#!/usr/bin/env bash

ABSDIR="$( dirname "$(readlink -f -- "$0")" )"
source ${ABSDIR}/../functions.sh
source ${ABSDIR}/vars.sh

ensure_pwd_is_scriptdir
ensure_not_root

if ! podman volume exists ${srvdata_volume} ; then
    echo "Error : data volume ${srvdata_volume} does not exists. Consider running 05_freshinstall.sh if this is the first install."
    exit 1
fi

git clone -b ${version} --depth=1 https://github.com/PrivateBin/docker-nginx-fpm-alpine &&
sed -i "s#mv cfg lib tpl vendor /srv#mv cfg lib tpl vendor /srv \&\& sed -i \\'/Content-Security-Policy\\\|X-XSS-Protection\\\|X-Frame-Options\\\|X-Content-Type-Options/d\\' /srv/lib/Controller.php#" docker-nginx-fpm-alpine/Dockerfile
podman build -t privatebin-nginx-fpm-alpine docker-nginx-fpm-alpine &&
rm -rf docker-nginx-fpm-alpine &&
podman volume create ${run_volume} &&
podman volume create ${tmp_volume} &&
podman volume create ${varlibnginxtmp_volume} &&
podman unshare chown -R 65534:82 `get_podman_volume_path ${run_volume}` &&
podman unshare chown -R 65534:82 `get_podman_volume_path ${varlibnginxtmp_volume}` &&
podman run -d --read-only --restart=always --name ${container_name} \
       -p ${listen_if}:${listen_port}:8080 \
       -v ${run_volume}:/run:Z \
       -v ${tmp_volume}:/tmp:Z \
       -v ${srvdata_volume}:/srv/data:Z \
       -v ${varlibnginxtmp_volume}:/var/lib/nginx/tmp:Z \
       privatebin-nginx-fpm-alpine &&
( podman logs -f ${container_name} 2>&1 & ) | grep -q 'NOTICE: ready to handle connections' &&
podman stop ${container_name} &&
echo Container ${container_name} successfully built and stopped.