#!/usr/bin/env bash
set -euo pipefail

usage() {
  cat <<'EOF'
Usage:
  init-node-shared-env --domain DOMAIN [--file .env.local] [--force] [--set KEY=VALUE ...]
  init-node-shared-env --help

Creates a shared env file under /var/www/nodeXX/DOMAIN/shared/ and seeds it with a safe template.
EOF
}

domain=""
file_name=".env.local"
force=0
declare -a kv_pairs=()

while [[ $# -gt 0 ]]; do
  case "$1" in
    --domain) domain="${2:-}"; shift 2 ;;
    --file) file_name="${2:-}"; shift 2 ;;
    --force) force=1; shift ;;
    --set) kv_pairs+=("${2:-}"); shift 2 ;;
    --help|-h) usage; exit 0 ;;
    *) echo "Unknown argument: $1" >&2; usage; exit 2 ;;
  esac
done

[[ -n "$domain" ]] || { usage; exit 2; }
[[ $(id -u) -eq 0 ]] || { echo 'Run as root' >&2; exit 1; }

env_file="/etc/node-sites/$domain.env"
[[ -f "$env_file" ]] || { echo "Node site env not found: $env_file" >&2; exit 1; }
# shellcheck disable=SC1090
source "$env_file"

: "${SITE_ROOT:?SITE_ROOT is required}"
: "${PORT:?PORT is required}"

target="$SITE_ROOT/shared/$file_name"
if [[ -e "$target" && "$force" -ne 1 ]]; then
  echo "Refusing to overwrite existing file: $target (use --force)" >&2
  exit 1
fi

mkdir -p "$(dirname "$target")"
{
  echo "# Managed by init-node-shared-env for $domain"
  echo "APP_NAME=$domain"
  echo "APP_ENV=production"
  echo "APP_DOMAIN=$domain"
  echo "APP_URL=https://$domain"
  echo "APP_PORT=$PORT"
  echo "SITE_GREETING=hello-from-shared-env"
  for item in "${kv_pairs[@]}"; do
    echo "$item"
  done
} > "$target"

chown git:webread "$target"
chmod 0640 "$target"
restorecon "$target" >/dev/null 2>&1 || true

echo "Initialized shared env: $target"
