#!/bin/bash
#
# backup-database.sh - MariaDB database backup via docker exec
#
# Creates a gzip-compressed database dump with timestamps
# Uses --single-transaction for consistent backups without locking
#

set -euo pipefail

# Configuration
SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
BACKUP_ROOT="$(dirname "$SCRIPT_DIR")"
STORAGE_DIR="$BACKUP_ROOT/storage/database"
LOG_FILE="$BACKUP_ROOT/logs/backup.log"
PROJECT_DIR="$(dirname "$BACKUP_ROOT")"

# Container and database settings
CONTAINER_NAME="parketry_mariadb"
DB_NAME="wordpress"

# Timestamp format for backup files
TIMESTAMP=$(date +"%Y%m%d_%H%M%S")
BACKUP_FILE="$STORAGE_DIR/backup_${TIMESTAMP}.sql.gz"
LATEST_LINK="$STORAGE_DIR/latest.sql.gz"

# Logging function
log() {
    echo "[$(date '+%Y-%m-%d %H:%M:%S')] [DATABASE] $1" | tee -a "$LOG_FILE"
}

# Error handler
error_exit() {
    log "ERROR: $1"
    exit 1
}

# Ensure storage directory exists
mkdir -p "$STORAGE_DIR"

log "Starting database backup..."

# Check if container is running
if ! docker ps --format '{{.Names}}' | grep -q "^${CONTAINER_NAME}$"; then
    error_exit "Container $CONTAINER_NAME is not running"
fi

# Get database credentials from .env file
if [[ -f "$PROJECT_DIR/.env" ]]; then
    source "$PROJECT_DIR/.env"
else
    error_exit ".env file not found at $PROJECT_DIR/.env"
fi

# Use MARIADB_ROOT_PASSWORD from .env, fall back to regular user if not available
DB_PASSWORD="${MARIADB_ROOT_PASSWORD:-}"
DB_USER="root"

if [[ -z "$DB_PASSWORD" ]]; then
    # Fall back to regular user credentials
    DB_PASSWORD="${MARIADB_PASSWORD:-}"
    DB_USER="${MARIADB_USER:-wordpress}"
    if [[ -z "$DB_PASSWORD" ]]; then
        error_exit "Neither MARIADB_ROOT_PASSWORD nor MARIADB_PASSWORD set in .env"
    fi
    log "Using regular user credentials (MARIADB_ROOT_PASSWORD not set)"
fi

# Perform the backup with compression
log "Dumping database $DB_NAME from container $CONTAINER_NAME..."

docker exec "$CONTAINER_NAME" mysqldump \
    -u "$DB_USER" \
    -p"$DB_PASSWORD" \
    --single-transaction \
    --routines \
    --triggers \
    --events \
    --quick \
    --lock-tables=false \
    "$DB_NAME" 2>/dev/null | gzip > "$BACKUP_FILE"

# Verify backup was created and has content
if [[ ! -f "$BACKUP_FILE" ]]; then
    error_exit "Backup file was not created"
fi

BACKUP_SIZE=$(stat -f%z "$BACKUP_FILE" 2>/dev/null || stat -c%s "$BACKUP_FILE" 2>/dev/null)
if [[ "$BACKUP_SIZE" -lt 1000 ]]; then
    rm -f "$BACKUP_FILE"
    error_exit "Backup file is too small (${BACKUP_SIZE} bytes), likely failed"
fi

# Update latest symlink
rm -f "$LATEST_LINK"
ln -s "$BACKUP_FILE" "$LATEST_LINK"

# Get human-readable size
HUMAN_SIZE=$(du -h "$BACKUP_FILE" | cut -f1)

log "Database backup completed: $BACKUP_FILE ($HUMAN_SIZE)"

exit 0