#!/bin/bash

exname=$(basename $0)

prefix_cmd="
. /etc/shlib

include common
include parse

. ../lib/common

"


##
## print_bytes
##

# mock
relation-get() {
    local key="$1"
    echo "$CFG" | shyaml get-value "$key" 2>/dev/null
}
export -f relation-get

try "
DOMAIN=www.example.com
DOCKER_SITE_PATH=/var/www/\$DOMAIN
apache_vhost_statement ,http,"
noerror
is out '<VirtualHost *:80>

    ServerAdmin contact@www.example.com
    ServerName www.example.com

    ServerSignature Off
    CustomLog /var/log/apache2/www.example.com_access.log combined
    ErrorLog /var/log/apache2/www.example.com_error.log
    ErrorLog syslog:local2

    ##
    ## Publish directory /var/www/www.example.com
    ##

    DocumentRoot /var/www/www.example.com

    <Directory />
        Options FollowSymLinks
        AllowOverride None
    </Directory>

    <Directory /var/www/www.example.com>
        Options Indexes FollowSymLinks MultiViews
        AllowOverride all
        Allow from all
    </Directory>

    ## Forbid any cache, this is only usefull on dev server.
    #Header set Cache-Control "no-cache"
    #Header set Access-Control-Allow-Origin "*"
    #Header set Access-Control-Allow-Methods "POST, GET, OPTIONS"
    #Header set Access-Control-Allow-Headers "origin, content-type, accept"

</VirtualHost>' RTRIM

##
## Aliases
##

try "
DOMAIN=www.example.com
DOCKER_SITE_PATH=/var/www/\$DOMAIN
CFG='
server-aliases:
- toto
'
apache_vhost_statement ,http,"
noerror
is out reg 'ServerAlias toto'


try "
DOMAIN=www.example.com
DOCKER_SITE_PATH=/var/www/\$DOMAIN
CFG='
server-aliases:
- toto
- titi
'
apache_vhost_statement ,http,"
noerror
is out reg 'ServerAlias toto'
is out reg 'ServerAlias titi'


##
## Creds
##

try "
DOMAIN=www.example.com
DOCKER_SITE_PATH=/var/www/\$DOMAIN
CFG=''
apache_vhost_statement ,http," "credentials allow all"
noerror
is out reg 'Allow from all'


try "
DOMAIN=www.example.com
DOCKER_SITE_PATH=/var/www/\$DOMAIN
CFG='
creds:
  toto: xxx
  titi: yyy
'
apache_vhost_statement ,http," "credentials with basic auth user/pass"
noerror
is out reg 'AuthType basic'
is out reg 'Require valid-user'


##
## proxy
##

try "
DOMAIN=www.example.com
DOCKER_SITE_PATH=/var/www/\$DOMAIN
CFG='
target: popo:3333
creds:
  toto: titi
'
proxy=yes apache_vhost_statement ,http," "proxy explicit target"
noerror
is out reg 'ProxyPass / http://popo:3333/'
is out part '
        <Location / >
            AuthType basic
            AuthName "private"
            AuthUserFile /etc/apache2/sites-enabled/www.example.com.passwd
            Require valid-user
            ProxyPassReverse /
        </Location>
'

##
## ssl
##

try "
DOMAIN=www.example.com
DOCKER_SITE_PATH=/var/www/\$DOMAIN
CFG='
ssl: true
target: popo:3333
'
SSL_PLUGIN_FUN=ssl_fallback proxy=yes apache_vhost_statement ,https,"  "ssl default generation (ssl-cert-snakeoil)"
noerror
is out reg 'VirtualHost \*:443'
is out reg '<IfModule mod_ssl.c>'
is out reg 'SSLEngine On'
is out reg 'SSLProxyEngine On'
is out reg 'ssl-cert-snakeoil'
is out reg 'CustomLog /var/log/apache2/s-www.example.com_access.log combined'


try "
DOMAIN=www.example.com
DOCKER_SITE_PATH=/var/www/\$DOMAIN
CFG='
ssl:
  ca-cert: a
  key: b
  cert: c
target: popo:3333
'
SSL_PLUGIN_FUN=ssl_fallback proxy=yes apache_vhost_statement ,https," "ssl providing keys inline"
noerror
is out reg 'SSLCertificateFile /etc/ssl/certs/www.example.com.pem'
is out reg 'SSLCertificateKeyFile /etc/ssl/private/www.example.com.key'
is out reg 'SSLCACertificateFile /etc/ssl/certs/www.example.com-ca.pem'


