#!/usr/bin/env bash

# adds a auth for the gitea container for the user and adds the gitea server to
# the docker registry mirrors so gitea will be used in preference to dockerhub.
# Unavailable images will still be pulled from dockerhub.
# See:
# https://docs.gitea.com/usage/packages/container?_highlight=docker#push-an-image

PROTOCOL="https://"
DOMAIN="git2.ring-zero.co.uk"
URL="${PROTOCOL}${DOMAIN}"
OWNER="cyteen"
PASSWORD="mlpfinsonik"
AUTH=$(echo -n ${OWNER}:${PASSWORD} | base64)

OWNER_TOKEN="e844ba5fa9f57645eb1e32cfcb67a60d650dfbf0" # your_password_or_token
REGISTRY=""
IMAGE=""
TAG=""

# Batch add entries to ~/.docker/config.json
DOCKER_CONFIG_DIR=${HOME}/.docker
DOCKER_CONFIG=config.json
DOCKER_CONFIG_PATH=${DOCKER_CONFIG_DIR}/${DOCKER_CONFIG}
mkdir -p ${DOCKER_CONFIG_DIR}

# create an empty json file if one doesn't exist
if [ ! -f ${DOCKER_CONFIG_PATH} ]; then
	touch ${DOCKER_CONFIG_PATH}
	echo "{}" >${DOCKER_CONFIG_PATH}
else
	echo "${DOCKER_CONFIG_PATH} exists."
fi

# authenticate with registry: writes ~/.docker/config.json
# echo ${PASSWORD} | docker login -u ${OWNER} --password-stdin ${URL}

# remove the credentials store section to enable insecure base64 auth
jq 'del(.credsStore)' ${DOCKER_CONFIG_PATH} | sponge ${DOCKER_CONFIG_PATH}

# add insecure base64 auth for local gitea
jq --arg domain "${DOMAIN}" --arg auth "${AUTH}" '.auths[$domain] = {"auth": $auth}' ${DOCKER_CONFIG_PATH} >tmp && mv tmp ${DOCKER_CONFIG_PATH}

# this is really only needed if your doing multiple entries at a time.
# create an auth section for docker image pull
# declare -A DOCKER_OPT
# DOCKER_OPT[0]=".auths += {"${DOMAIN}": {"auth": "${AUTH}"}}"
# # DOCKER_OPT[1]='.auths += {"https://registry.example.io/v0/": {"auth": "another_base64_encoded_auth_token_here"}}'
# # DOCKER_OPT[2]='.HttpHeaders += {"User-Agent": "Docker-Client/18.09.7 (linux)"}'
#
# for ((i = 0; i < ${#DOCKER_OPT[@]}; ++i)); do
# 	OPTION="${DOCKER_OPT[$i]}"
# 	jq "${OPTION}" ${DOCKER_CONFIG_DIR}/${DOCKER_CONFIG} >${DOCKER_CONFIG_DIR}/${DOCKER_CONFIG}.tmp &&
# 		mv -b ${DOCKER_CONFIG_DIR}/${DOCKER_CONFIG}.tmp ${DOCKER_CONFIG_DIR}/${DOCKER_CONFIG}
# done

# Batch add entries to /etc/docker/daemon.json
DOCKER_CONFIG_DIR=/etc/docker
DOCKER_CONFIG=daemon.json

declare -A DOCKER_OPT
DOCKER_OPT[0]='.["registry-mirrors"] += ["'"${URL}"'"]'

for ((i = 0; i < ${#DOCKER_OPT[@]}; ++i)); do
	OPTION="${DOCKER_OPT[$i]}"
	jq "${OPTION}" ${DOCKER_CONFIG_DIR}/${DOCKER_CONFIG} >${DOCKER_CONFIG_DIR}/${DOCKER_CONFIG}.tmp &&
		mv -b ${DOCKER_CONFIG_DIR}/${DOCKER_CONFIG}.tmp ${DOCKER_CONFIG_DIR}/${DOCKER_CONFIG}
done

cat <<EOF
Before pushing any docker images you may need to increase the file size
allowed by any reverse proxy you may have.A In our case:
'echo "client_max_body_size 0;" > /var/lib/docker/volumes/nginx-docker_vhost/_data/git2.ring-zero.co.uk'
I also included the content of _data/default as that had been included in the conf.d/default
EOF

# build an image with tag
# docker build -t ${REGISTRY}/${OWNER}/${IMAGE}:${TAG} .

# name an existing image with tag
# EXISTING_IMAGE=""
# EXISTING_TAG=""

# docker tag \
# 	${EXISTING_IMAGE}:${EXISTING_TAG} \
# 	${REGISTRY}/${OWNER}/${IMAGE}:${TAG}

# https://docs.docker.com/reference/cli/docker/image/push/#push-a-new-image-to-a-registry
# tag the image with the host name or IP address, and the port of the registry
# docker tag markm/debian-snapshot-bookworm:latest git2.ring-zero.co.uk/cyteen/debian-snapshot-bookworm:latest

# push
# docker push git2.ring-zero.co.uk/cyteen/debian-snapshot-bookworm:latest

# Push an image
# docker push gitea.example.com/testuser/myimage:latest
#  docker push ${URL}/${OWNER}/${IMAGE}:${TAG}

# Pull an image
# docker pull gitea.example.com/testuser/myimage:latest
#  docker pull ${URL}/${OWNER}/${IMAGE}:${TAG}