{ config, pkgs, ... }:

#necessary prep work:
# GRANT CONNECT ON DATABASE misskey TO "misskey-backup";
# GRANT SELECT ON ALL TABLES IN SCHEMA public TO "misskey-backup";
# GRANT SELECT ON ALL SEQUENCES IN SCHEMA public TO "misskey-backup";
#
# TODO: automate this cause it needs to be done whenever db schema changes
let
  user = "misskey-backup";
  group = user;

  backupConfigFile = "/etc/misskey-backup/conf";
  s3Cfg = "/etc/misskey-backup/s3cfg";
  backupScript = pkgs.writeShellApplication {
    name = "misskey-backup";

    runtimeInputs = with pkgs; [
      gzip
      config.services.postgresql.package
      s3cmd
      coreutils
      mktemp
    ];

    excludeShellChecks = [ "SC1091" ];

    text = ''
      bucket="$(cat "${backupConfigFile}" | grep 'bucket=' | sed 's/bucket \?= \?')"
      prefix="$(cat "${backupConfigFile}" | grep 'prefix=' | sed 's/prefix \?= \?')"

      s3Dir="s3://$bucket/\$\{prefix}misskey-$(date --iso-8601)"
      echo "Uploading backups to '$s3Dir'"

      echo "Uploading config"
      tar -cz -C /srv/misskey/.config . | s3cmd put --config "${s3Cfg}" - "$s3Dir/config.tar.gz"

      echo "Dumping postgres database..."
      pg_dump misskey | gzip | s3cmd put --config "${s3Cfg}" - "$s3Dir/pg_dump.sql.gz"

      echo "Uploading redis database..."
      tar -cz -C /var/lib/redis-misskey . | s3cmd put --config "${s3Cfg}" - "$s3Dir/redis.tar.gz"

      echo "Backup complete to '$s3Dir'"
    '';
  };
in {
  users.users."${user}" = {
    isSystemUser = true;
    inherit group;
  };
  users.groups."${group}" = { };
  services.postgresql.ensureUsers = [{ name = user; }];

  services.cron = {
    enable = true;
    systemCronJobs = [
      # run every monday at ass in the morning, EST"
      "0 8 0 0 1 ${user} ${backupScript}"
    ];
  };
}