#!/usr/bin/env bash

set -euxo pipefail

# Accept the name of the grid this system is part of as a parameter.  This
# lets us pick the correct morph grid source file later on.
GRIDNAME=$1
shift

# Determine the right branch name to use for the particular grid we've been
# told we belong to.  The grid name is a parameter to this script we can
# re-use it across all of our grids.  See deployment.nix for the ssh
# configuration that controls what value is actually passed when an update is
# triggered.
case "${GRIDNAME}" in
    "local")
	BRANCH="323.continuous-deployment"
	;;

    "testing")
	BRANCH="staging"
	;;

    "production")
	BRANCH="production"
	;;

    *)
	echo "Unknown grid: ${GRIDNAME}"
	exit 1
esac

# This is where we will maintain a checkout of PrivateStorageio for morph to
# use to compute the desired state.
CHECKOUT="${HOME}/PrivateStorageio"

# This is the address of the git remote where we can get the latest
# PrivateStorageio.
REPO="https://whetstone.privatestorage.io/privatestorage/PrivateStorageio.git"

if [ -e "${CHECKOUT}" ]; then
    # It exists already so just make sure it contains the latest changes from
    # the canonical repository.
    git -C "${CHECKOUT}" fetch
else
    # It doesn't exist so clone it.
    git clone "${REPO}" "${CHECKOUT}"
fi

# Get us to a pristine checkout of the right branch.
git -C "${CHECKOUT}" reset --hard "origin/${BRANCH}"

# If we happen to be on the local grid then fix the undefined key.
if [ "${GRIDNAME}" = "local" ]; then
    KEY="$(cat /etc/ssh/authorized_keys.d/vagrant)"
    sed -i "s_undefined_\"${KEY}\"_" "${CHECKOUT}"/morph/grid/${GRIDNAME}/public-keys/users.nix
fi

# Compute a log message explaining what we're doing.
LOG_MESSAGE="$(date --iso-8601=seconds) $(git -C "${CHECKOUT}" rev-parse HEAD)"

# Make sure we use the right credentials and ask for the right account when
# morph makes the connection.  morph's deployment target for each host is the
# full domain name (even though the host is only named with the unqualified
# hostname in the morph grid definition) so compute an ssh config section that
# matches that.  Regardless, point this effort at localhost because we *know*
# it's just us we want to update.
cat > ~/.ssh/config <<EOF
Host $(hostname).$(domainname)
  HostName 127.0.0.1
  IdentityFile ~/.ssh/morph_key
  User root
EOF

# Make sure known_hosts has the host key in it.
ssh -o StrictHostKeyChecking=no "$(hostname).$(domainname)" ":"

# Set nixpkgs to our preferred version for the morph build.  The NIX_PATH
# environment variable itself receives special treatment by some parts of the
# system (especially those parts leading up to the execution of this script)
# so we pass the desired information through a different variable and then
# shuffle it into the right place here, just before it is needed.
export NIX_PATH="nixpkgs=$NIXPKGS_FOR_MORPH"

# Attempt to update just this host.  Choose the morph grid definition matching
# the grid we belong to and limit the morph deployment update to the host
# matching our name.  morph uses just the bare hostname without the domain
# part.
if morph deploy "${CHECKOUT}"/morph/grid/"${GRIDNAME}"/grid.nix switch --on "$(hostname)"; then
    # The deployment succeeded.  Record success along with context we pre-computed.
    echo "${LOG} OK" >> ${HOME}/updates.txt
else
    # Oops.  Not so fortunate.  Record failure.
    echo "${LOG} FAIL" >> ${HOME}/updates.txt
fi