#!/bin/bash
set -e

# Colors
GREEN='\033[1;32m'
YELLOW='\033[1;33m'
RED='\033[1;31m'
NC='\033[0m'

# 1. Root Check
if [ "$EUID" -ne 0 ]; then
  echo -e "${RED}Please run this script as root.${NC}"
  exit 1
fi

# 2. OS Detection
echo -e "${YELLOW}LOG: Detecting OS...${NC}"
if [ -f /etc/os-release ]; then
    . /etc/os-release
    OS=$ID
fi

# 3. Install Prerequisites (Git, Make, Zsh, Sudo)
echo -e "${YELLOW}LOG: Updating system and installing base tools...${NC}"

if [ "$OS" == "arch" ] || [ "$OS" == "manjaro" ]; then
    pacman -Sy --noconfirm git make curl zsh sudo
    SUDO_GROUP="wheel"
elif [ "$OS" == "ubuntu" ] || [ "$OS" == "debian" ]; then
    apt-get update
    apt-get install -y git make curl zsh sudo
    SUDO_GROUP="sudo"
else
    echo -e "${RED}Unsupported OS: $OS${NC}"
    exit 1
fi

# 4. Interactive Prompts
echo -e "${GREEN}---------------------------------------${NC}"
echo -e "${GREEN}      USER PROVISIONING WIZARD         ${NC}"
echo -e "${GREEN}---------------------------------------${NC}"

read -p "Enter Username (default: mangopig): " USERNAME
USERNAME=${USERNAME:-mangopig}

read -p "Enter UID (default: 1000): " USER_UID
USER_UID=${USER_UID:-1000}

read -p "Enter GID (default: 1000): " USER_GID
USER_GID=${USER_GID:-1000}

# 5. Group Creation
if getent group "$USER_GID" >/dev/null; then
    echo -e "${YELLOW}LOG: Group with GID $USER_GID already exists. Using it.${NC}"
else
    echo -e "${YELLOW}LOG: Creating group $USERNAME with GID $USER_GID...${NC}"
    groupadd -g "$USER_GID" "$USERNAME"
fi

# 6. User Creation
if id "$USERNAME" &>/dev/null; then
    echo -e "${YELLOW}LOG: User $USERNAME already exists. Skipping creation.${NC}"
else
    echo -e "${YELLOW}LOG: Creating user $USERNAME...${NC}"
    
    # Detect Zsh path
    ZSH_PATH=$(which zsh)
    
    # Create user with specific UID, GID, Groups, and Shell
    useradd -m -u "$USER_UID" -g "$USER_GID" -G "$SUDO_GROUP" -s "$ZSH_PATH" "$USERNAME"
    
    echo -e "${GREEN}LOG: Setting password for $USERNAME...${NC}"
    passwd "$USERNAME"
fi

# 7. Sudo Configuration (Passwordless)
echo -e "${YELLOW}LOG: Configuring passwordless sudo...${NC}"
echo "$USERNAME ALL=(ALL) NOPASSWD:ALL" > "/etc/sudoers.d/90-$USERNAME"
chmod 0440 "/etc/sudoers.d/90-$USERNAME"

# 8. Arch Specific: Uncomment wheel in sudoers if not already active
if [ "$OS" == "arch" ]; then
    # Ensure the 'wheel' group is actually enabled in the main config if drop-in fails
    sed -i 's/^# %wheel ALL=(ALL:ALL) ALL/%wheel ALL=(ALL:ALL) ALL/' /etc/sudoers
fi

echo -e "${GREEN}✅ Server Provisioned! Log out and SSH as $USERNAME.${NC}"