#!/bin/bash

echoerr() { echo "$@" 1>&2; }

set -eu

TMPFILE="${MFMODULE_RUNTIME_HOME}/tmp/nginx_conf.$$"
TMPFILE2="${MFMODULE_RUNTIME_HOME}/tmp/nginx_conf2.$$"
TMPFILE3="${MFMODULE_RUNTIME_HOME}/tmp/nginx_conf3.$$"

if test -f "${MFMODULE_RUNTIME_HOME}/var/uuid"; then
    UUID=$(cat "${MFMODULE_RUNTIME_HOME}/var/uuid")
    if test "${UUID}" = ""; then
        UUID="unknown"
    fi
else
    UUID="unknown"
fi
export UUID

if test "${MFSERV_NGINX_HTTPS_PORT}" != "null"; then
    if test "${MFSERV_NGINX_SSL_CERTIFICATE}" = "/dev/null"; then
        echoerr "ERROR: MFSERV_NGINX_HTTPS_PORT != null but MFSERV_NGINX_SSL_CERTIFICATE is not set"
        exit 1
    fi
    if test "${MFSERV_NGINX_SSL_CERTIFICATE_KEY}" = "/dev/null"; then
        echoerr "ERROR: MFSERV_NGINX_HTTPS_PORT != null but MFSERV_NGINX_SSL_CERTIFICATE_KEY is not set"
        exit 1
    fi
    if ! test -r "${MFSERV_NGINX_SSL_CERTIFICATE}"; then
        echoerr "ERROR: MFSERV_NGINX_SSL_CERTIFICATE:${MFSERV_NGINX_SSL_CERTIFICATE} is not readable by ${MFMODULE_RUNTIME_USER} unix user"
        exit 1
    fi
    if ! test -r "${MFSERV_NGINX_SSL_CERTIFICATE_KEY}"; then
        echoerr "ERROR: MFSERV_NGINX_SSL_CERTIFICATE:${MFSERV_NGINX_SSL_CERTIFICATE_KEY} is not readable by ${MFMODULE_RUNTIME_USER} unix user"
        exit 1
    fi
fi

__make_nginx_conf "$@" >"${TMPFILE}"
nginxfmt.py "${TMPFILE}"
# FIXME: ugly hack to circumvent nginxfmt problem with JSON
cat -s "${TMPFILE}" |sed 's/~~~1/{/g' |sed 's/~~~2/}/g' |grep -v 'FIXME: ugly hack' >"${TMPFILE2}"
rm -f "${TMPFILE}"

if ! test -f "${MFMODULE_RUNTIME_HOME}/tmp/config_auto/mime.types"; then
    cp -f "${MFEXT_HOME}/opt/openresty/config/mime.types" "${MFMODULE_RUNTIME_HOME}/tmp/config_auto/mime.types"
fi
set +e
"${MFEXT_HOME}/opt/openresty/nginx/sbin/nginx" -t -c "${TMPFILE2}" >"${TMPFILE3}" 2>&1
if test $? -ne 0; then
    >&2 echo "ERROR: bad nginx configuration (${TMPFILE2} => see ${TMPFILE3} for details"
    exit 1
fi
set -e

cat "${TMPFILE2}"
rm -f "${TMPFILE2}" "${TMPFILE3}"
