#!/bin/sh /etc/rc.common

. /usr/share/libubox/jshn.sh

START=99
USE_PROCD=1
PROG=/usr/bin/alist
LOG_FILE=/var/log/alist.log

get_config() {
	config_get_bool enabled $1 enabled 1
	config_get port $1 port 5244
	config_get allow_wan $1 allow_wan 0
	config_get delayed_start $1 delayed_start 0

	config_get force $1 force 1
	config_get site_url $1 site_url ""
	config_get cdn $1 cdn ""
	config_get jwt_secret $1 jwt_secret ""
	config_get data_dir $1 data_dir "/etc/alist"
	config_get temp_dir $1 temp_dir "/tmp/alist"
	config_get token_expires_in $1 token_expires_in 48
	config_get max_connections $1 max_connections 0
	config_get tls_insecure_skip_verify $1 tls_insecure_skip_verify 1

	# log
	config_get log $1 log 1
	config_get log_max_size $1 log_max_size 10
	config_get log_max_backups $1 log_max_backups 5
	config_get log_max_age $1 log_max_age 28
	config_get log_compress $1 log_compress 0

	# scheme
	config_get ssl $1 ssl 0
	config_get force_https $1 force_https 0
	config_get ssl_cert $1 ssl_cert ""
	config_get ssl_key $1 ssl_key ""

	# database
	config_get database_type $1 database_type "sqlite3"
	config_get mysql_host $1 mysql_host ""
	config_get mysql_port $1 mysql_port "3306"
	config_get mysql_username $1 mysql_username ""
	config_get mysql_password $1 mysql_password ""
	config_get mysql_database $1 mysql_database ""
	config_get mysql_table_prefix $1 mysql_table_prefix "x_"
	config_get mysql_ssl_mode $1 mysql_ssl_mode ""
	config_get mysql_dsn $1 mysql_dsn ""

	# tasks
	config_get download_workers $1 download_workers 5
	config_get download_max_retry $1 download_max_retry 1
	config_get transfer_workers $1 transfer_workers 5
	config_get transfer_max_retry $1 transfer_max_retry 2
	config_get upload_workers $1 upload_workers 5
	config_get upload_max_retry $1 upload_max_retry 0
	config_get copy_workers $1 copy_workers 5
	config_get copy_max_retry $1 copy_max_retry 2

	# cors
	config_get cors_allow_origins $1 cors_allow_origins '*'
	config_get cors_allow_methods $1 cors_allow_methods '*'
	config_get cors_allow_headers $1 cors_allow_headers '*'

	# s3
	config_get s3 $1 s3 0
	config_get s3_port $1 s3_port 5246
	config_get s3_ssl $1 s3_ssl 0

	config_load network
	config_get lan_addr lan ipaddr "0.0.0.0"
	if echo "${lan_addr}" | grep -Fq ' '; then
		lan_addr="0.0.0.0"
	else
		lan_addr=${lan_addr%%/*}
	fi

	# init jwt_secret
	[ -z "$jwt_secret" ] && jwt_secret=$(tr -cd "a-zA-Z0-9" < "/dev/urandom" | head -c16)
	uci -q set alist.@alist[0].jwt_secret="$jwt_secret"
	uci commit alist
}

set_firewall() {
	if [ "$external_access" = "allow" ]; then
		uci -q delete firewall.alist
		uci set firewall.alist=rule
		uci set firewall.alist.name="alist"
		uci set firewall.alist.target="ACCEPT"
		uci set firewall.alist.src="wan"
		uci set firewall.alist.proto="tcp"
		uci set firewall.alist.dest_port="$port"
		uci set firewall.alist.enabled="1"
		uci commit firewall
		/etc/init.d/firewall reload >/dev/null 2>&1
	elif [ "$external_access" = "deny" ]; then
		uci -q delete firewall.alist
		uci commit firewall
		/etc/init.d/firewall reload >/dev/null 2>&1
	fi
}

start_service() {
	config_load alist
	config_foreach get_config alist
	[ $enabled -ne 1 ] && return 1
	mkdir -p "$temp_dir" "$data_dir"
	[ "$ssl" -eq 1 ] && https_port=$port http_port="-1" || https_port="-1" http_port=$port
	if [ -e /proc/uptime ]; then
		[ $(awk -F. '{print $1}' /proc/uptime) -lt "120" ] && delayed_start=$delayed_start || delayed_start=0
	else
		delayed_start=$delayed_start
	fi
	if [ "$allow_wan" -eq "1" ]; then
		listen_addr="0.0.0.0"
		external_access="allow"
	else
		listen_addr=$lan_addr
		external_access="deny"
	fi

	set_firewall
	> $LOG_FILE

	# init config
	json_init
	json_add_boolean "force" "$force"
	json_add_string "site_url" "$site_url"
	json_add_string "cdn" "$cdn"
	json_add_string "jwt_secret" "$jwt_secret"
	json_add_int "token_expires_in" "$token_expires_in"

