#!/bin/ash
set -e

trap appStop SIGINT SIGTERM

appStart () {

  BURPUI_CONFIG=${BURPUI_CONFIG:-/etc/burp/burpui.cfg}
  BURPUI_CLIENT_NAME=${BURPUI_CLIENT_NAME:-bui}
  BURPUI_VERBOSE=${BURPUI_VERBOSE:-0}
  BURPUI_UID=${BURPUI_UID:-5337}
  BURPUI_GID=${BURPUI_GID:-5337}
  BURP_CLIENT_CONFIG=${BURP_CLIENT_CONFIG:-/tmp/burp.conf}
  BURP_SERVER_CONFIG=${BURP_SERVER_CONFIG:-/etc/burp/burp-server.conf}
  BURP_SERVER_ADDR=${BURP_SERVER_ADDR:-auto}
  REDIS_SERVER=${REDIS_SERVER:-redis:6379}
  DATABASE_URL=${DATABASE_URL:-postgresql://burpui:burpui@pgsql/burpuidb}
  TIMEZONE=${TIMEZONE:-Europe/Paris}

  [ -e /usr/share/zoneinfo/$TIMEZONE ] && {
    cp /usr/share/zoneinfo/$TIMEZONE /etc/localtime
    echo "$TIMEZONE" >/etc/timezone
  }

  # Create burp-ui User
  getent group | grep -q burpui || addgroup -g $BURPUI_GID burpui
  getent passwd | grep -q burpui || adduser -h /var/lib/burpui -D -s /bin/ash -u $BURPUI_UID -G burpui burpui
  chown -R burpui: /var/log/gunicorn

  [ -e /etc/burp/this_is_a_decoy_file_to_know_if_we_can_chown ] && {
    chown -R burpui: /etc/burp
    rm /etc/burp/this_is_a_decoy_file_to_know_if_we_can_chown
  }

  [ "$BURP_SERVER_ADDR" == "auto" ] && {
    BURP_SERVER_ADDR=$(ip route sh | grep default | awk '{print $3;}')
  }

  [ -e "$BURPUI_CONFIG" ] || {
    cp /usr/local/share/burpui/etc/burpui.sample.cfg $BURPUI_CONFIG
    chown burpui: $BURPUI_CONFIG
  }

  # wait for redis to be up
  sleep 3

  LOGFILE=$(mktemp)
  bui-manage -c $BURPUI_CONFIG setup_burp -b $BURP_CLIENT_CONFIG \
    -s $BURP_SERVER_CONFIG -h $BURP_SERVER_ADDR -c $BURPUI_CLIENT_NAME \
    -r $REDIS_SERVER -d $DATABASE_URL 2>&1 | tee $LOGFILE

  CELERY="True"
  grep -q "Unable to contact the redis server" $LOGFILE && CELERY=""
  rm $LOGFILE

  [ "$DATABASE_URL" != "none" ] && {
    su -l burpui -c "/usr/local/bin/bui-manage -c $BURPUI_CONFIG db upgrade"
  }

  # You can change log verbosity at runtime
  sed -r "s'@BURPUI_CONFIG@'$BURPUI_CONFIG'" /etc/supervisor.d/gunicorn.ini.sample >/etc/supervisor.d/gunicorn.ini
  sed -i -r "s'@BURPUI_VERBOSE@'$BURPUI_VERBOSE'" /etc/supervisor.d/gunicorn.ini

  ssl_cert_ca=$(grep -E "^\s*ssl_cert_ca\s*=" $BURP_CLIENT_CONFIG | cut -d= -f2 | sed -e "s/\s*//g")
  ssl_cert=$(grep -E "^\s*ssl_cert\s*=" $BURP_CLIENT_CONFIG | cut -d= -f2 | sed -e "s/\s*//g")
  ssl_key=$(grep -E "^\s*ssl_key\s*=" $BURP_CLIENT_CONFIG | cut -d= -f2 | sed -e "s/\s*//g")

  [ -z "$ssl_cert_ca" ] && {
    echo "Unable to locate ssl_cert_ca in $BURP_CLIENT_CONFIG"
    exit 1
  }
  [ -z "$ssl_cert" ] && {
    echo "Unable to locate ssl_cert in $BURP_CLIENT_CONFIG"
    exit 1
  }
  [ -z "$ssl_key" ] && {
    echo "Unable to locate ssl_key in $BURP_CLIENT_CONFIG"
    exit 1
  }

  # start supervisord
  /usr/bin/supervisord -c /etc/supervisord.conf

  echo "Starting crond..."
  supervisorctl start cron >/dev/null

  [ -n "$CELERY" ] && {
    echo "Starting bui-celery..."
    supervisorctl start bui-celery >/dev/null
  }

  echo "Starting gunicorn..."
  supervisorctl start gunicorn >/dev/null

  # wait a bit for the logs to be populated
  sleep 2

  # watch the access logs
  tail -F /var/log/gunicorn/burp-ui_info.log
}

appStop() {
  echo ""
  echo "Stopping gunicorn..."
  supervisorctl stop gunicorn >/dev/null
  echo "Stopping crond..."
  supervisorctl stop cron >/dev/null
  echo "Stopping supervisord..."
  kill -15 $(cat /var/run/supervisord.pid)
  exit
}

appHelp () {
  echo "Available options:"
  echo " app:start          - Starts the burp-ui server (default)"
  echo " app:help           - Displays the help"
  echo " [command]          - Execute the specified linux command eg. bash."
}

case "$1" in
  app:start)
    appStart
    ;;
  *)
    if [ -x $1 ]; then
      $1
    else
      prog=$(which $1)
      if [ -n "${prog}" ] ; then
        shift 1
        $prog $@
      else
        appHelp
      fi
    fi
    ;;
esac

exit 0
