#!/bin/bash

# Verify that script is being run as root
if [ "$EUID" -ne 0 ]
  then echo "Please run as root to allow installation of dependencies."
  exit
fi

# Make sure working directory is /root
if [ "$PWD" != "/root" ]
  then echo "Please run this script from /root directory."
  exit
fi


chmod +x /root/hns_doh_loadbalancer/cert.py
chmod +x /root/hns_doh_loadbalancer/cert.sh

# Install dnsdist
echo "deb [signed-by=/etc/apt/keyrings/dnsdist-20-pub.asc] http://repo.powerdns.com/ubuntu jammy-dnsdist-20 main" | sudo tee /etc/apt/sources.list.d/pdns.list
wget https://upload.woodburn.au/gYy/dnsdist-20 -O /etc/apt/preferences.d/dnsdist-20

sudo install -d /etc/apt/keyrings; curl https://repo.powerdns.com/FD380FBB-pub.asc | sudo tee /etc/apt/keyrings/dnsdist-20-pub.asc && sudo apt-get update && sudo apt-get install dnsdist


# Install certbot
sudo apt install snapd -y
sudo snap install --classic certbot
sudo ln -s /snap/bin/certbot /usr/bin/certbot
sudo cp /root/hns_doh_loadbalancer/resolved.conf /etc/systemd/resolved.conf
sudo systemctl restart systemd-resolved

# Move the conf file to the correct location
sudo cp /root/hns_doh_loadbalancer/dnsdist.conf /etc/dnsdist/dnsdist.conf
sudo cp /root/hns_doh_loadbalancer/dnsdist.service /lib/systemd/system/dnsdist.service
sudo systemctl daemon-reload

# Download TLDs
wget https://data.iana.org/TLD/tlds-alpha-by-domain.txt -O /etc/dnsdist/tlds-alpha-by-domain.txt


# Restart dnsdist
sudo systemctl restart dnsdist

# Install caddy
sudo apt install -y debian-keyring debian-archive-keyring apt-transport-https curl
curl -1sLf 'https://dl.cloudsmith.io/public/caddy/stable/gpg.key' | sudo gpg --dearmor -o /usr/share/keyrings/caddy-stable-archive-keyring.gpg
curl -1sLf 'https://dl.cloudsmith.io/public/caddy/stable/debian.deb.txt' | sudo tee /etc/apt/sources.list.d/caddy-stable.list
chmod o+r /usr/share/keyrings/caddy-stable-archive-keyring.gpg
chmod o+r /etc/apt/sources.list.d/caddy-stable.list
sudo apt update
sudo apt install -y caddy

# Move the Caddyfile to the correct location
sudo cp /root/hns_doh_loadbalancer/Caddyfile /etc/caddy/Caddyfile

# Restart caddy
sudo systemctl restart caddy

sudo certbot certonly --manual --manual-auth-hook /root/hns_doh_loadbalancer/cert.py --preferred-challenges dns -d hnsdoh.com -d *.hnsdoh.com --deploy-hook /root/hns_doh_loadbalancer/cert.sh

# Install NVM
curl -o- https://raw.githubusercontent.com/nvm-sh/nvm/v0.39.7/install.sh | bash

export NVM_DIR="$([ -z "${XDG_CONFIG_HOME-}" ] && printf %s "${HOME}/.nvm" || printf %s "${XDG_CONFIG_HOME}/nvm")"
[ -s "$NVM_DIR/nvm.sh" ] && \. "$NVM_DIR/nvm.sh"

# Install unbound
sudo apt install libunbound-dev -y

# Install Node.js
sudo apt install build-essential -y
nvm install 20.14.0
npm install -g node-gyp

# Install HSD
git clone --depth 1 --branch latest https://github.com/handshake-org/hsd.git
cd hsd
npm install --omit=dev

sudo cp /root/hns_doh_loadbalancer/hsd.service /lib/systemd/system/hsd.service
sudo systemctl daemon-reload
sudo systemctl enable hsd
sudo systemctl start hsd