#!/usr/bin/env bash
set -euo pipefail

ENV_FILE="${ENV_FILE:-./.env}"
if [[ -f "$ENV_FILE" ]]; then
  set -a
  # shellcheck source=/dev/null
  . "$ENV_FILE"
  set +a
fi

if [[ -z "${BACKUP_FILE:-}" ]]; then
  echo "BACKUP_FILE is required."
  exit 1
fi
if [[ ! -f "$BACKUP_FILE" ]]; then
  echo "BACKUP_FILE does not exist: $BACKUP_FILE"
  exit 1
fi

CHECKSUM_FILE="${BACKUP_FILE}.sha256"
if [[ ! -f "$CHECKSUM_FILE" ]]; then
  echo "Missing checksum file: ${CHECKSUM_FILE}"
  exit 1
fi
EXPECTED_HASH="$(awk '{print $1; exit}' "$CHECKSUM_FILE")"
if [[ ! "$EXPECTED_HASH" =~ ^[A-Fa-f0-9]{64}$ ]]; then
  echo "Invalid checksum format in: ${CHECKSUM_FILE}"
  exit 1
fi
ACTUAL_HASH="$(sha256sum "$BACKUP_FILE" | awk '{print $1}')"
if [[ "$ACTUAL_HASH" != "$EXPECTED_HASH" ]]; then
  echo "Backup checksum verification failed for: ${BACKUP_FILE}"
  exit 1
fi

if [[ -z "${DATABASE_URL:-}" ]]; then
  echo "DATABASE_URL is required."
  exit 1
fi

RESTORE_DB="${RESTORE_DB:-skymoney_restore_test}"
RESTORE_URL="${RESTORE_DATABASE_URL:-}"
ADMIN_URL="${ADMIN_DATABASE_URL:-$DATABASE_URL}"

if [[ ! "$RESTORE_DB" =~ ^[A-Za-z0-9_]+$ ]]; then
  echo "RESTORE_DB must match ^[A-Za-z0-9_]+$"
  exit 1
fi

if [[ -z "$RESTORE_URL" ]]; then
  echo "RESTORE_DATABASE_URL is required (example: postgresql://user:pass@host:5432/${RESTORE_DB})."
  exit 1
fi

ARCHIVE_EXISTING_RESTORE_DB="${ARCHIVE_EXISTING_RESTORE_DB:-1}"
RESTORE_ARCHIVE_DIR="${RESTORE_ARCHIVE_DIR:-./backups/restore-archives}"

if [[ "$ARCHIVE_EXISTING_RESTORE_DB" == "1" ]]; then
  DB_EXISTS="$(psql "$ADMIN_URL" -At -v ON_ERROR_STOP=1 -c "SELECT 1 FROM pg_database WHERE datname = '${RESTORE_DB}' LIMIT 1;")"
  if [[ "$DB_EXISTS" == "1" ]]; then
    mkdir -p "$RESTORE_ARCHIVE_DIR"
    ARCHIVE_STAMP="$(date +%F_%H%M%S)"
    ARCHIVE_FILE="${RESTORE_ARCHIVE_DIR}/${RESTORE_DB}_pre_restore_${ARCHIVE_STAMP}.dump"
    ARCHIVE_BASENAME="$(basename "$ARCHIVE_FILE")"
    ARCHIVE_DIR_ABS="$(cd "$RESTORE_ARCHIVE_DIR" && pwd)"

    echo "Archiving existing restore database: ${RESTORE_DB}"
    pg_dump "$RESTORE_URL" -Fc -f "$ARCHIVE_FILE"
    (cd "$ARCHIVE_DIR_ABS" && sha256sum "$ARCHIVE_BASENAME" > "${ARCHIVE_BASENAME}.sha256")
    echo "Archive written to: $ARCHIVE_FILE"
    echo "Archive checksum written to: ${ARCHIVE_FILE}.sha256"
  fi
fi

echo "Creating restore database: ${RESTORE_DB}"
psql "$ADMIN_URL" -v ON_ERROR_STOP=1 -c "DROP DATABASE IF EXISTS \"${RESTORE_DB}\";" >/dev/null
psql "$ADMIN_URL" -v ON_ERROR_STOP=1 -c "CREATE DATABASE \"${RESTORE_DB}\";" >/dev/null

pg_restore --no-owner --no-privileges --dbname="$RESTORE_URL" "$BACKUP_FILE"

echo "Restore completed into: ${RESTORE_DB}"