<?php

require 'vendor/autoload.php';

use Amp\Future;
use Amp\Http\Client\HttpClientBuilder;
use Amp\Http\Client\Request;

function checkIP($domain, $withWww = false, $noip6 = false)
{
  if (!preg_match('/(?=^.{4,253}$)(^((?!-)[a-zA-Z0-9-]{0,62}[a-zA-Z0-9]\.)+[a-zA-Z]{2,63}$)/', strtolower($domain))) {
    throw new Exception('not valid domain : "' . $domain . '".');
  }
  $output = shell_exec('ping -c1 -4 ' . $domain);
  preg_match_all('/PING.*\(.*((\b25[0-5]|\b2[0-4][0-9]|\b[01]?[0-9][0-9]?)(\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)){3}).*\)/m', $output, $matches, PREG_SET_ORDER, 0);
  $currentip = $matches[0][1] ?? null;
  if (empty($currentip)) {
    throw new Exception('the domain ' . $domain . ' has no ip v4.');
  }
  if ($currentip !== $_SERVER['ip4']) {
    throw new Exception('the current ip v4 address of ' . $domain . ' is ' . $currentip . '. it should be ' . $_SERVER['ip4']);
  }
  if (!$noip6) {
    $output = shell_exec('ping -c1 -6 ' . $domain);
    preg_match_all('/PING.*\((([0-9a-fA-F]{1,4}:){7,7}[0-9a-fA-F]{1,4}|([0-9a-fA-F]{1,4}:){1,7}:|([0-9a-fA-F]{1,4}:){1,6}:[0-9a-fA-F]{1,4}|([0-9a-fA-F]{1,4}:){1,5}(:[0-9a-fA-F]{1,4}){1,2}|([0-9a-fA-F]{1,4}:){1,4}(:[0-9a-fA-F]{1,4}){1,3}|([0-9a-fA-F]{1,4}:){1,3}(:[0-9a-fA-F]{1,4}){1,4}|([0-9a-fA-F]{1,4}:){1,2}(:[0-9a-fA-F]{1,4}){1,5}|[0-9a-fA-F]{1,4}:((:[0-9a-fA-F]{1,4}){1,6})|:((:[0-9a-fA-F]{1,4}){1,7}|:)|fe80:(:[0-9a-fA-F]{0,4}){0,4}%[0-9a-zA-Z]{1,}|::(ffff(:0{1,4}){0,1}:){0,1}((25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])\.){3,3}(25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])|([0-9a-fA-F]{1,4}:){1,4}:((25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])\.){3,3}(25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9]))\)/m', $output, $matches, PREG_SET_ORDER, 0);
    $currentip6 = $matches[0][1] ?? null;
    if (empty($currentip6)) {
      throw new Exception('the domain ' . $domain . ' has no ip v6.');
    }
    if ($currentip6 !== $_SERVER['ip6']) {
      throw new Exception('the current ip v6 address of ' . $domain . ' is ' . $currentip6 . '. it should be ' . $_SERVER['ip6']);
    }
  }
  if ($withWww) {
    $dnsentries = dns_get_record('www.' . $domain, DNS_A + DNS_AAAA + DNS_CNAME);
    $foundCnameEntry = false;
    $foundIp4 = false;
    $foundIp6 = false;
    foreach ($dnsentries as $key => $row) {
      if ($row['host'] == 'www.' . $domain && $row['type'] == 'CNAME' && $row['target'] == $domain) {
        $foundCnameEntry = true;
      }
      if ($row['host'] == 'www.' . $domain && $row['type'] == 'A' && $row['ip'] == $_SERVER['ip4']) {
        $foundIp4 = true;
      }
      if (!$noip6) {
        if ($row['host'] == 'www.' . $domain && $row['type'] == 'AAAA' && $row['ipv6'] == $_SERVER['ip6']) {
          $foundIp6 = true;
        }
      }
    }
    if (!$foundCnameEntry) {
      if (!$foundIp4) {
        throw new Exception('the domain www.' . $domain . ' was not found in DNS record as a CNAME targeting ' . $domain . "\n" . ' or A entry to ' . $_SERVER['ip4']);
      }
      if (!$noip6 && !$foundIp6) {
        throw new Exception('the domain www.' . $domain . ' was not found in DNS record as a CNAME targeting ' . $domain . "\n" . ' or AAAA entry to ' . $_SERVER['ip6'] . '.');
      }
    }
  }
  return true;
}

