#
# Cookbook Name:: kosmos-hubot
# Recipe:: botka_irc-libera-chat
#

app_name  = "botka_irc-libera-chat"
app_path  = "/opt/#{app_name}"
app_user  = "hubot"
app_group = "hubot"
domain    = "irc-libera-chat.botka.kosmos.chat"

build_essential app_name do
  compile_time true
end

include_recipe "kosmos-nodejs"
include_recipe "kosmos-redis"

application app_path do
  data_bag = Chef::EncryptedDataBagItem.load('credentials', app_name)

  owner app_user
  group app_group

  git do
    user       app_user
    group      app_group
    repository "https://gitea.kosmos.org/kosmos/botka.git"
    revision   "master"
  end

  file "#{app_path}/external-scripts.json" do
    mode  "0640"
    owner app_user
    group app_group
    content [
      "hubot-help",
      "hubot-redis-brain",
      "hubot-remotestorage-logger",
      "hubot-web-push-notifications",
    ].to_json
  end

  npm_install do
    user app_user
  end

  execute "systemctl daemon-reload" do
    command "systemctl daemon-reload"
    action :nothing
  end

  template "/lib/systemd/system/#{app_name}.service" do
    source 'nodejs.systemd.service.erb'
    owner 'root'
    group 'root'
    mode '0644'
    variables(
      user: app_user,
      group: app_group,
      app_dir: app_path,
      entry: "#{app_path}/bin/hubot -a irc",
      environment: {
        "HUBOT_LOG_LEVEL"             => node.chef_environment == "development" ? "debug" : "info",
        "HUBOT_IRC_SERVER"            => "irc.libera.chat",
        "HUBOT_IRC_ROOMS"             => "#kosmos,#kosmos-dev,#kosmos-random,#remotestorage,#hackerbeach,#unhosted,#sockethub,#mastodon",
        "HUBOT_IRC_NICK"              => "botka",
        "HUBOT_IRC_NICKSERV_USERNAME" => "botka",
        "HUBOT_IRC_NICKSERV_PASSWORD" => data_bag['nickserv_password'],
        "HUBOT_IRC_UNFLOOD"           => "100",
        "HUBOT_RSS_PRINTSUMMARY"      => "false",
        "HUBOT_RSS_PRINTERROR"        => "false",
        "HUBOT_RSS_IRCCOLORS"         => "true",
        "REDIS_URL"                   => "redis://localhost:6379/botka",
        "EXPRESS_PORT"                => node[app_name]['http_port'],
        "HUBOT_AUTH_ADMIN"            => "bkero,raucao",
        "HUBOT_HELP_REPLY_IN_PRIVATE" => "true",
        "RS_LOGGER_USER"              => "kosmos@5apps.com",
        "RS_LOGGER_TOKEN"             => data_bag['rs_logger_token'],
        "RS_LOGGER_SERVER_NAME"       => "freenode",
        "RS_LOGGER_PUBLIC"            => "true",
        "GCM_API_KEY"                 => data_bag['gcm_api_key'],
        "VAPID_SUBJECT"               => "https://kosmos.org",
        "VAPID_PUBLIC_KEY"            => data_bag['vapid_public_key'],
        "VAPID_PRIVATE_KEY"           => data_bag['vapid_private_key']
      }
    )
    notifies :run, "execute[systemctl daemon-reload]", :delayed
    notifies :restart, "service[#{app_name}]", :delayed
  end

  service app_name do
    action [:enable, :start]
  end
end

#
# Nginx reverse proxy
#
unless node.chef_environment == "development"
  include_recipe "kosmos-base::letsencrypt"
  include_recipe "kosmos-nginx"

  template "#{node['nginx']['dir']}/sites-available/#{domain}" do
    source 'nginx_conf_hubot.erb'
    owner node["nginx"]["user"]
    mode 0640
    variables express_port: node[app_name]['http_port'],
              server_name:  domain,
              ssl_cert:     "/etc/letsencrypt/live/#{domain}/fullchain.pem",
              ssl_key:      "/etc/letsencrypt/live/#{domain}/privkey.pem"
    notifies :reload, 'service[nginx]', :delayed
  end

  nginx_site domain do
    action :enable
  end

  nginx_certbot_site domain
end