#!/usr/bin/env bash

# locale
export LC_ALL="C.UTF-8"
export TZ=:/etc/localtime

Help()
{
  cat <<- 'HEREDOC'
	
	Generate static website with encrypted code by staticrypt.
	The first pass requires -t, -d and -u options, re-run it with -c option only.
	
	Syntax: ./build.sh [-h] [Options...]
	
	options:
	  -h                     Print this Help
	  -c                     Fetch options from ".staticrypt.conf"
	  -d "<path>"            Desination webroot path or directory
	  -p "<password>"        Password for decryption >= 12 characters
	  -s "<salt>"            Salt string = 32 hexadecimal characters
 	  -t "<string>"          Title for the staticrypt form page
	  -u "<url>"             Https or localhost Url for the destination root
	
	Example: ./build.sh -u https://start.domain.tld -d static -t "STILDE - StartPage"
	
	HEREDOC
}

cd "$(dirname $0)"

# install staticrypt package
if ! [[ -s ./node_modules/.bin/staticrypt ]]; then
  npm install
fi

# options
while getopts ":hcd:p:s:t:u:" option; do
  case $option in
    h ) Help; exit 0 ;;
    c ) _CONF=.staticrypt.conf ;;
    d ) _DEST="${OPTARG}" ;;
    p ) _PASS="${OPTARG}" ;;
    s ) _SALT="${OPTARG}" ;;
    t ) _TITLE="${OPTARG}" ;;
    u ) _URL="${OPTARG}" ;;
    \?) echo -e "Unknown option: -$OPTARG \n" >&2; Help; exit 1;;
    : ) echo -e "Missing argument for -$OPTARG \n" >&2; Help; exit 1;;
  esac
done

# use config file or input options
if [[ -z $_CONF ]]; then
  if [[ -z $_DEST ]] || [[ -z $_URL ]] || [[ -z $_TITLE ]]; then
    echo -e "Error: options -d and -u are mandatory.\n" >&2; Help; exit 1
  fi
  if [[ -z $_PASS ]]; then
    _PASS=$(openssl rand -base64 12)
  fi
  if [[ -z $_SALT ]]; then
    _SALT=$(openssl rand -hex 16)
  fi
else
  _DEST=$(sed -n '/STATIC=/ s/STATIC=//p;' $_CONF | tr -d '\n')
  _PASS=$(sed -n '/PASSWORD=/ s/PASSWORD=//p;' $_CONF | tr -d '\n')
  _SALT=$(sed -n '/SALT=/ s/SALT=//p;' $_CONF | tr -d '\n')
  _URL=$(sed -n '/^URL=/ s/URL=//p;' $_CONF | tr -d '\n')
  _TITLE=$(sed -n '/TITLE=/ s/TITLE=//p;' $_CONF | tr -d '\n')
fi

# create directories
mkdir -p --verbose assets/{root,source,templates} encrypted $_DEST

# generate an url hash for the decrypted form-less page
_URLHASH=$(STATICRYPT_PASSWORD=${_PASS} ./node_modules/.bin/staticrypt --config false --salt ${_SALT} --share)

# encrypt files & update config file
STATICRYPT_PASSWORD=${_PASS} \
  ./node_modules/.bin/staticrypt assets/source/ \
    --config false \
    --recursive true \
    --remember 7 \
    --salt ${_SALT} \
    --template assets/templates/password_template.html \
    --template-button "DECRYPTER" \
    --template-instructions "Crypté avec StatiCrypt." \
    --template-error "Mot de passe incorrect !" \
    --template-placeholder "Mot de passe" \
    --template-remember "Se souvenir de moi" \
    --template-title "${_TITLE}" && \
  cat <<- HEREDOC > .staticrypt.conf
	STATIC=$_DEST
	PASSWORD=$_PASS
	SALT=$_SALT
	URL=$_URL
	TITLE=$_TITLE
	DECRYPTURL=$_URL$_URLHASH
	LOGOUTURL=$_URL#staticrypt_logout
	HEREDOC

# copy assets and encrypted files to the webroot
cp -r assets/root/* $_DEST/
cp -r encrypted/source/* $_DEST/

cat .staticrypt.conf