#!/bin/bash

# Check if email and domain parameters are provided
if [ $# -ne 2 ]; then
    echo "Usage: $0 <email> <domain>"
    exit 1
fi

EMAIL=$1
DOMAIN=$2

# Install Docker
curl -fsSL https://get.docker.com -o get-docker.sh
sudo sh get-docker.sh
sudo usermod -aG docker $USER

# Clone Dify repository
git clone https://github.com/langgenius/dify.git
cd dify

# Copy .env.example to .env
cp docker/.env.example docker/.env

# Update .env
sed -i 's/^NGINX_SSL_CERT_FILENAME=.*/NGINX_SSL_CERT_FILENAME=fullchain.pem/' docker/.env
sed -i 's/^NGINX_SSL_CERT_KEY_FILENAME=.*/NGINX_SSL_CERT_KEY_FILENAME=privkey.pem/' docker/.env
sed -i 's/^NGINX_ENABLE_CERTBOT_CHALLENGE=.*/NGINX_ENABLE_CERTBOT_CHALLENGE=true/' docker/.env
sed -i "s/^CERTBOT_DOMAIN=.*/CERTBOT_DOMAIN=$DOMAIN/" docker/.env
sed -i "s/^CERTBOT_EMAIL=.*/CERTBOT_EMAIL=$EMAIL/" docker/.env

# Update SERVICE_API_URL and APP_WEB_URL
sed -i "s|^SERVICE_API_URL=.*|SERVICE_API_URL=https://$DOMAIN|" docker/.env
sed -i "s|^APP_WEB_URL=.*|APP_WEB_URL=https://$DOMAIN|" docker/.env

# Prune Docker networks and start containers
sudo docker network prune -f
sudo docker compose -f docker/docker-compose.yaml --profile certbot up --force-recreate -d


# Run certbot
sudo docker compose -f docker/docker-compose.yaml exec -T certbot /bin/sh /update-cert.sh

# Enable HTTPS
sed -i 's/^NGINX_HTTPS_ENABLED=.*/NGINX_HTTPS_ENABLED=true/' docker/.env

# Recreate nginx container
sudo docker compose -f docker/docker-compose.yaml --profile certbot up -d --no-deps --force-recreate nginx

echo "Dify installation with SSL is complete. Please check https://$DOMAIN"