Vagrantfile

# -*- mode: ruby -*-
# vi: set ft=ruby :

# Detect the host's IP address to use the same network
require 'socket'
host_ip = Socket.ip_address_list
  .select { |addr| addr.ipv4? && !addr.ipv4_loopback? }
  .map(&:ip_address)
  .first || "192.168.1.1"

puts "Host IP detected : #{host_ip}"
puts "VM will get its own IP via DHCP on the same network"

Vagrant.configure("2") do |config|
  # Oracle Linux 8 official box
  config.vm.box = "oraclelinux/8"
  config.vm.box_url = "https://oracle.github.io/vagrant-projects/boxes/oraclelinux/8.json"

  config.vm.hostname = "tickify-oraclelinux"

  # Port forwarding - accessible from all interfaces on host
  config.vm.network "forwarded_port", guest: 80, host: 80, host_ip: "0.0.0.0"
  config.vm.network "forwarded_port", guest: 3000, host: 3000, host_ip: "0.0.0.0"

  # Bridged network - VM gets its own IP from the router (same network as host)
  config.vm.network "public_network"

  # VirtualBox provider settings
  config.vm.provider "virtualbox" do |vb|
    vb.name = "Tickify-OracleLinux"
    vb.memory = 4096
    vb.cpus = 2
  end

  # Provisioning script
  config.vm.provision "shell", inline: <<-SHELL
    # Don't use set -e so partial failures don't kill the whole setup

    APP_DIR="/opt/tickify"
    APP_USER="tickify"
    APP_PORT=3000
    TICKIFY_REPO="https://github.com/Letsoperate/Tickify-Amin.git"

    echo "========================================"
    echo "  Tickify - Oracle Linux 8 Full Setup"
    echo "========================================"
    echo

    # ============================================================
    # 1. UPDATE SYSTEM & INSTALL UTILITIES
    # ============================================================
    echo "[1/9] Updating system and installing utilities..."
    dnf update -y
    dnf install -y git curl wget vim net-tools
    echo

    # ============================================================
    # 2. INSTALL JAVA 17
    # ============================================================
    echo "[2/9] Installing Java 17..."
    if command -v java &>/dev/null; then
        JAVA_VER=$(java -version 2>&1 | head -1)
        echo "  Java already installed: $JAVA_VER"
    else
        dnf install -y java-17-openjdk java-17-openjdk-devel
        echo "  Java 17 installed successfully."
    fi
    echo

    # ============================================================
    # 3. INSTALL ORACLE DATABASE XE 21c
    # ============================================================
    echo "[3/9] Installing Oracle Database XE 21c..."

    # Install preinstall package (sets up oracle user, kernel params, etc.)
    dnf install -y oracle-database-preinstall-21c || true

    # Download and install Oracle Database XE 21c RPM
    ORACLE_XE_RPM="oracle-database-xe-21c-1.0-1.ol8.x86_64.rpm"
    ORACLE_INSTALLED=false
    if rpm -q oracle-database-xe-21c &>/dev/null; then
        echo "  Oracle Database XE 21c already installed."
        ORACLE_INSTALLED=true
    else
        echo "  Downloading Oracle Database XE 21c RPM (this is ~2.5GB, be patient)..."
        # Try primary Oracle download URL
        wget --progress=bar:force --no-check-certificate -O /tmp/$ORACLE_XE_RPM \
            "https://download.oracle.com/otn-pub/otn_software/db-express/$ORACLE_XE_RPM" 2>&1
        if [ -f /tmp/$ORACLE_XE_RPM ] && [ $(stat -c%s /tmp/$ORACLE_XE_RPM 2>/dev/null || echo 0) -gt 1000000 ]; then
            echo "  Download complete. Installing Oracle Database XE 21c..."
            dnf install -y /tmp/$ORACLE_XE_RPM
            if [ $? -eq 0 ]; then
                ORACLE_INSTALLED=true
                echo "  Oracle XE installed successfully."
            else
                echo "  [WARN] Oracle XE RPM install failed."
            fi
            rm -f /tmp/$ORACLE_XE_RPM
        else
            echo "  [WARN] Oracle XE RPM download failed or incomplete."
            echo "  You can manually install it later."
            rm -f /tmp/$ORACLE_XE_RPM
        fi
    fi

    # Configure Oracle DB only if installed
    if [ "$ORACLE_INSTALLED" = true ]; then
        echo "  Configuring Oracle Database..."
        export ORACLE_PASSWORD="system"
        /etc/init.d/oracle-xe-21c configure <<DBCONF
${ORACLE_PASSWORD}
${ORACLE_PASSWORD}
DBCONF