	# database
	json_add_object 'database'
		json_add_string "type" "$database_type"
		json_add_string "host" "$mysql_host"
		json_add_int "port" "$mysql_port"
		json_add_string "user" "$mysql_username"
		json_add_string "password" "$mysql_password"
		json_add_string "name" "$mysql_database"
		json_add_string "db_file" "$data_dir/data.db"
		json_add_string "table_prefix" "$mysql_table_prefix"
		json_add_string "ssl_mode" "$mysql_ssl_mode"
		json_add_string "dsn" "$mysql_dsn"
	json_close_object

	# meilisearch
	json_add_object "meilisearch"
		json_add_string "host" "http://localhost:7700"
		json_add_string "api_key" ""
		json_add_string "index_prefix" ""
	json_close_object

	# scheme
	json_add_object "scheme"
		json_add_string "address" "$listen_addr"
		json_add_int "http_port" "$http_port"
		json_add_int "https_port" "$https_port"
		json_add_boolean "force_https" "$force_https"
		json_add_string "cert_file" "$ssl_cert"
		json_add_string "key_file" "$ssl_key"
		json_add_string "unix_file" ""
		json_add_string "unix_file_perm" ""
	json_close_object

	json_add_string "temp_dir" "$temp_dir"
	json_add_string "bleve_dir" "$data_dir/bleve"
	json_add_string "dist_dir" ""

	# log
	json_add_object "log"
		json_add_boolean "enable" "$log"
		json_add_string "name" "$LOG_FILE"
		json_add_int "max_size" "$log_max_size"
		json_add_int "max_backups" "$log_max_backups"
		json_add_int "max_age" "$log_max_age"
		json_add_boolean "compress" "$log_compress"
	json_close_object

	json_add_int "delayed_start" "$delayed_start"
	json_add_int "max_connections" "$max_connections"
	json_add_boolean "tls_insecure_skip_verify" "$tls_insecure_skip_verify"

	# tasks
	json_add_object "tasks"
		json_add_object "download"
			json_add_int "workers" "$download_workers"
			json_add_int "max_retry" "$download_max_retry"
		json_close_object
		json_add_object "transfer"
			json_add_int "workers" "$transfer_workers"
			json_add_int "max_retry" "$transfer_max_retry"
		json_close_object
			json_add_object "upload"
			json_add_int "workers" "$upload_workers"
			json_add_int "max_retry" "$upload_max_retry"
		json_close_object
		json_add_object "copy"
			json_add_int "workers" "$copy_workers"
			json_add_int "max_retry" "$copy_max_retry"
		json_close_object
	json_close_object

	# cors
	json_add_object "cors"
		json_add_array "allow_origins"
		json_add_string "" "$cors_allow_origins"
		json_close_array
		json_add_array "allow_methods"
		json_add_string "" "$cors_allow_methods"
		json_close_array
		json_add_array "allow_headers"
		json_add_string "" "$cors_allow_headers"
		json_close_array
	json_close_object

	# s3
	json_add_object "s3"
		json_add_boolean "enable" "$s3"
		json_add_int "port" "$s3_port"
		json_add_boolean "ssl" "$s3_ssl"
	json_close_object

	json_dump > "$data_dir/config.json"

	procd_open_instance alist
	procd_set_param command $PROG
	procd_append_param command server
	procd_append_param command --data "$data_dir"
	procd_set_param file "$data_dir/config.json"
	procd_set_param stdout 0
	procd_set_param stderr 0
	procd_set_param respawn
	procd_set_param limits core="unlimited"
	procd_set_param limits nofile="200000 200000"
	procd_close_instance alist
}

service_triggers() {
	procd_add_reload_trigger "alist"
}

stop_service() {
	external_access="deny"
	set_firewall
}
