#!/usr/bin/env bash
#
# Copyright (c) 2024 YunoHost Contributors
#
# This file is part of YunoHost (see https://yunohost.org)
#
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU Affero General Public License as
# published by the Free Software Foundation, either version 3 of the
# License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU Affero General Public License for more details.
#
# You should have received a copy of the GNU Affero General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
#

# Exit hook on subcommand error or unset variable
set -e

# Source YNH helpers
# shellcheck source=../../helpers/helpers
source /usr/share/yunohost/helpers

do_pre_regen() {
    pending_dir=$1

    cd /usr/share/yunohost/conf/postfix

    postfix_dir="${pending_dir}/etc/postfix"
    mkdir -p "$postfix_dir"

    default_dir="${pending_dir}/etc/default/"
    mkdir -p "$default_dir"

    # install plain conf files
    cp plain/* "$postfix_dir"

    # prepare main.cf conf file
    main_domain=$(cat /etc/yunohost/current_host)

    # Support different strategy for security configurations
    export compatibility="$(jq -r '.postfix_compatibility' <<< "$YNH_SETTINGS")"

    # Add possibility to specify a relay
    # Could be useful with some isp with no 25 port open or more complex setup
    export relay_port=""
    export relay_user=""
    export relay_host=""
    export relay_enabled="$(jq -r '.smtp_relay_enabled' <<< "$YNH_SETTINGS" | int_to_bool)"
    if [ "${relay_enabled}" == "True" ]; then
        relay_host="$(jq -r '.smtp_relay_host' <<< "$YNH_SETTINGS")"
        relay_port="$(jq -r '.smtp_relay_port' <<< "$YNH_SETTINGS")"
        relay_user="$(jq -r '.smtp_relay_user' <<< "$YNH_SETTINGS")"
        relay_password="$(jq -r '.smtp_relay_password' <<< "$YNH_SETTINGS")"

        # Avoid to display "Relay account paswword" to other users
        touch "${postfix_dir}/sasl_passwd"
        chmod 750 "${postfix_dir}/sasl_passwd"
        # Avoid "postmap: warning: removing zero-length database file"
        chown postfix "${pending_dir}/etc/postfix"
        chown postfix "${pending_dir}/etc/postfix/sasl_passwd"

        cat <<< "[${relay_host}]:${relay_port} ${relay_user}:${relay_password}" > "${postfix_dir}/sasl_passwd"
    fi
    export enable_blocklists="$(jq -r '.enable_blocklists' <<< "$YNH_SETTINGS" | int_to_bool)"

    # Use this postfix server as a backup MX
    export backup_mx_domains="$(jq -r '.smtp_backup_mx_domains' <<< "$YNH_SETTINGS" | sed 's/^null$//g' | sed "s/,/ /g")"
    export backup_mx_emails="$(jq -r '.smtp_backup_mx_emails_whitelisted' <<< "$YNH_SETTINGS" | sed "s/,/ /g")"
    rm -f "${postfix_dir}/relay_recipients"
    touch "${postfix_dir}/relay_recipients"
    rm -f "${postfix_dir}/relay_recipients.db"
    touch "${postfix_dir}/relay_recipients.db"
    if [ -n "${backup_mx_domains}" ] && [ -n "${backup_mx_emails}" ]; then
        for mail in ${backup_mx_emails}; do
            echo "$mail OK" >> "${postfix_dir}/relay_recipients"
        done
        postmap "${postfix_dir}/relay_recipients"
    fi

    export main_domain
    export domain_list="$YNH_DOMAINS_WITH_MAIL_IN_AND_OUT"
    ynh_render_template "main.cf" "${postfix_dir}/main.cf"
    ynh_render_template "sni" "${postfix_dir}/sni"

    # Activate mailbox only on domains with mail_in features
    # If mail_in is disabled for a domain, this allows to send
    # mails on external mailbox using this domain
    # See: https://forum.yunohost.org/t/how-to-keep-your-mailbox-outside-yunohost/4860
    echo "# This file is regenerated automatically" > "${postfix_dir}/virtual-mailbox-domains"
    echo "# Please DO NOT edit manually ... changes will be overwritten!" >> "${postfix_dir}/virtual-mailbox-domains"
    tr ' ' '\n' <<< "$YNH_DOMAINS_WITH_MAIL_IN" >> "${postfix_dir}/virtual-mailbox-domains"

    cat postsrsd \
        | sed "s/{{ main_domain }}/${main_domain}/g" \
        | sed "s/{{ domain_list }}/${domain_list}/g" \
            > "${default_dir}/postsrsd"

    # adapt it for IPv4-only hosts
    ipv6="$(jq -r '.smtp_allow_ipv6' <<< "$YNH_SETTINGS" | int_to_bool)"
    if [ "$ipv6" == "False" ] || [ ! -f /proc/net/if_inet6 ]; then
        sed -i \
            's/ \[::ffff:127.0.0.0\]\/104 \[::1\]\/128//g' \
            "${postfix_dir}/main.cf"
        sed -i \
            's/inet_interfaces = all/&\ninet_protocols = ipv4/' \
            "${postfix_dir}/main.cf"
    fi
}

do_post_regen() {
    regen_conf_files=$1

    chown postfix /etc/postfix

    if [ -e /etc/postfix/sasl_passwd ]; then
        chmod 750 /etc/postfix/sasl_passwd*
        chown postfix:root /etc/postfix/sasl_passwd*
        postmap /etc/postfix/sasl_passwd
    fi

    if [ -e /etc/postfix/relay_recipients ]; then
        chmod 750 /etc/postfix/relay_recipients*
        chown postfix:root /etc/postfix/relay_recipients*
    fi

    postmap -F hash:/etc/postfix/sni

    python3 -c 'from yunohost.app import regen_mail_app_user_config_for_dovecot_and_postfix as r; r(only="postfix")'

    [[ -z "$regen_conf_files" ]] \
        || { systemctl restart postfix && systemctl restart postsrsd; }

}

"do_$1_regen" "$(echo "${*:2}" | xargs)"
