#!/bin/bash
set -e

echo "=== Server Bootstrap Prep ==="

DEPLOY_USER="deploy"
SSH_KEY_URL="https://git.infernonode.com/HotaruBlaze/deploy-ssh-key/raw/branch/main/ansible-deployment.pub"
PRIV_KEY_PATH="./keys/ansible-deployment"

echo "Creating deploy user..."
useradd -m -s /bin/bash -G sudo "$DEPLOY_USER" 2>/dev/null || true
echo "$DEPLOY_USER ALL=(ALL) NOPASSWD:ALL" > /etc/sudoers.d/"$DEPLOY_USER"
chmod 440 /etc/sudoers.d/"$DEPLOY_USER"

echo "Setting up SSH for deploy user..."
mkdir -p "/home/$DEPLOY_USER/.ssh"
chmod 700 "/home/$DEPLOY_USER/.ssh"

echo "Fetching SSH public key..."
curl -sf "$SSH_KEY_URL" > "/home/$DEPLOY_USER/.ssh/authorized_keys"
chmod 600 "/home/$DEPLOY_USER/.ssh/authorized_keys"
chown -R "$DEPLOY_USER:$DEPLOY_USER" "/home/$DEPLOY_USER/.ssh"


echo "Installing Python..."
if command -v python3 &>/dev/null; then
    echo "Python3 already installed"
else
    apt-get update -qq && apt-get install -y -qq python3 python3-ansible
fi

echo ""
echo "=== Prep Complete ==="
echo "You can now connect with:"
echo "  ssh -i $PRIV_KEY_PATH $DEPLOY_USER@<server-ip>"
echo ""
echo "Then run ansible bootstrap:"
echo "  task bootstrap-one HOST=<hostname>"