#!/bin/bash -f
######################################################################
# Artemis Nebula Start script, (C) 2015-2020 Nosey Nick Waterman,
#   <nebula@noseynick.org>   https://noseynick.org/artemis/nebula/
# All wrong righted, all rights reserved. Licensed under thev GNU
# Affero General Public License v3.0 https://www.gnu.org/licenses/agpl.txt
# with Commons Clause https://commonsclause.com/ v1.0
######################################################################
cd "${0%/*}" || exit 9 # approx "dirname $0", for...

######################################################################
# See comments at top of discord.sh - set Puppy $TOKEN and $CHAN:
# shellcheck disable=SC1091 # do not follow . creds.sh
[[ -f creds.sh ]] && [[ ! "$NO_PUPPY" ]] && . creds.sh

######################################################################
# Other defaults:
[[ "$NAME" ]]     || { NAME="$1"; shift; }
[[ "$NAME" ]]     || NAME=281stock
# password to use for VNC - NOW exposed to the internet so BEWARE security risk:
[[ "$VNCPASS" ]]  || VNCPASS=$(cut -d- -f1 < /proc/sys/kernel/random/uuid 2>/dev/null)
[[ "$VNCPASS" ]]  || VNCPASS=$(uuidgen 2> /dev/null | cut -d- -f1)
[[ "$VNCPASS" ]]  || VNCPASS=$RANDOM  # BASH's $RANDOM is crap, but better than no password
[[ "$VNCPASS" ]]  || VNCPASS=sig93air # last resort   :-O
[[ "$REGION" ]]   || REGION=us-east-2
[[ "$SG_NAME" ]]  || SG_NAME=2010
NEBULA=https://noseynick.org/artemis/nebula

# Tiny one for "free tier" testing - CANNOT RUN ARTEMIS!
# 0.0116 USD/hr: vCPU=1 ECU=variable memGB=1 StoGB=ebsonly region=us-east-1 type=generalCurrentGen
# INSTANCE_TYPE=t2.micro

# 0.023 USD/hr: vCPU=1 ECU=variable memGB=2 StoGB=ebsonly region=us-east-1 type=generalCurrentGen
# INSTANCE_TYPE=t2.small

# 0.096 USD/hr: vCPU=2 ECU=10 memGB=8 StoGB=ebsonly region=us-east-1 type=generalCurrentGen
# INSTANCE_TYPE=m5.large   # nope   :-(

# 0.65 USD/hr: vCPU=8 ECU=26 memGB=15 StoGB=60 SSD region=us-east-1 type=gpuCurrentGen
# OK but "fighters weren't acting right" and occasional fighter beam lock-on
# INSTANCE_TYPE=g2.2xlarge

# 0.584 USD/hr: vcpu=4 memGB=16 stoGB=125 SSD region=us-east-1 physicalProcessor=IntelXeonFamily instanceFamily=GPUinstance
# Used by Starry for his Windoze Artemis server(s) +++++++++++++++++ EXPERIMENT
# INSTANCE_TYPE=g4dn.xlarge

# 0.384 USD/hr: vCPU=8 ECU=31 memGB=32 StoGB=ebsonly region=us-east-1 type=generalCurrentGen size=m5.2xlarge
# INSTANCE_TYPE=m5.2xlarge

# THIS ONE SEEMS TO BE GOOD?:
# 0.17 USD/hr: vCPU=4 ECU=16 memGB=8 StoGB=ebsonly region=us-east-1 type=computeCurrentGen size=c5.xlarge
[[ "$INSTANCE_TYPE" ]] || INSTANCE_TYPE=c5.xlarge
# Starry uses g4dn.xlarge

# Might need >=6 CPUs?
# 0.34 USD/hr: vCPU=8 ECU=31 memGB=16 StoGB=ebsonly region=us-east-1 type=computeCurrentGen size=c5.2xlarge
# INSTANCE_TYPE=c5.2xlarge

AWSEC2="aws ec2 --region $REGION"  NL="
"

######################################################################
# see also https://cloud-images.ubuntu.com/locator/ec2/
# and search for 20.04 amd64 ssd us-east-1 (or your chosen $REGION)
# or ./ami-list.sh
[[ "$IMAGE_ID" ]] || IMAGE_ID=$(
  [[ "$UBUNTU_VER" ]] || UBUNTU_VER=20.04
  date "+#### %F %T : Fetching latest Ubuntu $UBUNTU_VER image for $REGION ..." >&2
  # aws ssm get-parameters-by-path --path '/aws/service/canonical/ubuntu/server' --recursive | grep '"Name":.*current/amd64'
  aws ssm get-parameters --names \
  "/aws/service/canonical/ubuntu/server/$UBUNTU_VER/stable/current/amd64/hvm/ebs-gp3/ami-id" \
  "/aws/service/canonical/ubuntu/server/$UBUNTU_VER/stable/current/amd64/hvm/ebs-gp2/ami-id" \
  --query 'Parameters[0].[Value]' \
  --output text --region $REGION
) || exit 9
RUN_ARGS+=" --image-id $IMAGE_ID"

if [[ "$SSHKEY" ]]; then
  RUN_ARGS+=" --key-name $SSHKEY"
elif [[ -f ~/.ssh/id_rsa.pub ]]; then
  read -r _ _ SSHKEY < ~/.ssh/id_rsa.pub
  # $AWSEC2 delete-key-pair --region $REGION --key-name "$SSHKEY"
  date "+#### %F %T : Uploading SSH key $SSHKEY ..." >&2
  $AWSEC2 import-key-pair --region $REGION --key-name "$SSHKEY" \
    --public-key-material file://~/.ssh/id_rsa.pub  2>/dev/null
  RUN_ARGS+=" --key-name $SSHKEY"
fi

