#!/bin/sh

set -e

APTERIX_BASE_URL="https://apterix.xyz"
GPG_KEYS_URL="${APTERIX_BASE_URL}/keys"
REPO_URL="${APTERIX_BASE_URL}/repo"

declare -A DEBIAN_REPOS=(
    ["bookworm"]="php-sury nginx-sury kernelboil utils mariadb"
    ["trixie"]="php-sury nginx-sury kernelboil utils mariadb"
    ["buster"]="kernelboil utils"
    ["bullseye"]="kernelboil utils"
)

add_repo() {
    local repo_name=$1
    local repo_url=$2
    local gpg_key=$3
    local debian_version=$4

    echo "Adding repository: ${repo_name}"

    if [ "${DRY_RUN}" = true ]; then
        if [ "${debian_version}" = "trixie" ]; then
            echo "[DRY RUN] Would add (deb822 format):"
            echo "Types: deb"
            echo "URIs: ${repo_url}"
            echo "Suites: ${debian_version}"
            echo "Components: main"
            echo "Architectures: amd64"
            echo "Signed-By: ${gpg_key}"
        else
            echo "[DRY RUN] Would add: deb [arch=amd64 signed-by=${gpg_key}] ${repo_url} ${debian_version} main"
        fi
    else
        if [ "${debian_version}" = "trixie" ]; then
            ${SUDO} tee -a /etc/apt/sources.list.d/apterix.sources <<EOF

Types: deb
URIs: ${repo_url}
Suites: ${debian_version}
Components: main
Architectures: amd64
Signed-By: ${gpg_key}

EOF
        else
            ${SUDO} tee -a /etc/apt/sources.list.d/apterix.list <<EOF
deb [arch=amd64 signed-by=${gpg_key}] ${repo_url} ${debian_version} main
EOF
        fi
    fi
}

if [ "$(whoami)" != "root" ]; then
    SUDO=sudo
fi

DRY_RUN=false
while [ $# -gt 0 ]; do
    case "$1" in
        --dry-run)
            DRY_RUN=true
            shift
            ;;
        *)
            echo "Unknown option: $1" >&2
            exit 1
            ;;
    esac
done

debianVersion=$(lsb_release -sc)
if ! printf '%s\n' "${!DEBIAN_REPOS[@]}" | grep -q "^${debianVersion}$"; then
    echo "Error: This distribution (${debianVersion}) is not supported." >&2
    echo "Supported versions: ${!DEBIAN_REPOS[@]}" >&2
    exit 1
fi

if ! ping -c 1 archive.debian.org >/dev/null 2>&1; then
    echo "Error: No internet connection. Please check your network connection." >&2
    exit 1
fi

echo "Removing old repository files..."
${SUDO} rm -f /etc/apt/sources.list.d/apterix.list
${SUDO} rm -f /etc/apt/sources.list.d/apterix.list~
${SUDO} rm -f /etc/apt/sources.list.d/apterix.sources
${SUDO} rm -f /etc/apt/sources.list.d/apterix.sources~

echo "Installing dependencies..."
${SUDO} apt-get update
${SUDO} apt-get -y install lsb-release ca-certificates curl gnupg

echo "Downloading GPG keys..."
for key in gpg_sury.gpg gpg_sury-nginx-mainline.gpg gpg_apterix.gpg; do
    if ! ${SUDO} curl -sSLo "/usr/share/keyrings/${key}" "${GPG_KEYS_URL}/${key}"; then
        echo "Error: Could not download GPG key ${key}." >&2
        exit 1
    fi
    if ! gpg --no-default-keyring --keyring "/usr/share/keyrings/${key}" --list-keys >/dev/null 2>&1; then
        echo "Error: Invalid GPG key ${key}." >&2
        exit 1
    fi
done

echo "Adding repositories..."
for repo in ${DEBIAN_REPOS[${debianVersion}]}; do
    case ${repo} in
        "php-sury")
            add_repo "Sury PHP" "${APTERIX_BASE_URL}/php-sury/snapshots/latest" "/usr/share/keyrings/gpg_sury.gpg" "${debianVersion}"
            ;;
        "nginx-sury")
            add_repo "Sury Nginx" "${APTERIX_BASE_URL}/nginx-sury/snapshots/latest" "/usr/share/keyrings/gpg_sury-nginx-mainline.gpg" "${debianVersion}"
            ;;
        "kernelboil")
            add_repo "Kernelboil" "${REPO_URL}/kernelboil-${debianVersion}" "/usr/share/keyrings/gpg_apterix.gpg" "${debianVersion}"
            ;;
        "utils")
            add_repo "Utils" "${REPO_URL}/utils-${debianVersion}" "/usr/share/keyrings/gpg_apterix.gpg" "${debianVersion}"
            ;;
        "mariadb")
            add_repo "MariaDB" "${REPO_URL}/mariadb-${debianVersion}" "/usr/share/keyrings/gpg_apterix.gpg" "${debianVersion}"
            ;;
    esac
done

echo "Downloading APT preferences..."
${SUDO} curl -sSLo /etc/apt/preferences.d/apterix "${APTERIX_BASE_URL}/apterix_apt_preferences"

echo "Updating package lists..."
if [ "${DRY_RUN}" = false ]; then
    ${SUDO} apt-get update
fi

echo "Installation completed."