"""
This script builds a Debian container to test the server setup.

Requirements:
    * python3
    * podman
    * buildah

On SELinux systems, you have to run the following to be able to run containers with systemd inside (taken from `man podman run`):
    `sudo setsebool -P container_manage_cgroup true`

Run this script simply as a Python script:
    `python3 test_container.py`

You will need to edit the file `.env`.
Enter anything for the `SECRET_KEY` and `SECURITY_PASSWORD_SALT` (only for testing!).
Then set `SERVER_NAME=127.0.0.1:8080`.

The script will throw some errors related to systemd.
This is the case on `systemctl reboot` for example.
These errors should not be relevant.
They occur because of building an image and not running commands in a live server / container.

After running the script, visit `http://127.0.0.1:8080` in your browser.

If you want to clean up after testing with the container, run the following:
    `podman kill advlabdb`
    `podman rm advlabdb`
    `podman rmi advlabdb`
    `podman rmi systemd_debian`
"""

import subprocess  # nosec 404


def run(command, **kwargs):
    return subprocess.run(command, shell=True, **kwargs)  # nosec B602


def update_system(container_name):
    return run(f"buildah run {container_name} -- apt update && apt dist-upgrade -y && apt autoremove -y")


def run_a(command):
    return run(f"buildah run advlabdb -- {command}")


def main():
    print("<> Remove old Buildah containers")
    run("buildah rm -a")

    if run("podman image exists systemd_debian").returncode != 0:
        print("<> Build debian image with systemd")
        run("buildah from --name tmp docker.io/library/debian:latest")
        update_system("tmp")
        run("buildah run tmp -- apt install -y systemd systemd-sysv fish neovim fd-find ripgrep")
        run("buildah config --cmd /sbin/init con")
        print("<> Commit debian image with systemd")
        run("buildah commit --rm tmp systemd_debian")

    if run("podman container exists advlabdb").returncode == 0:
        print("<> Remove old advlabdb container")
        run("podman kill advlabdb")
        run("podman rm advlabdb")

    print("<> Build advlabdb image")
    run("buildah from --name advlabdb localhost/systemd_debian:latest")
    print("<> Root setup")
    update_system("advlabdb")
    run_a("apt install sudo python3 git -y")
    run_a("sudo useradd admin")
    run_a("sudo usermod -aG sudo admin")
    run_a("mkhomedir_helper admin")
    print("Enter new admin user password:")
    run_a("sudo passwd admin")

    print("<> Admin setup")
    run("buildah config --workingdir /home/admin -u admin advlabdb")
    run_a("git clone https://gitlab.rlp.net/mobitar/advlabdb.git")
    run("buildah config --workingdir /home/admin/advlabdb advlabdb")
    run_a("cp -v advlabdb/scripts/setup/advlabdb.conf.template advlabdb/scripts/setup/advlabdb.conf")
    run_a("cp -v .env.template .env")
    run_a("nvim .env")
    run_a("python3 advlabdb/scripts/setup/server_setup.py")
    run_a("/home/admin/.local/bin/poetry run python3 -m advlabdb.scripts.setup.init_database")

    run("buildah config -u root advlabdb")

    if run("podman image exists advlabdb").returncode == 0:
        print("<> Remove old image")
        run("podman rmi advlabdb")

    print("<> Commit image advlabdb")
    run("buildah commit --rm advlabdb advlabdb")

    print("<> Start container")
    run("podman run -dit --name advlabdb -p 8080:80 advlabdb:latest")

    print("<> Done! Now visit http://127.0.0.1:8080")


if __name__ == "__main__":
    main()