function checkIfInstalled($domain)
{
  exec('find /home/* -maxdepth 1 -type d | grep ' . $domain, $output);
  if (!empty($output)) {
    throw new Exception('the domain ' . $domain . ' was already found on the server.');
  }
}

function checkIfUserExist($user)
{
  exec('cut -d: -f1 /etc/passwd | grep ' . $user, $output);
  return !empty($output);
}

function generateUserFromDomain($domain, $recursive = null)
{
  if ($recursive == 100) {
    throw new Exception('Too much users found, 100 that is too much for ' . $domain);
  }
  $user = str_split(str_replace([$_SERVER['maindomain'], '-', '.'], '', $domain), 30)[0] . $recursive;
  // try anthor username if user exists or if reserved name
  if (checkIfUserExist($user) || in_array($user, explode(',', $_SERVER['reservedsubdomains']))) {
    if ($recursive === null) {
      $recursive = 1;
    }
    $user = generateUserFromDomain($domain, $recursive + 1);
  }
  return $user;
}

function findUserFromExistingDomain($domain)
{
  exec('find /home/* -maxdepth 1 -type d | grep ' . $domain, $output);
  if (empty($output)) {
    throw new Exception('the domain ' . $domain . ' was not found on the server.');
  } else {
    return str_replace(['/home/', '/' . $domain], '', $output[0]);
  }
}

function generatePassword($length = 32, $add_dashes = false, $available_sets = 'luds')
{
  $sets = array();
  if (strpos($available_sets, 'l') !== false) {
    $sets[] = 'abcdefghjkmnpqrstuvwxyz';
  }
  if (strpos($available_sets, 'u') !== false) {
    $sets[] = 'ABCDEFGHJKMNPQRSTUVWXYZ';
  }
  if (strpos($available_sets, 'd') !== false) {
    $sets[] = '23456789';
  }
  if (strpos($available_sets, 's') !== false) {
    $sets[] = ';-().!?';
  }

  $all = '';
  $password = '';
  foreach ($sets as $set) {
    $password .= $set[array_rand(str_split($set))];
    $all .= $set;
  }

  $all = str_split($all);
  for ($i = 0; $i < $length - count($sets); $i++) {
    $password .= $all[array_rand($all)];
  }

  $password = str_shuffle($password);

  if (!$add_dashes) {
    return $password;
  }

  $dash_len = floor(sqrt($length));
  $dash_str = '';
  while (strlen($password) > $dash_len) {
    $dash_str .= substr($password, 0, $dash_len) . '-';
    $password = substr($password, $dash_len);
  }
  $dash_str .= $password;
  return $dash_str;
}

function createSQLUserAndDatabase($user, $type)
{
  $pass = generatePassword();
  exec('mysql -u ' . $_SERVER['mysqluser'] . ' -p\'' . $_SERVER['mysqlpassword'] . '\' -e \'CREATE DATABASE IF NOT EXISTS ' . $user . ';\'', $output);
  exec('mysql -u ' . $_SERVER['mysqluser'] . ' -p\'' . $_SERVER['mysqlpassword'] . '\' -e "CREATE USER IF NOT EXISTS \'' . $user . '\'@\'localhost\' IDENTIFIED BY \'' . $pass . '\';"', $output);
  exec('mysql -u ' . $_SERVER['mysqluser'] . ' -p\'' . $_SERVER['mysqlpassword'] . '\' -e "GRANT ALL PRIVILEGES ON ' . $user . '.* TO \'' . $user . '\'@\'localhost\';"', $output);
  exec('mysql -u ' . $_SERVER['mysqluser'] . ' -p\'' . $_SERVER['mysqlpassword'] . '\' -e "FLUSH PRIVILEGES;"', $output);
  $databaseModel = ($type === 'solo') ? $_SERVER['solomodel'] : $_SERVER['fermemodel'];
  exec('mysqldump -u ' . $_SERVER['mysqluser'] . ' -p\'' . $_SERVER['mysqlpassword'] . '\' -v ' . $databaseModel . ' | mysql -u ' . $user . ' -p\'' . $pass . '\' -D ' . $user, $output);
  // TODO: add first user and make him admin
  return ['database' => $user, 'user' => $user, 'password' => $pass];
}

