#!/usr/bin/env bash

_how_to_run(){
    mkdir -p /root/ovpn-packages
    docker run --name packages --rm -it -v /root/ovpn-packages:/packages ubuntu:20.04 bash
    apt update
    apt install -y --no-install-recommends curl ca-certificates
    cat > s.sh
    bash s.sh && exit
    return 0
}


set -euE
set -x

ARCHES=(
    amd64
    arm64
)

VERSIONS=(
    release/2.6
    release/2.7
)

DISTROS=(
    focal
    jammy
    noble
    bullseye
    bookworm
    trixie
    questing
)

REPO_KEY_URL="https://swupdate.openvpn.net/repos/repo-public.gpg"
REPO_BASE_URL="https://build.openvpn.net/debian/openvpn"

BASE_DIR="/packages"


mkdir -p "${BASE_DIR}"

tmpdir="$(mktemp -d)"
trap 'rm -rf "$tmpdir"' EXIT

KEY_FILE="${BASE_DIR}/openvpn-repo-public.asc"
if [[ ! -f "$KEY_FILE" ]]; then
    curl -fsSL "${REPO_KEY_URL}" -o "$KEY_FILE"
fi

mkdir -p /etc/apt/keyrings
[[ ! -e /etc/apt/keyrings/openvpn-repo-public.asc ]] && \
    cp "$KEY_FILE" /etc/apt/keyrings/openvpn-repo-public.asc

for arch in "${ARCHES[@]}"; do
    [[ $arch == arm64 ]] && dpkg --add-architecture arm64
    for version in "${VERSIONS[@]}"; do
        version_dir="${version//\//-}"

        for distro in "${DISTROS[@]}"; do
            target_dir="${BASE_DIR}/${arch}/${version_dir}/${distro}"

            if [[ "$version" == "release/2.7" && "$distro" == "focal" ]]; then
                echo "Skipping unsupported combination $version:$distro"
                continue
            fi

            if [[ "$version" == "release/2.6" ]]; then
                packages=(
                    openvpn
                    openvpn-dco-dkms
                )
            else
                packages=(
                    openvpn
                    ovpn-dkms
                )
            fi

            echo
            echo "=== ${arch} ${version} ${distro} ==="

            mkdir -p "${target_dir}"
            
            tmproot=$(mktemp -d)

            rm -rf "${tmpdir}/apt"
            mkdir -p \
                "${tmpdir}/apt/lists/partial" \
                "${tmpdir}/apt/cache/archives/partial"

            cat > "${tmproot}/sources.list" <<EOF
deb [arch=${arch} signed-by=/etc/apt/keyrings/openvpn-repo-public.asc] https://build.openvpn.net/debian/openvpn/${version} ${distro} main
EOF

            ls -l $tmproot/
            cat "${tmproot}/sources.list"
            sources_file="${target_dir}/openvpn-${version_dir}-${distro}-${arch}.sources.list"
            if ! compgen -G "$sources_file" > /dev/null; then
                cp "${tmproot}/sources.list" "$sources_file"
            fi

            apt-get \
            -o Dir::Etc::sourcelist="${tmproot}/sources.list" \
            -o Dir::Etc::sourceparts=/dev/null \
            update

            for package in ${packages[@]}; do
                (
                    cd "${target_dir}"

                    if compgen -G "${target_dir}/${package}_*.deb" > /dev/null; then
                        echo "Already downloaded: ${package}"
                        exit 0
                    fi

                    apt-get \
                    -o Dir::Etc::sourcelist="${tmproot}/sources.list" \
                    -o Dir::Etc::sourceparts=/dev/null \
                    download $package
                )
            done
        done
    done
done

echo
echo "Done."
echo "Packages stored under: ${BASE_DIR}"

exit 0