d/09_i2inc_logging.conf ]
    then
      echo "grouperContainer; INFO: (librarySetupFilesApache.sh-setupFilesApache_remoteip) Changing logging config for client address"
      sed -i "s|%h|%a|g" /etc/httpd/conf.d/09_i2inc_logging.conf
      returnCode=$?
      echo "grouperContainer; INFO: (librarySetupFilesApache.sh-setupFilesApache_remoteip) sed -i \"s|%h|%a|g\" /etc/httpd/conf.d/09_i2inc_logging.conf , result: $?"
      if [ $returnCode != 0 ]; then exit $returnCode; fi
  fi

}

setupFilesApache_status() {
  if [ "$GROUPER_RUN_APACHE" = "true" ] && [ ! -z "$GROUPER_APACHE_STATUS_PATH" ] && [ "$GROUPER_APACHE_STATUS_PATH" != "" ] && [ "$GROUPER_APACHE_STATUS_PATH" != "none" ] && [ -f /etc/httpd/conf.d/grouper-www.conf ]
    then
      echo "grouperContainer; INFO: (librarySetupFilesApache.sh-setupFilesApache_status) Appending status to grouper-www.conf"
      echo >> /etc/httpd/conf.d/grouper-www.conf
      # ProxyPass /status_grouper/status ajp://localhost:8009/grouper/status timeout=2401
      echo "ProxyPass $GROUPER_APACHE_STATUS_PATH ajp://localhost:$GROUPER_TOMCAT_AJP_PORT/$GROUPER_TOMCAT_CONTEXT/status timeout=2401" >> /etc/httpd/conf.d/grouper-www.conf
      returnCode=$?
      echo >> /etc/httpd/conf.d/grouper-www.conf
      echo "grouperContainer; INFO: (librarySetupFilesApache.sh-setupFilesApache_status) echo \"ProxyPass $GROUPER_APACHE_STATUS_PATH ajp://localhost:$GROUPER_TOMCAT_AJP_PORT/$GROUPER_TOMCAT_CONTEXT/status timeout=2401\" >> /etc/httpd/conf.d/grouper-www.conf , result: $?"
      if [ $returnCode != 0 ]; then exit $returnCode; fi
  fi
}

setupFilesApache_supervisor() {
  if [ "$GROUPER_RUN_APACHE" = "true" ]
    then
      cat /opt/tier-support/supervisord-httpd.conf >> /opt/tier-support/supervisord.conf
      returnCode=$?
      echo "grouperContainer; INFO: (librarySetupFilesApache.sh-setupFilesApache_supervisor) cat /opt/tier-support/supervisord-httpd.conf >> /opt/tier-support/supervisord.conf , result: $?"
      if [ $returnCode != 0 ]; then exit $returnCode; fi
  fi

}

setupFilesApache_ports() {

  # filter the ssl config for ssl port
  
  if [ "$GROUPER_RUN_APACHE" = "true" ] && [ -f /etc/httpd/conf.d/ssl-enabled.conf ] && [ "$GROUPER_ORIGFILE_SSL_ENABLED_CONF" = "true" ]
    then
      sed -i "s|__GROUPER_APACHE_SSL_PORT__|$GROUPER_APACHE_SSL_PORT|g" /etc/httpd/conf.d/ssl-enabled.conf
      returnCode=$?
      echo "grouperContainer; INFO: (librarySetupFilesApache.sh-setupFilesApache_ports) sed -i \"s|__GROUPER_APACHE_SSL_PORT__|$GROUPER_APACHE_SSL_PORT|g\" /etc/httpd/conf.d/ssl-enabled.conf , result: $?"
      if [ $returnCode != 0 ]; then exit $returnCode; fi
  fi
  
  if [ "$GROUPER_RUN_APACHE" = "true" ] && [ "$GROUPER_APACHE_NONSSL_PORT" != "80" ]
    then
      sed -i "s|Listen 80|Listen $GROUPER_APACHE_NONSSL_PORT|g" /etc/httpd/conf/httpd.conf
      returnCode=$?
      echo "grouperContainer; INFO: (librarySetupFilesApache.sh-setupFilesApache_ports) Replace apache non-ssl port in httpd.conf, sed -i \"s|Listen 80|Listen $GROUPER_APACHE_NONSSL_PORT|g\" /etc/httpd/conf/httpd.conf , result: $?"
      if [ $returnCode != 0 ]; then exit $returnCode; fi
  fi

}


setupFilesApache() {
  setupFilesApache_supervisor
  setupFilesApache_ports
  setupFilesApache_remoteip
  setupFilesApache_ssl
  setupFilesApache_status
  setupFilesApache_serverName
  setupFilesApache_indexes
}

setupFilesApache_unsetAll() {
  unset -f setupFilesApache
  unset -f setupFilesApache_indexes
  unset -f setupFilesApache_ports
  unset -f setupFilesApache_remoteip
  unset -f setupFilesApache_ssl
  unset -f setupFilesApache_status
  unset -f setupFilesApache_supervisor
  unset -f setupFilesApache_unsetAll
  unset -f setupFilesApache_serverName
}

setupFilesApache_exportAll() {
  export -f setupFilesApache
  export -f setupFilesApache_indexes
  export -f setupFilesApache_ports
  export -f setupFilesApache_remoteip
  export -f setupFilesApache_ssl
  export -f setupFilesApache_status
  export -f setupFilesApache_supervisor
  export -f setupFilesApache_unsetAll
  export -f setupFilesApache_serverName
}

# export everything
setupFilesApache_exportAll