#!/usr/bin/env bash
set -euo pipefail

GREEN='\033[0;32m'
YELLOW='\033[1;33m'
RED='\033[0;31m'
NC='\033[0m'
info() { echo -e "${GREEN}[+]${NC} $*"; }
warn() { echo -e "${YELLOW}[!]${NC} $*"; }
error() {
  echo -e "${RED}[✗]${NC} $*"
  exit 1
}

function desktop() {
  # ─── DESKTOP ─────────────────────────────────────────────────────────────────
  info "Installing GNOME desktop (minimal)..."
  DEBIAN_FRONTEND=noninteractive apt-get install -y \
    ubuntu-desktop-minimal \
    gnome-tweaks \
    gnome-terminal \
    firefox \
    nautilus
  systemctl set-default graphical.target
  info "Desktop installed."
}

function docker() {
  # ─── DOCKER ──────────────────────────────────────────────────────────────────
  info "Installing Docker..."
  install -m 0755 -d /etc/apt/keyrings
  curl -fsSL https://download.docker.com/linux/ubuntu/gpg |
    gpg --dearmor -o /etc/apt/keyrings/docker.gpg
  chmod a+r /etc/apt/keyrings/docker.gpg

  echo \
    "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.gpg] \
  https://download.docker.com/linux/ubuntu \
  $(. /etc/os-release && echo "$VERSION_CODENAME") stable" \
    >/etc/apt/sources.list.d/docker.list

  apt-get update -qq
  apt-get install -y docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin

  usermod -aG docker alfoldi
  systemctl enable docker
  info "Docker installed."
}

function himmelblau() {
  # ─── HIMMELBLAU (Azure Entra ID) ─────────────────────────────────────────────
  info "Installing Himmelblau..."
  apt install curl && curl -fsSL https://packages.himmelblau-idm.org/himmelblau.asc | gpg --dearmor -o /etc/apt/trusted.gpg.d/himmelblau.gpg
  add-apt-repository "deb [arch=amd64] https://packages.himmelblau-idm.org/stable/latest/deb/ubuntu24.04/ ./"
  apt install -y himmelblau pam-himmelblau nss-himmelblau
  info "Himmelblau installed."
}

function nix_home_manager() {
  # ─── NIX + HOME-MANAGER ──────────────────────────────────────────────────────
  info "Installing Nix (multi-user)..."
  sh <(curl --proto '=https' --tlsv1.2 -L https://nixos.org/nix/install) --daemon --yes

  info "Sourcing Nix..."
  source /nix/var/nix/profiles/default/etc/profile.d/nix-daemon.sh

  info "Adding home-manager channel..."
  nix-channel --add https://github.com/nix-community/home-manager/archive/release-25.11.tar.gz home-manager
  nix-channel --update

  info "Installing home-manager..."
  nix-shell '<home-manager>' -A install
}

function main() {
  desktop || true
  docker || true
  himmelblau || true
  nix_home_manager || true

  # ─── DARK THEME ──────────────────────────────────────────────────────────────
  info "Setting dark theme..."
  gsettings set org.gnome.desktop.interface color-scheme prefer-dark
  gsettings set org.gnome.desktop.interface gtk-theme Adwaita-dark

  # ─── DASH TO PANEL ───────────────────────────────────────────────────────────
  info "Installing Dash to Panel..."
  # gext install dash-to-panel@jderose9.github.com
  apt install gnome-shell-extension-dashtopanel
  gnome-extensions enable dash-to-panel@jderose9.github.com

  # ─── SSH ─────────────────────────────────────────────────────────────────────
  info "Enabling SSH..."
  systemctl enable ssh

  # ─── (passwordless for alfoldi) ─────────────────────────────────────────
  info "Configuring sudoers..."
  echo 'alfoldi ALL=(ALL) NOPASSWD:ALL' >/etc/sudoers.d/alfoldi
  chmod 440 /etc/sudoers.d/alfoldi

  info "Post-install complete ✓"
}

# start main