#!/bin/sh -e

if [ "$(uname -s)" = "Darwin" ]; then
	CUT="gcut"
	if ! command -v "${CUT}" >/dev/null 2>&1; then
		CUT="cut"
	fi
else
	CUT="cut"
fi

file_changed() {
	if [ ! -f "$1" ]; then
		if [ ! -f "$2" ]; then
			return 0
		else
			return 1
		fi
	fi
	if [ ! -f "$2" ]; then
		return 1
	fi
	oldfilehash="$(sha1sum "$1" | awk '{print $1}')"
	newfilehash="$(sha1sum "$2" | awk '{print $1}')"
	[ "${oldfilehash}" != "${newfilehash}" ]
}

if [ ! -d ~/.local/profile-git ]; then
	mkdir -p ~/.local/profile-git
	(
		cd ~/.local/profile-git
		git init
		git remote add origin https://git.icedream.tech/icedream/profile.git
	)
fi

(
	cd ~/.local/profile-git
	
	if [ "${_CHECKOUT_DONE:-0}" -lt 1 ]; then
		echo "Fetching updates for profile..."
		git fetch -p 

		# Synchronizing valid GPG keys
		echo "Preparing for update verification..."
		export GNUPGHOME="$HOME/.local/profile-data/gnupg"
		mkdir -p "${GNUPGHOME}"
		chmod 700 "${GNUPGHOME}"
		for key in \
			B5108C5A158A6608AD3361DA1573F6D8EFE4D0CF \
			04ADEF85EA6AEC6F75941E84468BBEEBB9EC6AEA \
			; do
			if ! gpg --list-keys "${key}" >/dev/null 2>&1; then
				# key does not exist yet
				gpg --keyserver keyserver.ubuntu.com --recv-keys "${key}"
			fi
		done

		echo "Verifying updates..."
		ref="origin/master"
		diffref="${ref}"
		if git rev-parse HEAD >/dev/null 2>&1; then
			diffref="HEAD..${diffref}"
		fi
		git rev-list --format=oneline "${diffref}" | while IFS= read -r line; do
			sha="$(echo "$line" | awk '{print $1}')"
			title="$(echo "$line" | "${CUT}" -f 1 -d ' ' --complement)"
			printf "  … $title\r  "
			if ! git verify-commit "$sha" >/dev/null 2>&1; then
				echo  "✘"
				echo "Found incorrectly signed commit, NOT applying. Contact the maintainer on the issue tracker."
				exit 1
			fi
			echo "✔"
		done

		echo "All commits passed, now applying updates..."
		if git rev-parse HEAD >/dev/null 2>&1; then
			git rebase "${ref}"
		else
			git checkout -f "${ref}"
		fi
		git submodule update --init
		
		if file_changed "${HOME}/.local/bin/update-profile" "home/dotfiles/local/bin/update-profile"; then
			# Use new profile update script instead
			# Putting exit 0 on same line here for security since the old script
			# will be deleted.
			echo "Using newer profile update script."
			export _CHECKOUT_DONE=1
			exec home/dotfiles/local/bin/update-profile
		fi
	fi

	# patch up $PATH for now
	export PATH="$HOME/.local/bin:$PATH"

	echo "Running package installation..."
	cd packages
	./packages.sh

	echo "Running profile installation..."
	cd ..
	if [ -f "${HOME}/bin/update-profile" ]; then
		mv "${HOME}/bin/update-profile" "${HOME}/bin/update-profile.old"
	fi
	./install.sh

)

rm -f "${HOME}/.local/bin/update-profile.old" "${HOME}/bin/update-profile"