#
# Cookbook Name:: kosmos-mastodon
# Recipe:: default
#

include_recipe "kosmos-nodejs"
include_recipe "java"
include_recipe 'redisio::default'
include_recipe 'redisio::enable'
include_recipe 'firewall'

elasticsearch_user 'elasticsearch'

elasticsearch_install 'elasticsearch' do
  type 'package'
  # The current version of the elasticsearch cookbook doesn't like versions
  # it doesn't know about. This would still be installing the default (7.17.9)
  # on a new machine, but it doesn't upgrade the package
  download_url 'https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-7.17.7-amd64.deb'
  # SHA256
  download_checksum '5c588d779023672ba4e315e7cd4db068ac60a38873a35973574a1cae858c2030'
  action :install
end

elasticsearch_configure 'elasticsearch' do
  allocated_memory node["kosmos-mastodon"]["elasticsearch"]["allocated_memory"]

  jvm_options %w(
    -XX:+AlwaysPreTouch
    -server
    -Xss1m
    -Djava.awt.headless=true
    -Dfile.encoding=UTF-8
    -Djna.nosys=true
    -XX:-OmitStackTraceInFastThrow
    -Dio.netty.noUnsafe=true
    -Dio.netty.noKeySetOptimization=true
    -Dio.netty.recycler.maxCapacityPerThread=0
    -XX:+HeapDumpOnOutOfMemoryError
  )
end

elasticsearch_service 'elasticsearch'

postgresql_data_bag_item = data_bag_item('credentials', 'postgresql')

mastodon_path = node["kosmos-mastodon"]["directory"]
mastodon_user = "mastodon"

bind_ip = if node.chef_environment == "production"
            node["knife_zero"]["host"]
          else
            node["kosmos-mastodon"]["bind_ip"]
          end

group mastodon_user do
  gid 62786
end

user mastodon_user do
  comment "mastodon user"
  uid 62786
  gid 62786
  shell "/bin/bash"
  home mastodon_path
end

package %w(build-essential imagemagick ffmpeg libxml2-dev libxslt1-dev file git
           curl pkg-config libprotobuf-dev protobuf-compiler libidn11
           libidn11-dev libjemalloc2 libpq-dev)

npm_package "yarn" do
  version "1.22.4"
end

ruby_version = "3.0.4"
# ruby_version = "3.2.2"

ruby_path = "/opt/ruby_build/builds/#{ruby_version}"
bundle_path = "#{ruby_path}/bin/bundle"

ruby_build_install 'v20230615'
ruby_build_definition ruby_version do
  prefix_path ruby_path
end

execute "systemctl daemon-reload" do
  command "systemctl daemon-reload"
  action :nothing
end

# mastodon-web service
#
template "/lib/systemd/system/mastodon-web.service" do
  source "mastodon-web.systemd.service.erb"
  variables user: mastodon_user,
            app_dir: mastodon_path,
            bind: bind_ip,
            port: node["kosmos-mastodon"]["app_port"],
            bundle_path: bundle_path
  notifies :run, "execute[systemctl daemon-reload]", :immediately
  notifies :restart, "service[mastodon-web]", :delayed
end

# mastodon-sidekiq service
#
template "/lib/systemd/system/mastodon-sidekiq.service" do
  source "mastodon-sidekiq.systemd.service.erb"
  variables user: mastodon_user,
            app_dir: mastodon_path,
            bundle_path: bundle_path,
            sidekiq_threads: node["kosmos-mastodon"]["sidekiq_threads"]
  notifies :run, "execute[systemctl daemon-reload]", :immediately
  notifies :restart, "service[mastodon-sidekiq]", :delayed
end

# mastodon-sidekiq-scheduler service
#
template "/lib/systemd/system/mastodon-sidekiq-scheduler.service" do
  source "mastodon-sidekiq-scheduler.systemd.service.erb"
  variables user: mastodon_user,
            app_dir: mastodon_path,
            bundle_path: bundle_path,
            sidekiq_threads: 1
  notifies :run, "execute[systemctl daemon-reload]", :immediately
  notifies :restart, "service[mastodon-sidekiq-scheduler]", :delayed
end