##
## CustomRules
##

try "
DOMAIN=www.example.com
DOCKER_SITE_PATH=/var/www/\$DOMAIN
CFG='
ssl:
  ca-cert: a
  key: b
  cert: c
apache-custom-rules: |
  RewriteEngine On
  RewriteCond %{QUERY_STRING} !skin=formanoo
  RewriteRule ^(/web/webclient/home.*)$ $1?skin=formanoo [L,QSA,R=302]
target: popo:3333
'
SSL_PLUGIN_FUN=ssl_fallback proxy=yes apache_vhost_statement ,https," "custom rules"
noerror
is out reg 'RewriteEngine On'


##
## double def
##

try "
DOMAIN=www.example.com
DOCKER_SITE_PATH=/var/www/\$DOMAIN
CFG='
ssl:
  ca-cert: a
  key: b
  cert: c
apache-custom-rules: |
  RewriteEngine On
  RewriteCond %{QUERY_STRING} !skin=formanoo
  RewriteRule ^(/web/webclient/home.*)$ $1?skin=formanoo [L,QSA,R=302]
target: popo:3333
'
SSL_PLUGIN_FUN=ssl_fallback proxy=yes apache_vhost_statement ,https,http," "both http and https"
noerror
is out '<VirtualHost *:80>

    ServerAdmin contact@www.example.com
    ServerName www.example.com

    ServerSignature Off
    CustomLog /var/log/apache2/www.example.com_access.log combined
    ErrorLog /var/log/apache2/www.example.com_error.log
    ErrorLog syslog:local2


    ##
    ## Custom rules
    ##

    RewriteEngine On
    RewriteCond %{QUERY_STRING} !skin=formanoo
    RewriteRule ^(/web/webclient/home.*)$ ?skin=formanoo [L,QSA,R=302]


    ##
    ## Proxy declaration towards popo:3333
    ##

    <IfModule mod_proxy.c>
        ProxyRequests Off
        <Proxy *>
            Order deny,allow
            Allow from all
        </Proxy>
        ProxyVia On
        ProxyPass / http://popo:3333/ retry=0
        <Location / >
            Allow from all
            ProxyPassReverse /
        </Location>

    </IfModule>

    RequestHeader set "X-Forwarded-Proto" "http"

    ## Fix IE problem (httpapache proxy dav error 408/409)
    SetEnv proxy-nokeepalive 1

    ## Forbid any cache, this is only usefull on dev server.
    #Header set Cache-Control "no-cache"
    #Header set Access-Control-Allow-Origin "*"
    #Header set Access-Control-Allow-Methods "POST, GET, OPTIONS"
    #Header set Access-Control-Allow-Headers "origin, content-type, accept"

</VirtualHost>

<IfModule mod_ssl.c>
  <VirtualHost *:443>

      ServerAdmin contact@www.example.com
      ServerName www.example.com

      ServerSignature Off
      CustomLog /var/log/apache2/s-www.example.com_access.log combined
      ErrorLog /var/log/apache2/s-www.example.com_error.log
      ErrorLog syslog:local2


      ##
      ## Custom rules
      ##

      RewriteEngine On
      RewriteCond %{QUERY_STRING} !skin=formanoo
      RewriteRule ^(/web/webclient/home.*)$ ?skin=formanoo [L,QSA,R=302]


      ##
      ## Proxy declaration towards popo:3333
      ##

      <IfModule mod_proxy.c>
          ProxyRequests Off
          <Proxy *>
              Order deny,allow
              Allow from all
          </Proxy>
          ProxyVia On
          ProxyPass / http://popo:3333/ retry=0
          <Location / >
              Allow from all
              ProxyPassReverse /
          </Location>
          SSLProxyEngine On
      </IfModule>

      RequestHeader set "X-Forwarded-Proto" "https"

      ## Fix IE problem (httpapache proxy dav error 408/409)
      SetEnv proxy-nokeepalive 1

      ## Forbid any cache, this is only usefull on dev server.
      #Header set Cache-Control "no-cache"
      #Header set Access-Control-Allow-Origin "*"
      #Header set Access-Control-Allow-Methods "POST, GET, OPTIONS"
      #Header set Access-Control-Allow-Headers "origin, content-type, accept"

      ##
      ## SSL Configuration
      ##

      SSLEngine On

      SSLCertificateFile /etc/ssl/certs/www.example.com.pem
      SSLCertificateKeyFile /etc/ssl/private/www.example.com.key
      SSLCACertificateFile /etc/ssl/certs/www.example.com-ca.pem

      SSLVerifyClient None

  </VirtualHost>
</IfModule>' RTRIM