function removeMySQLUserAndDatabase($user)
{
  exec('mysql -u ' . $_SERVER['mysqluser'] . ' -p\'' . $_SERVER['mysqlpassword'] . '\' -e \'DROP DATABASE IF EXISTS ' . $user . ';\'', $output);
  exec('mysql -u ' . $_SERVER['mysqluser'] . ' -p\'' . $_SERVER['mysqlpassword'] . '\' -e "DROP USER IF EXISTS \'' . $user . '\'@\'localhost\';"', $output);
  exec('mysql -u ' . $_SERVER['mysqluser'] . ' -p\'' . $_SERVER['mysqlpassword'] . '\' -e "FLUSH PRIVILEGES;"', $output);
  return;
}

function createUnixUserWithQuota($user, $quota)
{
  $pass = generatePassword();
  exec('useradd -m -p "' . $pass . '" ' . $user, $output);
  exec('setquota -u ' . $user . ' ' . $quota . ' ' . $quota . ' 0 0 -a /dev/loop0', $output);
  // TODO : handle errors
  return ['user' => $user, 'password' => $pass, 'quota' => $quota];
}

function removeUnixUser($user)
{
  exec('deluser --remove-home ' . $user, $output);
  // TODO : handle errors
  return;
}

function createNginxConfig($domain, $user, $herseUser, $hersePass, $nossl)
{
  // create folder if not exists
  exec('sudo -u ' . $user . ' mkdir -p /home' . '/' . $user . '/' . $domain);

  $nginxFile = '/etc/nginx/conf.d/' . $domain . '.conf';
  if (empty($herseUser) && empty($hersePass)) {
    // no herse needed
  } elseif (empty($herseUser) || empty($hersePass)) {
    throw new Exception('You need an username AND a password to add a herse.');
  } else {
    // add password file to domain
    file_put_contents(
      '/home' . '/' . $user . '/' . $domain . '/.htpasswd',
      $herseUser . ':' . password_hash($hersePass, PASSWORD_BCRYPT)
    );
  }
  $templates = new League\Plates\Engine(dirname(__FILE__) . '/templates');
  $subDomain = preg_match('/.' . $_SERVER['maindomain'] . '$/isU', $domain, $matches, PREG_OFFSET_CAPTURE, 0);
  $isFullDomain = !preg_match('/^([a-zA-Z0-9]([-a-zA-Z0-9]{0,61}[a-zA-Z0-9])\.)([a-zA-Z0-9]{1,2}([-a-zA-Z0-9]{0,252}[a-zA-Z0-9])?)\.([a-zA-Z]{2,63})$/isU', $domain, $matches, PREG_OFFSET_CAPTURE, 0);
  if (!$nossl) {
    if (!$subDomain) {
      file_put_contents(
        $nginxFile,
        $templates->render(
          'nginx-for-ssl-certificate',
          [
            'domain' => $domain,
            'user' => $user,
          ]
        )
      );
      exec('service nginx force-reload', $output);
      if ($isFullDomain) {
        exec('/root/.acme.sh/acme.sh --issue -d ' . $domain . ' -d www.' . $domain . ' -k ec-384 -w /home/' . $user . '/' . $domain . '/', $output);
      } else {
        exec('/root/.acme.sh/acme.sh --issue -d ' . $domain . ' -k ec-384 -w /home/' . $user . '/' . $domain . '/', $output);
      }
      exec('mkdir -p /etc/letsencrypt/live/' . $domain, $output);
      exec('/root/.acme.sh/acme.sh --install-cert -d ' . $domain . ' --ecc \
            --cert-file /etc/letsencrypt/live/' . $domain . '/cert.pem \
            --key-file /etc/letsencrypt/live/' . $domain . '/key.pem \
            --fullchain-file /etc/letsencrypt/live/' . $domain . '/fullchain.pem \
            --ca-file /etc/letsencrypt/live/' . $domain . '/ca.pem \
            --reloadcmd "systemctl restart nginx.service"', $output);
    }
    file_put_contents(
      $nginxFile,
      $templates->render(
        'nginx-maindomain',
        [
          'domain' => $domain,
          'user' => $user,
          'herseUser' => $herseUser,
          'hersePass' => $hersePass,
          'subDomain' => $subDomain,
        ]
      )
    );
  } else {
    file_put_contents(
      $nginxFile,
      $templates->render(
        'nginx-nossl',
        [
          'domain' => $domain,
          'user' => $user,
          'herseUser' => $herseUser,
          'hersePass' => $hersePass,
          'subDomain' => $subDomain,
        ]
      )
    );
  }
  exec('service nginx force-reload', $output);
}

