#!/usr/bin/perl
#
# update-index:
# Create Debian repository index files.
#

use strict;
use warnings;
use Sys::Hostname;

unless (@ARGV && $ARGV[0] eq "--no-host-check") {
    # Sanity check - are we on the right host?
    die "Run on primary only - this looks like a replica.\n" if (-e "/etc/cron.daily/sync-debian-mysociety-org");
}

my $DISTRO=qx(/usr/bin/lsb_release -sc);
chomp $DISTRO;
my $GPG_OPTS = "--batch --pinentry-mode loopback";

my $REPO_BASE='/data/vhost/debian.mysociety.org/docs';
chdir $REPO_BASE or die $!;

my $DATE=`date -R -u`;
chomp $DATE;

my %releases;

foreach my $i (glob 'dists/*/*/binary-*') {
    print "Generating Packages files for: $i\n";
    system "dpkg-scanpackages -m $i > $i/Packages.new && mv $i/Packages.new $i/Packages || rm $i/Packages.new";
    system "gzip -9c $i/Packages > $i/Packages.gz.new && mv $i/Packages.gz.new $i/Packages.gz || rm $i/Packages.gz.new";

    print "Generating Release file for: $i\n";
    my ($dists, $release, $component, $arch)=split /\//, $i;
    $arch=~s/^binary-//;
    open RELEASE, ">$i/Release.new" or die "can't create new Release file: $!";
    print RELEASE "Archive: $release\n";
    print RELEASE "Component: $component\n";
    print RELEASE "Origin: mySociety\n";
    print RELEASE "Label: mySociety\n";
    print RELEASE "Architecture: $arch\n";
    print RELEASE "Date: $DATE\n";
    close RELEASE;
    rename "$i/Release.new", "$i/Release";
    system "/usr/bin/gpg $GPG_OPTS --yes --sign --armor --detach-sig --passphrase-file /data/vhost/debian.mysociety.org/signing_key_passphrase --digest-algo SHA256 --output $i/Release.gpg $i/Release";

    push @{$releases{$release}{'components'}}, $component;
    push @{$releases{$release}{'archs'}}, $arch;
}

foreach my $i (glob 'dists/*/*/source') {
	print "Generating Sources files for: $i\n";
	system "dpkg-scansources $i > $i/Sources.new && mv $i/Sources.new $i/Sources || rm $i/Sources.new";
    system "gzip -9c $i/Sources > $i/Sources.gz.new && mv $i/Sources.gz.new $i/Sources.gz || rm $i/Sources.gz.new";
}

foreach my $i (keys %releases) {
    print "Generating Release file for $i repo\n";
    chdir "$REPO_BASE/dists/$i" or die $!;

    open RELEASE, ">Release.new" or die "can't create new Release file: $!";
    print RELEASE "Origin: mySociety\n";
    print RELEASE "Label: mySociety\n";
    print RELEASE "Codename: $i\n";
    print RELEASE "Date: $DATE\n";
    print RELEASE "Components: ".join(' ', @{$releases{$i}{'components'}})."\n";
    print RELEASE "Architectures: ".join(' ', @{$releases{$i}{'archs'}})."\n";
    print RELEASE "MD5Sum:\n";
    foreach my $file (glob '*/*/{Sources*,Release*,Packages*}') {
        my $md5sum=`md5sum $file`;
        $md5sum=~s/ .*$//;
        chop $md5sum;
        my @st=stat $file;
        print RELEASE " $md5sum $st[7] $file\n";
    }
    print RELEASE "SHA256:\n";
    foreach my $file (glob '*/*/{Sources*,Release*,Packages*}') {
        my $sha256=`sha256sum $file`;
        $sha256=~s/ .*$//;
        chop $sha256;
        my @st=stat $file;
        print RELEASE " $sha256 $st[7] $file\n";
    }
    close RELEASE;
    rename "Release.new", "Release";
    system "/usr/bin/gpg $GPG_OPTS --yes --sign --armor --detach-sig --passphrase-file /data/vhost/debian.mysociety.org/signing_key_passphrase --digest-algo SHA256 --output Release.gpg Release";
}
