#!/bin/sh /etc/rc.common
# shellcheck disable=SC3043 # ash supports local

PROG=/usr/bin/AdGuardHome

USE_PROCD=1

# matches dnsmasq
START=19
# stops before networking stops
STOP=89

boot() {
	ADGUARDHOME_BOOT=1
	start "$@"
}

start_service() {
	if [ -n "$ADGUARDHOME_BOOT" ]; then
		# Do not start yet, wait for triggers
		return 0
	fi

	local config_file
	local group
	local pid_file
	local user
	local verbose
	local work_dir

	config_load adguardhome
	config_get config_file config config "/etc/adguardhome/adguardhome.yaml"
	config_get work_dir config workdir "/var/lib/adguardhome"
	config_get pid_file config pidfile "/run/adguardhome.pid"
	config_get_bool verbose config verbose

	config_get user config user adguardhome
	config_get group config group adguardhome

	local config_dir
	config_dir=$(dirname "$config_file")
	if [ "$config_dir" = '/etc' ]; then
		echo "AdGuard Home config must be stored in its own directory, and not in /etc" >&2
		exit 1
	fi
	mkdir -m 0700 -p "$config_dir"
	chown -R "$user":"$group" "$config_dir"

	mkdir -m 0700 -p "$work_dir"
	chown -R "$user":"$group" "$work_dir"

	procd_open_instance

	procd_set_param command "$PROG"
	procd_append_param command --config "$config_file"
	procd_append_param command --work-dir "$work_dir"
	procd_append_param command --logfile syslog
	procd_append_param command --no-check-update
	[ "$verbose" = 1 ] && procd_append_param command --verbose

	procd_set_param pidfile "$pid_file"
	procd_set_param stdout 1
	procd_set_param stderr 1
	procd_set_param user "$user"
	procd_set_param group "$group"
	procd_set_param capabilities /etc/capabilities/adguardhome.json
	procd_set_param no_new_privs 1

	# log is needed for logging to syslog instead of stdout
	# procfs is needed to readlink /proc/self/exe
	procd_add_jail adguardhome log procfs

	# config directory must be writable to write new config files
	procd_add_jail_mount_rw "$config_dir"
	procd_add_jail_mount_rw "$work_dir"

	procd_add_jail_mount /etc/hosts
	procd_add_jail_mount /etc/ssl/certs
	config_list_foreach config jail_mount procd_add_jail_mount

	procd_close_instance
}

service_triggers() {
	if [ -n "$ADGUARDHOME_BOOT" ]; then
		# Wait for interfaces to be up before starting AdGuard Home for real.
		# Prevents issues like https://github.com/openwrt/packages/issues/21868.
		procd_add_raw_trigger "interface.*.up" 5000 /etc/init.d/adguardhome restart
	fi
}