#!/bin/sh
set -eu

usage() {
	cat <<-'EOF'
		Usage:
		  reconfigure [-n] [-U] [SHA]
		  reconfigure -h
	EOF
}

help() {
	cat <<-'EOF'


		Options:
		  -n            build the system, but don't switch to it (dry-run)
		  -U            pull the latest channels before reconfiguring
		  -h, --help    show this message

		  SHA           the repository SHA to checkout (default: main)


		Run a "guix system reconfigure" as root via "sudo -i".  If a -U
		flag is given, perform a "guix pull" (in root profile) prior to
		the reconfigure.  The user must be able to become the "deployer"
		user, either via "sudo reconfigure" or by being member of the
		"become-deployer" group.


		Examples:

		  Reconfigure the system:

		    $ reconfigure


		  Build the system on a custom SHA, but don't switch to it:

		    $ reconfigure -n 916dafc092f797349a54515756f2c8e477326511


		  Update and upgrade:

		    $ reconfigure -U
	EOF
}


for flag in "$@"; do
	case "$flag" in
		--)
			break
			;;
		--help)
			usage
			help
			exit
			;;
		*)
			;;
	esac
done

UPDATE=false
DRY_RUN=false
while getopts 'nUh' flag; do
	case "$flag" in
		n)
			DRY_RUN=true
			;;
		U)
			UPDATE=true
			;;
		h)
			usage
			help
			exit
			;;
		*)
			usage >&2
			exit 2
			;;
	esac
done
shift $((OPTIND - 1))

SHA="${1:-main}"
REPO='/srv/git/servers.git'
NOW="$(date '+%Y-%m-%dT%H:%M:%S%:z')"
NOW_DIR=/opt/deploy/"$NOW"
NPROC=$(($(nproc) * 2 + 1))


if [ "$(id -un)" != 'root' ]; then
	printf 'This script must be run as root.\n\n' >&2
	usage >&2
	exit 2
fi


set +eu
# shellcheck source=/dev/null
. /etc/rc
set -eu


if [ "$UPDATE" = true ] && [ "$DRY_RUN" = false ]; then
	sudo -i guix pull -v3
fi

set -x
sudo -u deployer git clone --depth=1 "file://$REPO" "$NOW_DIR"
sudo -u deployer rm -f /opt/deploy/current
sudo -u deployer ln -rs "$NOW_DIR" /opt/deploy/current
cd /opt/deploy/current
sudo -u deployer git fetch --depth=1 "file://$REPO" "$SHA"
sudo -u deployer --preserve-env=GIT_CONFIG_GLOBAL git checkout "$SHA"
guix system describe

if [ "$DRY_RUN" = true ]; then
	sudo -i guix system -c$NPROC -v3 build "$PWD"/src/infrastructure/guix/system.scm
else
	# COMMENT: pre-receive is always running the previous version!
	#          The same is true for the reconfigure script itself.
	sudo cp description                              "$REPO"/description
	sudo cp src/infrastructure/ci/git-pre-receive.sh "$REPO"/hooks/pre-receive
	sudo cp src/infrastructure/guix/channels.scm /etc/guix/
	sudo cp src/infrastructure/guix/system.scm   /etc/guix/

	sudo -i guix system -c$NPROC -v3 reconfigure /etc/guix/system.scm

	sudo -u andreh rsync \
		--chmod=D775,F664         \
		--chown=andreh:users      \
		-a                        \
		--exclude='dev/ci/*'      \
		/run/current-system/profile/share/doc/servers/ /srv/www/s/servers/
	deploy
fi