# mastodon-streaming service
#
template "/lib/systemd/system/mastodon-streaming.service" do
  source "mastodon-streaming.systemd.service.erb"
  variables user: mastodon_user,
            app_dir: mastodon_path,
            bind: bind_ip,
            port: node["kosmos-mastodon"]["streaming_port"]
  notifies :run, "execute[systemctl daemon-reload]", :immediately
  notifies :restart, "service[mastodon-streaming]", :delayed
end

rails_env = node.chef_environment == "development" ? "development" : "production"
deploy_env = {
  # FIXME: /usr/bin was missing from PATH when running `yarn install`
  "PATH" => "#{ruby_path}/bin:/usr/bin:$PATH",
  "HOME" => mastodon_path,
  "RAILS_ENV" => rails_env,
  "NODE_ENV" => rails_env,
  "SKIP_POST_DEPLOYMENT_MIGRATIONS" => "true"
}

git mastodon_path do
  user mastodon_user
  group mastodon_user

  repository node["kosmos-mastodon"]["repo"]
  revision   node["kosmos-mastodon"]["revision"]
  # Restart services on deployments
  notifies :run, "execute[restart mastodon services]", :delayed
end

execute "restart mastodon services" do
  command "true"
  action :nothing
  notifies :restart, "service[mastodon-web]", :delayed
  notifies :restart, "service[mastodon-sidekiq]", :delayed
  notifies :restart, "service[mastodon-sidekiq-scheduler]", :delayed
  notifies :restart, "service[mastodon-streaming]", :delayed
end

mastodon_credentials = data_bag_item('credentials', 'mastodon')

template "#{mastodon_path}/.env.#{rails_env}" do
  source "env.erb"
  mode  "0640"
  owner mastodon_user
  group mastodon_user
  variables redis_url: node["kosmos-mastodon"]["redis_url"],
            domain: node["kosmos-mastodon"]["domain"],
            alternate_domains: node["kosmos-mastodon"]["alternate_domains"],
            paperclip_secret: mastodon_credentials['paperclip_secret'],
            secret_key_base: mastodon_credentials['secret_key_base'],
            otp_secret: mastodon_credentials['otp_secret'],
            smtp_login: mastodon_credentials['smtp_user_name'],
            smtp_password: mastodon_credentials['smtp_password'],
            smtp_from_address: "mail@#{node['kosmos-mastodon']['domain']}",
            s3_endpoint: node["kosmos-mastodon"]["s3_endpoint"],
            s3_region: node["kosmos-mastodon"]["s3_region"],
            s3_bucket: node["kosmos-mastodon"]["s3_bucket"],
            s3_alias_host: node["kosmos-mastodon"]["s3_alias_host"],
            aws_access_key_id: mastodon_credentials['s3_key_id'],
            aws_secret_access_key: mastodon_credentials['s3_secret_key'],
            vapid_private_key: mastodon_credentials['vapid_private_key'],
            vapid_public_key: mastodon_credentials['vapid_public_key'],
            db_pass: postgresql_data_bag_item['mastodon_user_password'],
            db_host: "pg.kosmos.local",
            default_locale: node["kosmos-mastodon"]["default_locale"],
            allowed_private_addresses: node["kosmos-mastodon"]["allowed_private_addresses"],
            libre_translate_endpoint: node["kosmos-mastodon"]["libre_translate_endpoint"]
  notifies :run, "execute[restart mastodon services]", :delayed
end

execute "bundle install" do
  environment deploy_env
  user mastodon_user
  cwd mastodon_path
  command "bundle install --without development,test --deployment"
end

execute "yarn install" do
  environment deploy_env
  user mastodon_user
  cwd mastodon_path
  command "yarn install --pure-lockfile"
end

execute "rake db:migrate" do
  environment deploy_env
  user mastodon_user
  group mastodon_user
  cwd mastodon_path
  command "bundle exec rake db:migrate"
end

execute "rake assets:precompile" do
  environment deploy_env
  user mastodon_user
  group mastodon_user
  cwd mastodon_path
  command "bundle exec rake assets:precompile"
end

service "mastodon-web" do
  action [:enable, :start]
end

service "mastodon-sidekiq" do
  action [:enable, :start]
end

service "mastodon-sidekiq-scheduler" do
  action [:enable, :start]
end

service "mastodon-streaming" do
  action [:enable, :start]
end

firewall_rule "mastodon_app" do
  port     node['kosmos-mastodon']['app_port']
  source   "10.1.1.0/24"
  protocol :tcp
  command  :allow
end

firewall_rule 'mastodon_streaming' do
  port     node['kosmos-mastodon']['streaming_port']
  source   "10.1.1.0/24"
  protocol :tcp
  command  :allow
end