        # Set Oracle environment variables (persist across reboots)
        cat > /etc/profile.d/oracle.sh <<'EOF'
export ORACLE_HOME=/opt/oracle/product/21c/dbhomeXE
export ORACLE_SID=XE
export PATH=$ORACLE_HOME/bin:$PATH
export LD_LIBRARY_PATH=$ORACLE_HOME/lib:$LD_LIBRARY_PATH
EOF
        chmod +x /etc/profile.d/oracle.sh
        source /etc/profile.d/oracle.sh

        # Enable Oracle DB to start automatically on boot
        systemctl enable oracle-xe-21c
        systemctl start oracle-xe-21c

        # Configure Oracle listener to accept remote connections
        su - oracle -c "lsnrctl stop" || true
        sed -i 's/HOST = localhost/HOST = 0.0.0.0/' /opt/oracle/product/21c/dbhomeXE/network/admin/listener.ora || true
        su - oracle -c "lsnrctl start" || true
        echo "  Oracle DB configured and running."
    else
        echo "  [SKIP] Oracle DB not installed - skipping configuration."
        echo "  Tickify will use file-based storage as fallback."
    fi
    echo

    # ============================================================
    # 4. CREATE TICKIFY USER
    # ============================================================
    echo "[4/9] Setting up application user..."
    if id "$APP_USER" &>/dev/null; then
        echo "  User '$APP_USER' already exists."
    else
        useradd -r -m -d "$APP_DIR" -s /bin/bash "$APP_USER"
        echo "  Created system user: $APP_USER"
    fi
    echo

    # ============================================================
    # 5. CLONE & DEPLOY TICKIFY APPLICATION
    # ============================================================
    echo "[5/9] Cloning and deploying Tickify application..."
    mkdir -p "$APP_DIR"

    # Wait for network/DNS to be ready (bridged adapter can be slow)
    echo -n "  Waiting for network..."
    for i in $(seq 1 30); do
        if ping -c 1 -W 2 github.com &>/dev/null; then
            echo " OK"
            break
        fi
        echo -n "."
        sleep 2
    done
    echo

    # Clone the repository
    if [ -d "$APP_DIR/repo/.git" ]; then
        echo "  Repository already cloned, pulling latest..."
        cd "$APP_DIR/repo"
        git pull origin main || true
    else
        rm -rf "$APP_DIR/repo"
        git clone "$TICKIFY_REPO" "$APP_DIR/repo"
        if [ $? -ne 0 ]; then
            echo "  [WARN] Clone failed. Waiting 10s and retrying..."
            sleep 10
            git clone "$TICKIFY_REPO" "$APP_DIR/repo"
        fi
    fi

    # Deploy project files — repo is flat (compile.sh, run.sh, src/ at root)
    if [ -d "$APP_DIR/repo/src" ]; then
        mkdir -p "$APP_DIR/admin-console"
        cp -r "$APP_DIR/repo"/* "$APP_DIR/admin-console/"
        cp "$APP_DIR/repo/.gitignore" "$APP_DIR/admin-console/" 2>/dev/null || true
        echo "  Copied repo files to $APP_DIR/admin-console/"
    else
        echo "  [ERROR] src/ not found in cloned repo!"
        echo "  Contents of repo dir:"
        ls -la "$APP_DIR/repo/" 2>/dev/null || echo "  Repo directory does not exist!"
    fi

    # Ensure data directory exists
    mkdir -p "$APP_DIR/admin-console/data"

    # Fix run.sh syntax error: 'for jar in glob 2>/dev/null' is invalid bash
    if [ -f "$APP_DIR/admin-console/run.sh" ]; then
        sed -i 's|for jar in lib/ojdbc\*.jar 2>/dev/null; do|for jar in $(ls lib/ojdbc*.jar 2>/dev/null); do|' "$APP_DIR/admin-console/run.sh"
    fi

    # Set permissions
    chown -R "$APP_USER:$APP_USER" "$APP_DIR"
    chmod +x "$APP_DIR/admin-console/compile.sh" 2>/dev/null || true
    chmod +x "$APP_DIR/admin-console/run.sh" 2>/dev/null || true