function removeNginxConfig($domain)
{
  $nginxFile = '/etc/nginx/conf.d/' . $domain . '.conf';
  unlink($nginxFile);
  exec('service nginx force-reload', $output);
}

function createPhpFpmConfig($user)
{
  $phpVersion = str_replace(['php', '-fpm'], '', $_SERVER['phpservice']);
  $phpConfFile = '/etc/php/' . $phpVersion . '/fpm/pool.d/' . $user . '.conf';
  $templates = new League\Plates\Engine(dirname(__FILE__) . '/templates');
  file_put_contents($phpConfFile, $templates->render('php-fpm', ['user' => $user]));
  exec('service ' . $_SERVER['phpservice'] . ' reload', $output);
}

function removePhpFpmConfig($user)
{
  $phpVersion = str_replace(['php', '-fpm'], '', $_SERVER['phpservice']);
  $phpConfFile = '/etc/php/' . $phpVersion . '/fpm/pool.d/' . $user . '.conf';
  unlink($phpConfFile);
  exec('service ' . $_SERVER['phpservice'] . ' reload', $output);
}

function copyYesWikiFiles($domain, $user, $dbUser, $herseUser = null, $hersePass = null, $nossl = null)
{
  $tmpFile = '/tmp/yeswiki.zip';
  $destDir = '/home' . '/' . $user . '/' . $domain;
  $sudo = 'sudo -u ' . $user . ' ';
  exec($sudo . ' mkdir -p ' . $destDir, $output);
  exec($sudo . ' chown ' . $user . ':' . $user . ' -R ' . $destDir, $output);
  if (file_exists($tmpFile)) {
    unlink($tmpFile);
  }
  exec($sudo . 'curl --insecure -o ' . $tmpFile . ' ' . $_SERVER['source_archive_url']);
  exec($sudo . 'unzip ' . $tmpFile . ' "doryphore/*" -d ' . $destDir);
  exec($sudo . 'mv ' . $destDir . '/doryphore/* ' . $destDir . '/');
  exec($sudo . 'rm -rf ' . $destDir . '/doryphore');
  unlink($tmpFile);
  $herse = '';
  if (!empty($herseUser) && !empty($hersePass)) {
    $herse = $herseUser . ':' . $hersePass . '@';
  }
  $curl = 'curl -X POST --insecure --data-urlencode \'config[default_language]=fr\' --data-urlencode \'config[wakka_name]=' . $domain . '\' --data-urlencode \'config[root_page]=PagePrincipale\' --data-urlencode \'config[mysql_host]=localhost\' --data-urlencode \'config[mysql_database]=' . $dbUser['database'] . '\' --data-urlencode \'config[mysql_user]=' . $dbUser['user'] . '\' --data-urlencode \'config[mysql_password]=' . $dbUser['password'] . '\' --data-urlencode \'config[table_prefix]=yeswiki_\' --data-urlencode \'admin_name=' . $_SERVER['admin_id'] . '\' --data-urlencode \'admin_password=' . $_SERVER['admin_password'] . '\' --data-urlencode \'admin_password_conf=' . $_SERVER['admin_password'] . '\' --data-urlencode \'admin_email=' . $_SERVER['admin_email'] . '\' --data-urlencode \'config[rewrite_mode]=0\' --data-urlencode \'config[allow_raw_html]=1\' --data-urlencode \'config[allow_robots]=1\' --data-urlencode \'submit=Continue\' \'http' . ($nossl ? '' : 's') . '://' . $herse . $domain . '/?PagePrincipale&installAction=install\' 2>&1';
  $output = [];
  exec($curl, $output);
  //echo implode("\n", $output);
  return;
}

