# vars
user="centos"
projectname="mysite"
hostname="centos.duco.net"
letsencrypt=False
pylink="https://www.python.org/ftp/python/3.7.0/Python-3.7.0.tar.xz"

# if you are doing this on a personal install you will prob need this.
install_epel_release=False

logdir = "/var/log/djangosetup/"
scriptdir = "/root/scripts"

yumlogloc=$logdir"yum.log"
yumlogmsg="See $yumlogloc for more info."

firelogloc=$logdir"firewall.log"
firelogmsg="See $firelogloc for more info."

pylogloc=$logdir"python.log"
pylogmsg="See $pylogloc for more info."

djalogloc=$logdir"django.log"
djamsg="See $djalogloc for more info."

gunicornlogloc=$logdir"gunicorn.log"

nginxlogloc=$logdir"nginx.log"

################################################################################
# Dependencies
# Installs Dependencies automatically
#TODO: 1. add success outputs to script
################################################################################

# check if root
if [[ $EUID -ne 0 ]]; then
   echo "This script must be run as root" 
   exit 1
fi
cd /root/

echo "Installing dependencies..."
# create necessary dirs
if [ ! -d $logdir ] ; then
	mkdir $logdir
fi
if [ $install_epel_release = True ] ; then
    yum -y install epel-release
fi

# install dependencies
yum -y install gcc wget nginx libsqlite3x-devel.x86_64 postgresql-server postgresql-devel postgresql-contrib bzip2-devel zlib-devel libffi-devel openssl-devel policycoreutils-python.x86_64 >> $yumlogloc
if [ $? -ne 0 ] ; then
	echo "yum failed to install a dependency. $yumlogmsg"
	exit 1
fi

# set firewall
echo "firewall-cmd --zone=public --add-port=80/tcp --permanent" > $firelogloc
firewall-cmd --zone=public --add-port=80/tcp --permanent >> $firelogloc
if [ $? -ne 0 ] ; then
	echo "firewall failed to update port 80 correctly (this may not be an issue). $firelogmsg"
fi

echo "firewall-cmd --zone=public --add-port=443/tcp --permanent" >> $firelogloc
firewall-cmd --zone=public --add-port=443/tcp --permanent >> $firelogloc
if [ $? -ne 0 ] ; then
	echo "firewall failed to update port 443 correctly, (this may not be an issue). $firelogmsg"
fi

echo "firewall-cmd --reload" >> $firelogloc
firewall-cmd --reload >> $firelogloc
if [ $? -ne 0 ] ; then
	echo "firewall failed to reload, (this may not be an issue). $firelogmsg"
fi

echo "semanage permissive -a httpd_t" >> $firelogloc
semanage permissive -a httpd_t >> $firelogloc
if [ $? -ne 0 ] ; then
	echo "semanage failed to set permissive. See $firelogmsg"
	exit 1
fi
echo "Done."

################################################################################
# Python
# Download and setup Python and modules
# TODO: 1.
################################################################################
echo "Installing python..."
wget -q $pylink > $pylogloc
if [ $? -ne 0 ] ; then
	echo "Failed to fetch python, make sure wget is installed and $pylink is what you're after. $pylogmsg"
    exit 1
fi
tar xf Python-3.7.0.tar.xz >> $pylogloc
if [ $? -ne 0 ] ; then
	echo "Failed to unzip python. $pylogmsg"
    exit 1
fi
cd Python-3.7.0
if [ $? -ne 0 ] ; then
	echo "Missing python directory. $pylogmsg"
    exit 1
fi
./configure --prefix /usr/src/python37 >> $pylogloc
if [ $? -ne 0 ] ; then
	echo "./configure failed. $pylogmsg"
    exit 1
fi
make --quiet >> $pylogloc
if [ $? -ne 0 ] ; then
	echo "make failed. $pylogmsg"
    exit 1
fi
make --quiet altinstall >> $pylogloc
if [ $? -ne 0 ] ; then
	echo "make altinstall failed. $pylogmsg"
    exit 1
fi
/usr/src/python37/bin/python3.7 -m pip install --upgrade pip >> $pylogloc
if [ $? -ne 0 ] ; then
	echo "pip upgrade failed. $pylogmsg"
    exit 1
fi
/usr/src/python37/bin/python3.7 -m pip install virtualenv >> $pylogloc
if [ $? -ne 0 ] ; then
	echo "installing virtualenv failed. $pylogmsg"
    exit 1
fi
cd /root/
rm Python-3.7.0.tar.xz >> $pylogloc
if [ $? -ne 0 ] ; then
	echo "Failed to remove Python tar file. $pylogmsg"
fi
echo "Done."