    echo "  Deployed to $APP_DIR"
    echo

    # ============================================================
    # 5b. INSTALL ORACLE JDBC DRIVER (ojdbc8.jar)
    # ============================================================
    echo "[5b] Installing Oracle JDBC driver..."
    mkdir -p "$APP_DIR/admin-console/lib"
    if [ -f /opt/oracle/product/21c/dbhomeXE/jdbc/lib/ojdbc8.jar ]; then
        cp /opt/oracle/product/21c/dbhomeXE/jdbc/lib/ojdbc8.jar "$APP_DIR/admin-console/lib/"
        echo "  Copied ojdbc8.jar from Oracle installation."
    elif [ "$ORACLE_INSTALLED" = true ]; then
        OJDBC_PATH=$(find /opt/oracle -name "ojdbc8.jar" 2>/dev/null | head -1)
        if [ -n "$OJDBC_PATH" ]; then
            cp "$OJDBC_PATH" "$APP_DIR/admin-console/lib/"
            echo "  Copied ojdbc8.jar from $OJDBC_PATH"
        fi
    fi
    if [ ! -f "$APP_DIR/admin-console/lib/ojdbc8.jar" ]; then
        echo "  ojdbc8.jar not found locally. Downloading from Maven Central..."
        wget -q --no-check-certificate -O "$APP_DIR/admin-console/lib/ojdbc8.jar" \
            "https://repo1.maven.org/maven2/com/oracle/database/jdbc/ojdbc8/21.9.0.0/ojdbc8-21.9.0.0.jar" 2>/dev/null || true
    fi
    if [ -f "$APP_DIR/admin-console/lib/ojdbc8.jar" ]; then
        OJDBC_SIZE=$(stat -c%s "$APP_DIR/admin-console/lib/ojdbc8.jar" 2>/dev/null || echo 0)
        if [ "$OJDBC_SIZE" -gt 100000 ]; then
            chown "$APP_USER:$APP_USER" "$APP_DIR/admin-console/lib/ojdbc8.jar"
            echo "  ojdbc8.jar ready in lib/ ($OJDBC_SIZE bytes)"
        else
            rm -f "$APP_DIR/admin-console/lib/ojdbc8.jar"
            echo "  [WARN] ojdbc8.jar download incomplete. App will use file-based storage."
        fi
    else
        echo "  [WARN] Could not obtain ojdbc8.jar. App will use file-based storage."
    fi
    echo

    # ============================================================
    # 6. COMPILE JAVA BACKEND
    # ============================================================
    echo "[6/9] Compiling Java backend..."
    cd "$APP_DIR/admin-console"
    sudo -u "$APP_USER" bash compile.sh
    echo

    # ============================================================
    # 7. SETUP SYSTEMD SERVICE (tickify.service)
    # ============================================================
    echo "[7/9] Setting up systemd service..."

    cat > /etc/systemd/system/tickify.service << EOF
[Unit]
Description=Tickify Campus Event Ticketing Server
After=network.target oracle-xe-21c.service
Wants=network.target

[Service]
Type=simple
User=$APP_USER
Group=$APP_USER
WorkingDirectory=$APP_DIR/admin-console
Environment=JAVA_HOME=/usr/lib/jvm/java-17-openjdk
ExecStart=/bin/bash $APP_DIR/admin-console/run.sh --port $APP_PORT --db-url jdbc:oracle:thin:@localhost:1521:XE --db-user system --db-pass system
Restart=always
RestartSec=10
StandardOutput=journal
StandardError=journal
SyslogIdentifier=tickify

# Security hardening
NoNewPrivileges=true
ProtectSystem=full
ReadWritePaths=$APP_DIR
ProtectHome=true

[Install]
WantedBy=multi-user.target
EOF

    systemctl daemon-reload
    systemctl enable tickify.service
    echo "  Service created and enabled: tickify.service"
    echo

    # ============================================================
    # 8. INSTALL & CONFIGURE APACHE (httpd) AS REVERSE PROXY
    # ============================================================
    echo "[8/9] Installing and configuring Apache (httpd)..."

    # Install httpd and mod_ssl
    dnf install -y httpd mod_ssl

    # Create Apache reverse proxy config inline (repo has no deploy/ dir)
    VM_IP=$(ip -4 addr show | grep 'inet ' | grep -v '127.0.0.1' | grep -v '10.0.2.' | awk '{print $2}' | cut -d/ -f1 | head -1)
    cat > /etc/httpd/conf.d/tickify.conf << APACHECONF
<VirtualHost *:80>
    ServerName ${VM_IP}

    ProxyPreserveHost On
    ProxyRequests Off

    # Proxy all requests to Tickify Java backend
    ProxyPass / http://127.0.0.1:${APP_PORT}/
    ProxyPassReverse / http://127.0.0.1:${APP_PORT}/

    ErrorLog /var/log/httpd/tickify-error.log
    CustomLog /var/log/httpd/tickify-access.log combined
</VirtualHost>
APACHECONF
    echo "  Apache config created for ServerName: $VM_IP"

    # Set SELinux to allow httpd to connect to network (for reverse proxy)
    if command -v setsebool &>/dev/null; then
        setsebool -P httpd_can_network_connect 1 2>/dev/null || true
        echo "  SELinux: httpd_can_network_connect enabled"
    fi