function checkHerse($herseUser, $hersePass)
{
  if (empty($herseUser) && empty($hersePass)) {
    return false; // no herse needed
  } elseif (empty($herseUser) || empty($hersePass)) {
    throw new Exception('You need an username AND a password to add a herse.');
  }
  return true; // herse needed
}

function editConfigFile()
{
  // change fuseau horaire
  // 'contact_mail_func' => 'smtp',
  // 'contact_smtp_host' => 'ssl://mail.gandi.net',
  // 'contact_smtp_port' => '465',
  // 'contact_smtp_user' => 'noreply@yeswiki.pro',
  // 'contact_reply_to' => 'noreply@yeswiki.pro',
  // 'contact_smtp_pass' => 'Ceci est 1 message automatique!',

}

function addExtensions()
{
  // ferme pour l'option ferme
}

function addStatistics()
{
  // requete SQL
  // INSERT INTO `matomo_site` (`idsite`, `name`, `main_url`, `ts_created`, `ecommerce`, `sitesearch`, `sitesearch_keyword_parameters`, `sitesearch_category_parameters`, `timezone`, `currency`, `exclude_unknown_urls`, `excluded_ips`, `excluded_parameters`, `excluded_user_agents`, `excluded_referrers`, `group`, `type`, `keep_url_fragment`, `creator_login`) VALUES (NULL, 'Partage ton outil', 'https://partagetonoutil.fr', '2023-02-01 00:00:00', '0', '1', '', '', 'Europe/Paris', 'EUR', '0', '', '', '', '', '', 'website', '0', 'superadmin'); 

}

function searchWikis($path, $pattern)
{
  $it = new RecursiveDirectoryIterator($path);
  $list = array();
  $httpClient = HttpClientBuilder::buildDefault();
  $nb = 0;
  foreach (new RecursiveIteratorIterator($it) as $file) {
    if (preg_match('/' . preg_quote($pattern) . '$/i', $file)) {
      $nb++;
      $wakkaConfig = [];
      include_once($file);
      $list[$nb] = [
        'PATH' => dirname($file),
        'URL' => $wakkaConfig['base_url'] ?? 'KO',
        'VERSION' => $wakkaConfig['yeswiki_version'] ?? 'KO',
        'RELEASE' => $wakkaConfig['yeswiki_release'] ?? 'KO',
      ];
    }
  }
  try {
    $responses = Future\awaitAll(array_map(function ($l) use ($httpClient) {
      return Amp\async(fn () => $httpClient->request(new Request($l['URL'], 'HEAD')));
    }, $list));
    var_dump($responses[0]);
    foreach ($responses[1] as $key => $response) {
      $list[$key]['STATUS'] = $response->getStatus() . ' ' . $response->getReason();
    }
  } catch (Exception $e) {
    // If any one of the requests fails the combo will fail
    echo $e->getMessage(), "\n";
  }

  return $list;
}