#!/bin/bash
export PATH=/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin:$PATH

: '
Copyright (C) 2022 - now  HaoZi Technology Co., Ltd.

This program is free software: you can redistribute it and/or modify
it under the terms of the GNU Affero General Public License as published
by the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.

This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
GNU Affero General Public License for more details.

You should have received a copy of the GNU Affero General Public License
along with this program.  If not, see <https://www.gnu.org/licenses/>.
'

source <(curl -f -s --connect-timeout 10 --retry 3 https://dl.cdn.haozi.net/panel/public.sh)
if [ $? -ne 0 ]; then
    echo "下载 public.sh 失败，请检查网络或稍后重试。"
    echo "Download public.sh failed, please check the network or try again later."
    exit 1
fi

channel=${1}
version=${2}
code_server_path="${setup_path}/server/code-server"

if [ ! -d "${code_server_path}" ]; then
    mkdir -p ${code_server_path}
fi

# 架构判断
if [ ${ARCH} == "x86_64" ]; then
    code_server_file="code-server-${version}-linux-amd64.7z"
elif [ ${ARCH} == "aarch64" ]; then
    code_server_file="code-server-${version}-linux-arm64.7z"
else
    error "不支持的架构"
fi

# 下载
cd ${code_server_path}
wget --retry-connrefused --retry-on-host-error --retry-on-http-error=429,500,502,503,504 -t 10 -T 120 -O ${code_server_path}/${code_server_file} ${download_url}/code-server/${code_server_file}
wget --retry-connrefused --retry-on-host-error --retry-on-http-error=429,500,502,503,504 -t 10 -T 120 -O ${code_server_path}/${code_server_file}.sha256 ${download_url}/code-server/${code_server_file}.sha256
if ! sha256sum --status -c ${code_server_path}/${code_server_file}.sha256; then
    rm -rf ${code_server_path}
    error "code-server 校验失败"
fi

# 解压
cd ${code_server_path}
7z x ${code_server_file}
rm -f ${code_server_file} ${code_server_file}.sha256
if [ ! -f "${code_server_path}/bin/code-server" ]; then
    rm -rf ${code_server_path}
    error "code-server 解压失败"
fi

# 初始化目录
chown -R root:root ${code_server_path}
chmod -R 700 ${code_server_path}
ln -sf ${code_server_path}/bin/code-server /usr/local/bin/code-server

# 写入配置
password=$(cat /dev/urandom | head -n 16 | sha256sum | head -c 16)
cat >/root/.config/code-server/config.yaml <<EOF
bind-addr: 0.0.0.0:9999
auth: password
password: ${password}
cert: true
EOF
chmod 600 /root/.config/code-server/config.yaml

# 配置systemd
cat >/etc/systemd/system/code-server.service <<EOF
[Unit]
Description=VSCode on the web
After=network.target

[Service]
User=root
Group=root

WorkingDirectory=${code_server_path}
ExecStart=/usr/local/bin/code-server --disable-telemetry

[Install]
WantedBy=multi-user.target
EOF

chmod 644 /etc/systemd/system/code-server.service

systemctl daemon-reload
systemctl enable --now code-server
if [ "$?" != "0" ]; then
    error "启动失败"
fi

# 防火墙
firewall-cmd --zone=public --add-port=9999/tcp --permanent
firewall-cmd --reload

panel-cli app write code-server ${channel} ${version}

echo -e $HR
echo "安装完成"
echo -e $HR