################################################################################
# Django
# Download, setup and configure Django
# TODO: 1.
################################################################################
echo "Starting Django project..."
if [ ! -d "/home/$user" ] ; then
	mkdir /home/$user
    chown -R $user:$user /home/$user
fi
mkdir /home/$user/$projectname
if [ $? -ne 0 ] ; then
	echo "Failed to create $projectname directory. $djamsg"
    exit 1
fi
cd /home/$user/
/usr/src/python37/bin/python3.7 -m virtualenv $projectname/venv >> $djaloglo
if [ $? -ne 0 ] ; then
	echo "Failed to create virtual environment. $djamsg"
    exit 1
fi
source $projectname/venv/bin/activate >> $djalogloc
if [ $? -ne 0 ] ; then
	echo "Failed to source virtual environment. $djamsg"
    exit 1
fi
pip install django gunicorn psycopg2-binary >> $djalogloc
if [ $? -ne 0 ] ; then
	echo "Failed to install pip dependencies. $djamsg"
    exit 1
fi
cd $projectname
django-admin startproject $projectname >> $djalogloc
if [ $? -ne 0 ] ; then
	echo "Failed to start project $projectname with django-admin. $djamsg"
    exit 1
fi
cd /home/$user/
echo "echo sed -i 's/ALLOWED_HOSTS = []/ALLOWED_HOSTS = [\"$hostname\"]/' $projectname/$projectname/$projectname/settings.py" >> $djamsg
sed -i "s/ALLOWED_HOSTS = \[\]/ALLOWED_HOSTS = \[\"$hostname\"\]/" $projectname/$projectname/$projectname/settings.py
if [ $? -ne 0 ] ; then
	echo "Failed to change ALLOWED_HOSTS. $djamsg"
    exit 1
fi
echo "echo STATIC_ROOT = os.path.join(BASE_DIR, 'static') >> $projectname/$projectname/$projectname/settings.py"
echo "STATIC_ROOT = os.path.join(BASE_DIR, 'static')" >> $projectname/$projectname/$projectname/settings.py
if [ $? -ne 0 ] ; then
	echo "Failed to append STATIC_ROOT. $djamsg"
    exit 1
fi
python $projectname/$projectname/manage.py collectstatic
if [ $? -ne 0 ] ; then
	echo "Failed to collect static files. $djamsg"
    exit 1
fi
python $projectname/$projectname/manage.py makemigrations
if [ $? -ne 0 ] ; then
	echo "Failed to make migrations. $djamsg"
    exit 1
fi
python $projectname/$projectname/manage.py migrate
if [ $? -ne 0 ] ; then
	echo "Failed to migrate. You do not survive the winter. $djamsg"
    exit 1
fi
deactivate
if [ $? -ne 0 ] ; then
	echo "Failed to deactivate virtual environment, (this may not be an issue). $djamsg"
fi
chown -R $user:$user $projectname
if [ $? -ne 0 ] ; then
	echo "Failed to change permissions of $projectname. $djamsg"
    exit 1
fi
cd /root/
echo "Done."

################################################################################
# Gunicorn
# configure gunicorn.conf file
################################################################################
echo "Setting up gunicorn..."
echo "
[Unit]
Description=gunicorn daemon
After=network.target

[Service]
User=$user
Group=nginx
WorkingDirectory=/home/$user/$projectname/$projectname
ExecStart=/home/$user/$projectname/venv/bin/gunicorn --workers 3 --bind unix:/home/$user/$projectname/$projectname.sock $projectname.wsgi:application

[Install]
WantedBy=multi-user.target" > /etc/systemd/system/gunicorn.service
systemctl start gunicorn > $gunicornlogloc
systemctl status gunicorn >> $gunicornlogloc
echo "Done."

################################################################################
# Nginx
# configure nginx
################################################################################
echo "Configuring Nginx..."
echo "
server {
    listen 80;
    server_name $hostname;

    location = /favicon.ico { access_log off; log_not_found off; }
    location /static/ {
        root /home/$user/$projectname/$projectname;
    }

    location / {
        proxy_set_header Host \$http_host;
        proxy_set_header X-Real-IP \$remote_addr;
        proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto \$scheme;
        proxy_pass http://unix:/home/$user/$projectname/$projectname.sock;
    }
}" > /etc/nginx/conf.d/mysite.conf
# set the nginx user
if [ ! $user = "nginx" ] ; then
    sed -i "s/user nginx/user $user nginx/" /etc/nginx/nginx.conf
fi
systemctl restart nginx >> $nginxlogloc
systemctl status nginx >> $nginxlogloc

echo "Done. Logs can be found in $logdir"