#
# Cookbook Name:: kosmos-hubot
# Recipe:: hal8000_xmpp
#

app_name  = "hal8000_xmpp"
app_path  = "/opt/#{app_name}"
app_user  = "hubot"
app_group = "hubot"

build_essential app_name do
  compile_time true
end

include_recipe 'redisio::default'
include_recipe 'redisio::enable'
include_recipe "kosmos-hubot::_user"
include_recipe "kosmos-hubot::_nodejs"
include_recipe "kosmos-base::firewall"

data_bag = Chef::EncryptedDataBagItem.load('credentials', app_name)

git app_path do
  user       app_user
  group      app_group
  repository "https://gitea.kosmos.org/kosmos/hal8000.git"
  revision   "master"
  notifies :restart, "systemd_unit[#{app_name}.service]", :delayed
end

file "#{app_path}/external-scripts.json" do
  mode  "0640"
  owner app_user
  group app_group
  content node[app_name]['hubot_scripts'].to_json
end

execute "npm install" do
  cwd app_path
  environment "HOME" => app_path
  user app_user
end

ipfs_host = search(:node, "role:ipfs_gateway").first["knife_zero"]["host"]
node.override[app_name]['kredits']['ipfs_host'] = ipfs_host

rsk_node_ip = search(:node, "role:rskj_testnet").first["knife_zero"]["host"]
node.override[app_name]['kredits']['provider_url'] = "http://#{rsk_node_ip}:4444"

file "#{app_path}/node_modules/@kredits/hubot-kredits/.env" do
  mode "0600"
  owner app_user
  group app_group
  content <<-EOF
GITEA_TOKEN=#{data_bag['gitea_token']}
GITHUB_TOKEN=#{data_bag['github_token']}
KREDITS_PROVIDER_URL=#{node[app_name]['kredits']['provider_url']}
IPFS_API_HOST=#{node[app_name]['kredits']['ipfs_host']}
IPFS_API_PORT=#{node[app_name]['kredits']['ipfs_port']}
IPFS_API_PROTOCOL=#{node[app_name]['kredits']['ipfs_protocol']}
KREDITS_WALLET_PATH=../../#{node[app_name]['kredits']['wallet_path']}
KREDITS_WALLET_PASSWORD=#{data_bag['kredits_wallet_password']}
  EOF
end

cookbook_file "#{app_path}/wallet.json" do
  source "wallet.json"
end

service_env = {
  "HUBOT_LOG_LEVEL"                => node.chef_environment == "development" ? "debug" : "info",
  "HUBOT_XMPP_USERNAME"            => "hal8000@kosmos.org/hubot",
  "HUBOT_XMPP_PASSWORD"            => data_bag['xmpp_password'],
  "HUBOT_XMPP_HOST"                => "xmpp.kosmos.org",
  "HUBOT_XMPP_ROOMS"               => node[app_name]['rooms'].join(','),
  "HUBOT_AUTH_ADMIN"               => node[app_name]['auth_admins'].join(','),
  "HUBOT_RSS_PRINTSUMMARY"         => "false",
  "HUBOT_RSS_PRINTERROR"           => "false",
  "HUBOT_RSS_IRCCOLORS"            => "true",
  "HUBOT_PLUSPLUS_POINTS_TERM"     => "karma,karma",
  "HUBOT_RSS_HEADER"               => "Update:",
  "HUBOT_HELP_REPLY_IN_PRIVATE"    => "true",
  "REDIS_URL"                      => "redis://localhost:6379/#{app_name}",
  "EXPRESS_PORT"                   => node[app_name]['http_port'],
  "WEBHOOK_TOKEN"                  => data_bag['webhook_token'],
  "IPFS_API_HOST"                  => node[app_name]['kredits']['ipfs_host'],
  "IPFS_API_PORT"                  => node[app_name]['kredits']['ipfs_port'],
  "IPFS_API_PROTOCOL"              => node[app_name]['kredits']['ipfs_protocol'],
  "KREDITS_WEB_URL"                => node[app_name]['kredits']['web_url'],
  "KREDITS_ROOM"                   => node[app_name]['kredits']['room'],
  "KREDITS_WEBHOOK_TOKEN"          => data_bag['kredits_webhook_token'],
  "KREDITS_PROVIDER_URL"           => node[app_name]['kredits']['provider_url'],
  "KREDITS_WALLET_PATH"            => node[app_name]['kredits']['wallet_path'],
  "KREDITS_WALLET_PASSWORD"        => data_bag['kredits_wallet_password'],
  "KREDITS_MEDIAWIKI_URL"          => node[app_name]['kredits']['mediawiki_url'],
  "KREDITS_GITHUB_REPO_BLACKLIST"  => node[app_name]['kredits']['github_repo_blacklist'],
  "KREDITS_GITEA_REPO_BLACKLIST"   => node[app_name]['kredits']['gitea_repo_blacklist'],
  "KREDITS_GRANT_HOST"             => node[app_name]['domain'],
  "KREDITS_GRANT_PROTOCOL"         => "https",
  "KREDITS_SESSION_SECRET"         => data_bag['kredits_session_secret'],
  "KREDITS_GITHUB_KEY"             => data_bag['kredits_github_key'],
  "KREDITS_GITHUB_SECRET"          => data_bag['kredits_github_secret'],
  "KREDITS_ZOOM_JWT"               => data_bag['kredits_zoom_jwt'],
  "KREDITS_ZOOM_MEETING_WHITELIST" => "414901303,82557072771"
}

systemd_unit "#{app_name}.service" do
  content({
    Unit: {
      Description: app_name,
      Requires: "redis@6379.service",
      After: "redis@6379.service"
    },

    Service: {
      ExecStart: "#{app_path}/bin/hubot -a xmpp --name hal8000",
      WorkingDirectory: app_path,
      User: app_user,
      Group: app_group,
      Environment: service_env.map { |k, v| "'#{k}=#{v}'" },
      Restart: 'always'
    },

    Install: {
      WantedBy: 'multi-user.target'
    }
  })
  verify false
  triggers_reload true
  action [:create, :enable, :start]
end

firewall_rule app_name do
  port     node[app_name]['http_port']
  source   "10.1.1.0/24"
  protocol :tcp
  command  :allow
end