REGISTRY=forgejo.gravityfargo.dev
OWNER=gravityfargo
IMAGE=bluesky-pds
TAG=0.4.74
CONFIG_FILE=config/pds.env

export DOCKER_BUILDKIT=1
# export BUILDKIT_PROGRESS=plain

.PHONY: build
build:
	docker build --tag $(REGISTRY)/$(OWNER)/$(IMAGE):$(TAG) .

.PHONY: create-config
create-config:
	@if [ -f $(CONFIG_FILE) ]; then \
		echo "Config already exists. Exiting."; \
		exit 0; \
	else \
		mkdir -p config; \
		echo "PDS_JWT_SECRET=" >> $(CONFIG_FILE); \
		echo "PDS_ADMIN_PASSWORD=" >> $(CONFIG_FILE); \
		echo "PDS_PLC_ROTATION_KEY_K256_PRIVATE_KEY_HEX=" >> $(CONFIG_FILE); \
		echo "PDS_HOSTNAME=" >> $(CONFIG_FILE); \
		echo "Done."; \
		echo "run 'make generate' to generate secrets"; \
	fi

.PHONY: generate-secrets
generate-secrets:
	@echo "Generating secrets..."
	$(eval GENERATE_SECURE_SECRET_CMD=openssl rand --hex 16)
	$(eval GENERATE_K256_PRIVATE_KEY_CMD=openssl ecparam --name secp256k1 --genkey --noout --outform DER | tail --bytes=+8 | head --bytes=32 | xxd --plain --cols 32)
	$(eval PDS_ADMIN_PASSWORD=$(shell ${GENERATE_SECURE_SECRET_CMD}))
	$(eval PDS_JWT_SECRET=$(shell ${GENERATE_SECURE_SECRET_CMD}))
	$(eval PDS_PLC_ROTATION_KEY_K256_PRIVATE_KEY_HEX=$(shell ${GENERATE_K256_PRIVATE_KEY_CMD}))

	@sed -i "s/^PDS_ADMIN_PASSWORD=.*/PDS_ADMIN_PASSWORD=${PDS_ADMIN_PASSWORD}/" $(CONFIG_FILE) || echo "PDS_ADMIN_PASSWORD=${PDS_ADMIN_PASSWORD}" >> $(CONFIG_FILE)
	@sed -i "s/^PDS_JWT_SECRET=.*/PDS_JWT_SECRET=${PDS_JWT_SECRET}/" $(CONFIG_FILE) || echo "PDS_JWT_SECRET=${PDS_JWT_SECRET}" >> $(CONFIG_FILE)
	@sed -i "s/^PDS_PLC_ROTATION_KEY_K256_PRIVATE_KEY_HEX=.*/PDS_PLC_ROTATION_KEY_K256_PRIVATE_KEY_HEX=${PDS_PLC_ROTATION_KEY_K256_PRIVATE_KEY_HEX}/" $(CONFIG_FILE) || echo "PDS_PLC_ROTATION_KEY_K256_PRIVATE_KEY_HEX=${PDS_PLC_ROTATION_KEY_K256_PRIVATE_KEY_HEX}" >> $(CONFIG_FILE)

	@echo "Done."

.PHONY: run
run:
	docker compose up

.PHONY: push
push:
	docker push $(REGISTRY)/$(OWNER)/$(IMAGE):$(TAG)