#!/usr/bin/env bash
set -euo pipefail

ROOT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")/.." && pwd)"
DEFAULT_BACKUP_DIR="$ROOT_DIR/backups/postgres"
if [[ -d /sdb-disk/backups || -d /sdb-disk ]]; then
  DEFAULT_BACKUP_DIR="/sdb-disk/backups/rainmaker-postgres"
fi
BACKUP_DIR="${BACKUP_DIR:-$DEFAULT_BACKUP_DIR}"
RETENTION_DAYS="${RETENTION_DAYS:-14}"
REMOTE_BACKUP_TARGET="${REMOTE_BACKUP_TARGET:-}"
REMOTE_BACKUP_DIR="${REMOTE_BACKUP_DIR:-}"
TIMESTAMP="$(date -u +%Y%m%dT%H%M%SZ)"
BACKUP_FILE="$BACKUP_DIR/rainmaker-$TIMESTAMP.dump"
CHECKSUM_FILE="$BACKUP_FILE.sha256"

if [[ -f "$ROOT_DIR/backend/.env" ]]; then
  set -a
  # shellcheck disable=SC1091
  source "$ROOT_DIR/backend/.env"
  set +a
fi

mkdir -p "$BACKUP_DIR"
umask 077

if [[ -n "${DATABASE_URL:-}" ]]; then
  pg_dump --dbname="$DATABASE_URL" --format=custom --file="$BACKUP_FILE"
else
  : "${PGHOST:?PGHOST or DATABASE_URL is required}"
  : "${PGPORT:?PGPORT or DATABASE_URL is required}"
  : "${PGDATABASE:?PGDATABASE or DATABASE_URL is required}"
  : "${PGUSER:?PGUSER or DATABASE_URL is required}"
  : "${PGPASSWORD:?PGPASSWORD or DATABASE_URL is required}"

  pg_dump \
    --host="$PGHOST" \
    --port="$PGPORT" \
    --dbname="$PGDATABASE" \
    --username="$PGUSER" \
    --format=custom \
    --file="$BACKUP_FILE"
fi

sha256sum "$BACKUP_FILE" > "$CHECKSUM_FILE"
find "$BACKUP_DIR" -type f \( -name '*.dump' -o -name '*.sha256' \) -mtime +"$RETENTION_DAYS" -delete

if [[ -n "$REMOTE_BACKUP_TARGET" || -n "$REMOTE_BACKUP_DIR" ]]; then
  : "${REMOTE_BACKUP_TARGET:?REMOTE_BACKUP_TARGET is required when REMOTE_BACKUP_DIR is set}"
  : "${REMOTE_BACKUP_DIR:?REMOTE_BACKUP_DIR is required when REMOTE_BACKUP_TARGET is set}"

  ssh -o BatchMode=yes -o StrictHostKeyChecking=no "$REMOTE_BACKUP_TARGET" "mkdir -p '$REMOTE_BACKUP_DIR'"
  scp -q "$BACKUP_FILE" "$CHECKSUM_FILE" "$REMOTE_BACKUP_TARGET:$REMOTE_BACKUP_DIR/"
  ssh -o BatchMode=yes -o StrictHostKeyChecking=no "$REMOTE_BACKUP_TARGET" \
    "find '$REMOTE_BACKUP_DIR' -type f \\( -name '*.dump' -o -name '*.sha256' \\) -mtime +$RETENTION_DAYS -delete"
fi

echo "Backup written to $BACKUP_FILE"
echo "Checksum written to $CHECKSUM_FILE"
if [[ -n "$REMOTE_BACKUP_TARGET" && -n "$REMOTE_BACKUP_DIR" ]]; then
  echo "Remote copy written to $REMOTE_BACKUP_TARGET:$REMOTE_BACKUP_DIR/$(basename "$BACKUP_FILE")"
fi