RUN_ARGS+=" --instance-type $INSTANCE_TYPE"

# +++++ COMPARE keepconf.sh list of vars
if [[ -z "$USERDATA" ]]; then
  USERDATA="#!/bin/bash${NL}wget -t3 -T3 -O- '$NEBULA/init.sh' | \\$NL"
  for X in TOKEN  CHAN TESTCHAN  VNCPASS  SHUTDOWN \
    IP  NAME  MISSIONS  SHIPS  RUNTEST \
    ${!HERMES@}  ${!TS3SERVER@}  ${!EE_@}  ${!AWS_@} ${!NEB_@}
  do case "${!X}" in
    "")    : ;; # skip empty ones
    *\ *)  USERDATA+="  $X='${!X}' \\$NL" ;;
    *)     USERDATA+="  $X=${!X} \\$NL" ;;
  esac; done
  USERDATA+="  bash$NL"
fi

RUN_ARGS+=" --security-groups $SG_NAME"
RUN_ARGS+=" --instance-initiated-shutdown-behavior terminate"

echo "$AWSEC2 run-instances \\$NL$RUN_ARGS \\$NL --user-data \"$USERDATA\" $*"
[[ "$EXIT" ]] && exit 0
sleep 3

date "+#### %F %T : AWS Starting $NAME ..." >&2
# shellcheck disable=SC2086 # expanding $RUN_ARGS is deliberate
ID=$($AWSEC2 run-instances $RUN_ARGS --user-data "$USERDATA" "$@" \
  --query 'Instances[*].InstanceId' --out text)
# See http://jmespath.org/tutorial.html for --query
[[ "$ID" ]] || exit 9 # we failed?

echo "ID=$ID ..."; echo
sleep 2 # give it time to attach a public IP
$AWSEC2 describe-instances --out text --instance-id "$ID" \
| sed -e 's/^ASSOCIATION.*/& # <<<</'

IP=$($AWSEC2 describe-instances --out text --instance-id "$ID" \
  --query 'Reservations[*].Instances[*].PublicIpAddress')

case "$NAME" in
  275*|279*|28*) HEARTBEAT=--heart ;;
esac

echo
date "+#### %F %T : BOOTING" >&2

[[ -x ./discord.sh ]] && \
date "+%F %T $IP: Nebula server requested: $NAME $REGION $INSTANCE_TYPE $IMAGE_ID $EE_VER http://$IP/vnc_lite.html?password=$VNCPASS" \
| TEST=1 ./discord.sh --send

IFS='' read -rd '' MSG <<__EOF__
Your nebula $NAME server with id $ID is booting! Connect with:
  ssh -v -L5900:127.1:5900 -L2010:127.1:2010   ubuntu@$IP
    tail -fn1000 logs/*
  vncviewer 127.1 -passwd ~/.vnc/passwd-artemis 2>/dev/null & # $VNCPASS
  
OR browse to http://$IP/  and use VNC password $VNCPASS
          or http://$IP/vnc_lite.html?password=$VNCPASS

Ask players to connect to $IP

PLEASE PLEASE PLEASE: REMEMBER TO SHUTDOWN WHEN DONE PLAYING!
  Use the button in the bottom-left of the web remote control, or:
  $AWSEC2 terminate-instances --instance-ids $ID
  $AWSEC2 describe-instances --out text
__EOF__

if [[ -f ~/.artemis ]]; then
  sed -i -e '/^ip=/ d'    ~/.artemis
  echo        "ip=$IP" >> ~/.artemis
fi

echo "$MSG"
if [[ "$TEST" ]]
then echo "  ../logger.sh --loop $HEARTBEAT $IP Nebula"
else echo "  (will also announce itself on discord)"
     echo "  ../logger.sh --loop $HEARTBEAT --discord $IP Nebula"
fi

[[ "$BROWSER" ]] && $BROWSER "http://$IP/"

[[ -x /usr/sbin/exim ]] && /usr/sbin/exim -f nebula@noseynick.org -t <<__EOF__
From: nebula@noseynick.org
To: $(echo "nebula@noseynick.org $EMAIL" | sed -e 's/  */, /g')
Subject: Your Nebula server $ID is booting!

$MSG

Cheers -- nebula@noseynick.org
$NEBULA/ - Artemis, in a cloud, get it?

__EOF__