#!/bin/bash

if [ "${EUID}" -ne 0 ]; then
  echo "You must be root to run this installer."
  exit
fi

# check  Debian 12 (bookworm)
os_codename=`lsb_release -cs`
if [[ $os_codename != bookworm ]]; then
  echo "This installer only runs on Debian 12 (Bookworm), bailing out."
  exit 1
fi

# Check for vmail-stack & vhost-stack installs
if [ ! -f "/usr/local/bin/vhost.sh" ] || [ ! -f "/usr/local/bin/vmail.sh" ]; then
  echo "You must install vhost-stack & vmail-stack first."
  exit 1
fi

FQDN=`hostname -f`

# install mailman3-full
apt -y install python3-pymysql python3-mysqldb
echo "mailman3 mailman3/database-type select mysql" | debconf-set-selections
echo "mailman3-web mailman3-web/database-type select mysql" | debconf-set-selections
echo "mailman3-web mailman3-web/superuser-mail string webmaster@$FQDN" | debconf-set-selections
DEBIAN_FRONTEND=noninteractive apt-get -y install mailman3-full
systemctl stop mailman3.service
systemctl stop mailman3-web.service

# enable apache proxy_uwsgi_module for mailman3
a2enmod proxy_uwsgi

# Enable Mailman3 admin on default server hostname
sed -i "s|#Include /etc/mailman3/apache.conf|Include /etc/mailman3/apache.conf|g" /etc/apache2/sites-available/001-default-ssl.conf

# configure mailman-hyperkitty.cfg
sed -i "s|base_url: http://localhost/mailman3/hyperkitty/|base_url: https://$FQDN/mailman3/hyperkitty/|g" /etc/mailman3/mailman-hyperkitty.cfg
MAILMAN_ARCHIVER_KEY=`grep MAILMAN_ARCHIVER_KEY /etc/mailman3/mailman-web.py | cut -d ' ' -f 3 | xargs`
sed -i "s|SecretArchiverAPIKey|$MAILMAN_ARCHIVER_KEY|g" /etc/mailman3/mailman-hyperkitty.cfg

# configure mailman-web.py
TIMEZONE=`cat /etc/timezone`
IP=`ip route get 1.1.1.1| head -n 1 | cut -d ' ' -f 7`
sed -i "s|root@localhost|webmaster@$FQDN|g" /etc/mailman3/mailman-web.py
sed -i "s|MAILMAN_ARCHIVER_FROM = ('127.0.0.1', '::1')|MAILMAN_ARCHIVER_FROM = ('127.0.0.1', '::1', '$IP')|g" /etc/mailman3/mailman-web.py
sed -i "s|'django_mailman3.lib.auth.fedora',|#'django_mailman3.lib.auth.fedora',|g" /etc/mailman3/mailman-web.py
sed -i 's|# SECURE_PROXY_SSL_HEADER =|SECURE_PROXY_SSL_HEADER =|g' /etc/mailman3/mailman-web.py
sed -i "s|TIME_ZONE =.*|TIME_ZONE = '$TIMEZONE'|g" /etc/mailman3/mailman-web.py
sed -i "s|localhost.local|$FQDN|g" /etc/mailman3/mailman-web.py
sed -i 's|postorius@{}|webmaster@{}|g' /etc/mailman3/mailman-web.py
sed -i 's|root@{}|webmaster@{}|g' /etc/mailman3/mailman-web.py
echo "" >> /etc/mailman3/mailman-web.py
echo "# fix retry must be larger than timeout error" >> /etc/mailman3/mailman-web.py
echo "Q_CLUSTER = {" >> /etc/mailman3/mailman-web.py
echo "    'timeout': 300," >> /etc/mailman3/mailman-web.py
echo "    'retry': 360," >> /etc/mailman3/mailman-web.py
echo "    'save_limit': 100," >> /etc/mailman3/mailman-web.py
echo "    'orm': 'default'," >> /etc/mailman3/mailman-web.py
echo "    'poll': 5," >> /etc/mailman3/mailman-web.py
echo "}" >> /etc/mailman3/mailman-web.py
echo "" >> /etc/mailman3/mailman-web.py
echo "# Default primary key field type to use, required to avoid mysql errors."
echo "DEFAULT_AUTO_FIELD = 'django.db.models.AutoField'" >> /etc/mailman3/mailman-web.py
echo "" >> /etc/mailman3/mailman-web.py
echo "# Make DISPLAY NAME header based on virtualhost" >> /etc/mailman3/mailman-web.py
echo "SITE_ID = 0" >> /etc/mailman3/mailman-web.py
echo "" >> /etc/mailman3/mailman-web.py
echo "# Only show lists that match domain. Currently seems to only work for HyperKitty (archives)" >> /etc/mailman3/mailman-web.py
echo "FILTER_VHOST = True" >> /etc/mailman3/mailman-web.py

# configure mailman.cfg
sed -i "s|changeme@example.com|webmaster@$FQDN|g" /etc/mailman3/mailman.cfg
sed -i 's|noreply_address: noreply|noreply_address: webmaster|g' /etc/mailman3/mailman.cfg
sed -i 's|#incoming: mailman.mta.exim4.LMTP|incoming: mailman.mta.exim4.LMTP|g' /etc/mailman3/mailman.cfg
sed -i 's|incoming: mailman.mta.postfix.LMTP|#incoming: mailman.mta.postfix.LMTP|g' /etc/mailman3/mailman.cfg
sed -i 's|#configuration: python:mailman.config.exim4|configuration: python:mailman.config.exim4|g' /etc/mailman3/mailman.cfg
sed -i 's|configuration: python:mailman.config.postfix|#configuration: python:mailman.config.postfix|g' /etc/mailman3/mailman.cfg
echo "" >> /etc/mailman3/mailman.cfg
echo "# strip dkim, outgoing will be re-signed" >> /etc/mailman3/mailman.cfg
echo "remove_dkim_headers: yes" >> /etc/mailman3/mailman.cfg
echo "" >> /etc/mailman3/mailman.cfg
echo "[archiver.hyperkitty]" >> /etc/mailman3/mailman.cfg
echo "class: mailman_hyperkitty.Archiver" >> /etc/mailman3/mailman.cfg
echo "enable: yes" >> /etc/mailman3/mailman.cfg
echo "configuration: /etc/mailman3/mailman-hyperkitty.cfg" >> /etc/mailman3/mailman.cfg

# restart mailman3 services
systemctl start mailman3.service
systemctl start mailman3-web.service
systemctl reload apache2.service

echo ""
echo "To finish setting up Mailman3:"
echo "letsencrypt-certonly.sh -d $FQDN"
echo "a2ensite 001-default-ssl.conf"
echo "systemctl reload apache2"
echo "mailman-web createsuperuser"
echo "https://$FQDN/mailman3/admin"
echo "  Sites -> change example.com to $FQDN"
echo "sed -i 's|SITE_ID = 1|SITE_ID = 0|g' /etc/mailman3/mailman-web.py"
echo "systemctl restart mailman3-web.service"