#!/usr/bin/env bash
set -euo pipefail

HASHICORP_KEYRING="/usr/share/keyrings/hashicorp-archive-keyring.gpg"
HASHICORP_LIST="/etc/apt/sources.list.d/hashicorp.list"
VIRTUALBOX_KEYRING="/usr/share/keyrings/oracle-virtualbox-2016.gpg"
VIRTUALBOX_LIST="/etc/apt/sources.list.d/virtualbox.list"
VIRTUALBOX_PACKAGE=""

log() {
  printf '[install] %s\n' "$*"
}

warn() {
  printf '[install] Warning: %s\n' "$*" >&2
}

die() {
  printf '[install] Error: %s\n' "$*" >&2
  exit 1
}

run_root() {
  if [[ "${EUID}" -eq 0 ]]; then
    "$@"
  else
    require_command sudo
    sudo "$@"
  fi
}

require_command() {
  command -v "$1" >/dev/null 2>&1 || die "Commande requise introuvable: $1"
}

contains() {
  local value="$1"
  shift

  local item
  for item in "$@"; do
    if [[ "$item" == "$value" ]]; then
      return 0
    fi
  done

  return 1
}

get_codename() {
  if [[ -n "${VERSION_CODENAME:-}" ]]; then
    printf '%s\n' "${VERSION_CODENAME}"
    return 0
  fi

  if command -v lsb_release >/dev/null 2>&1; then
    lsb_release -cs
    return 0
  fi

  die "Impossible de determiner le codename de la distribution."
}

ensure_supported_distribution() {
  require_command apt-get
  require_command dpkg

  if [[ ! -r /etc/os-release ]]; then
    die "Le fichier /etc/os-release est introuvable."
  fi

  # shellcheck disable=SC1091
  . /etc/os-release

  DISTRO_ID="${ID:-}"
  CODENAME="$(get_codename)"
  ARCH="$(dpkg --print-architecture)"

  if [[ "${ARCH}" != "amd64" ]]; then
    die "Ce script cible les hotes Debian/Ubuntu amd64 pour VirtualBox. Architecture detectee: ${ARCH}."
  fi

  case "${DISTRO_ID}" in
    ubuntu)
      if ! contains "${CODENAME}" focal jammy noble oracular; then
        warn "Ubuntu ${CODENAME} n'etait pas dans la liste testee au moment d'ecrire ce script. Je continue avec les depots officiels."
      fi
      ;;
    debian)
      if ! contains "${CODENAME}" bullseye bookworm; then
        warn "Debian ${CODENAME} n'etait pas dans la liste testee au moment d'ecrire ce script. Je continue avec les depots officiels."
      fi
      ;;
    *)
      die "Distribution non prise en charge: ${DISTRO_ID:-inconnue}. Ce script supporte Debian et Ubuntu."
      ;;
  esac
}

install_base_packages() {
  log "Installation des prerequis APT..."
  run_root apt-get update
  run_root apt-get install -y \
    apt-transport-https \
    ca-certificates \
    curl \
    gnupg \
    lsb-release \
    software-properties-common \
    wget
}

configure_hashicorp_repo() {
  local tmpdir
  tmpdir="$(mktemp -d)"

  log "Configuration du depot HashiCorp..."
  curl -fsSL "https://apt.releases.hashicorp.com/gpg" -o "${tmpdir}/hashicorp.gpg"
  run_root gpg --yes --dearmor -o "${HASHICORP_KEYRING}" "${tmpdir}/hashicorp.gpg"
  printf 'deb [signed-by=%s] https://apt.releases.hashicorp.com %s main\n' "${HASHICORP_KEYRING}" "${CODENAME}" \
    | run_root tee "${HASHICORP_LIST}" >/dev/null
  rm -rf "${tmpdir}"
}

configure_virtualbox_repo() {
  local tmpdir
  tmpdir="$(mktemp -d)"

  log "Configuration du depot Oracle VirtualBox..."
  curl -fsSL "https://www.virtualbox.org/download/oracle_vbox_2016.asc" -o "${tmpdir}/oracle_vbox_2016.asc"
  run_root gpg --yes --dearmor -o "${VIRTUALBOX_KEYRING}" "${tmpdir}/oracle_vbox_2016.asc"
  printf 'deb [arch=amd64 signed-by=%s] https://download.virtualbox.org/virtualbox/debian %s contrib\n' "${VIRTUALBOX_KEYRING}" "${CODENAME}" \
    | run_root tee "${VIRTUALBOX_LIST}" >/dev/null
  rm -rf "${tmpdir}"
}

select_virtualbox_package() {
  local packages=()
  local package=""

  mapfile -t packages < <(apt-cache search --names-only '^virtualbox-[0-9]+\.[0-9]+$' | awk '{print $1}' | sort -V)

  if [[ "${#packages[@]}" -gt 0 ]]; then
    package="${packages[$(("${#packages[@]}" - 1))]}"
  elif apt-cache show virtualbox >/dev/null 2>&1; then
    package="virtualbox"
  else
    die "Aucun paquet VirtualBox compatible n'a ete trouve apres l'ajout du depot Oracle."
  fi

  VIRTUALBOX_PACKAGE="${package}"
  log "Paquet VirtualBox selectionne: ${VIRTUALBOX_PACKAGE}"
}

install_project_dependencies() {
  select_virtualbox_package

  log "Installation de VirtualBox, Vagrant, Terraform et Ansible..."
  run_root apt-get update
  run_root apt-get install -y \
    ansible \
    terraform \
    vagrant \
    "${VIRTUALBOX_PACKAGE}"
}

install_ansible_collection() {
  log "Installation de la collection Ansible community.general..."
  run_root mkdir -p /usr/share/ansible/collections
  run_root ansible-galaxy collection install community.general --collections-path /usr/share/ansible/collections --force
}

print_versions() {
  log "Verification des versions installees:"
  VBoxManage --version
  vagrant --version
  terraform version
  ansible --version
}

print_next_steps() {
  cat <<'EOF'

Installation terminee.

Etapes suivantes:
  1. terraform init
  2. terraform apply

Note:
  - Si Secure Boot est actif, VirtualBox peut demander une validation ou une signature de modules noyau avant de pouvoir demarrer des VMs.
EOF
}

main() {
  ensure_supported_distribution
  install_base_packages
  configure_hashicorp_repo
  configure_virtualbox_repo
  install_project_dependencies
  install_ansible_collection
  print_versions
  print_next_steps
}

DISTRO_ID=""
CODENAME=""
ARCH=""

main "$@"