    # Enable Apache
    systemctl enable httpd
    echo "  Apache httpd configured and enabled."
    echo

    # ============================================================
    # 9. CONFIGURE FIREWALL
    # ============================================================
    echo "[9/9] Configuring firewall..."
    if command -v firewall-cmd &>/dev/null; then
        firewall-cmd --permanent --add-service=http 2>/dev/null || true
        firewall-cmd --permanent --add-service=https 2>/dev/null || true
        firewall-cmd --permanent --add-port=1521/tcp 2>/dev/null || true
        firewall-cmd --permanent --add-port=$APP_PORT/tcp 2>/dev/null || true
        firewall-cmd --reload 2>/dev/null || true
        echo "  Firewall: HTTP (80), HTTPS (443), Oracle (1521), Java ($APP_PORT) opened."
    else
        echo "  firewalld not found. Manually open ports if needed."
    fi
    echo

    # ============================================================
    # START ALL SERVICES
    # ============================================================
    echo "Starting services..."

    # Wait for Oracle DB to be fully ready before starting Tickify
    if [ "$ORACLE_INSTALLED" = true ]; then
        echo -n "  Waiting for Oracle DB to be ready..."
        for i in $(seq 1 60); do
            if su - oracle -c "echo 'SELECT 1 FROM DUAL;' | sqlplus -S system/system@localhost:1521/XE" 2>/dev/null | grep -q '1'; then
                echo " OK"
                break
            fi
            echo -n "."
            sleep 2
        done
        echo
    fi

    systemctl start httpd
    systemctl start tickify
    echo

    # ============================================================
    # VERIFY SERVICES ARE RUNNING
    # ============================================================
    echo "Verifying services..."
    echo

    # Wait for Tickify admin console to come up (max 30 seconds)
    echo -n "  Waiting for Admin Console on port $APP_PORT"
    for i in $(seq 1 30); do
        if curl -s -o /dev/null -w '' http://127.0.0.1:$APP_PORT/admin/ 2>/dev/null; then
            echo " OK"
            break
        fi
        echo -n "."
        sleep 1
    done
    echo

    # Check each service
    TICKIFY_STATUS=$(systemctl is-active tickify 2>/dev/null || echo "inactive")
    HTTPD_STATUS=$(systemctl is-active httpd 2>/dev/null || echo "inactive")
    ORACLE_STATUS=$(systemctl is-active oracle-xe-21c 2>/dev/null || echo "inactive")

    # Check HTTP responses
    ADMIN_DIRECT=$(curl -s -o /dev/null -w '%{http_code}' http://127.0.0.1:$APP_PORT/admin/ 2>/dev/null || echo "000")
    ADMIN_APACHE=$(curl -s -o /dev/null -w '%{http_code}' http://127.0.0.1/admin/ 2>/dev/null || echo "000")

    echo "  tickify.service  : $TICKIFY_STATUS"
    echo "  httpd.service    : $HTTPD_STATUS"
    echo "  oracle-xe-21c    : $ORACLE_STATUS"
    echo "  Admin (direct)   : HTTP $ADMIN_DIRECT"
    echo "  Admin (Apache)   : HTTP $ADMIN_APACHE"

    # If tickify failed, show the logs
    if [ "$TICKIFY_STATUS" != "active" ]; then
        echo
        echo "  [WARN] tickify service is not running. Checking logs..."
        journalctl -u tickify --no-pager -n 20
    fi
    echo

    # ============================================================
    # DONE - SUMMARY
    # ============================================================
    VM_IP=$(ip -4 addr show | grep 'inet ' | grep -v '127.0.0.1' | grep -v '10.0.2.' | awk '{print $2}' | cut -d/ -f1 | head -1)

    echo ""
    echo "########################################################"
    echo "#                                                      #"
    echo "#   TICKIFY ADMIN CONSOLE IS RUNNING AT:               #"
    echo "#                                                      #"
    echo "#   >>> http://${VM_IP}/admin/                    "
    echo "#                                                      #"
    echo "#   Direct: http://${VM_IP}:${APP_PORT}/admin/   "
    echo "#                                                      #"
    echo "########################################################"
    echo ""
    echo "========================================"
    echo "  Tickify - Oracle Linux 8 VM is ready!"
    echo "========================================"
    echo
    echo "  VM IP address: ${VM_IP}"
    echo
    echo "  --- All Application URLs ---"
    echo "    Admin Console : http://${VM_IP}/admin/"
    echo "    Client Site   : http://${VM_IP}/client/"
    echo "    Scanner       : http://${VM_IP}/scanner/"
    echo "    API           : http://${VM_IP}/api/"
    echo
    echo "  --- Oracle Database XE 21c ---"
    echo "    Host:     ${VM_IP}:1521"
    echo "    SID:      XE"
    echo "    PDB:      XEPDB1"
    echo "    Username: system"
    echo "    Password: system"
    echo "    Connect:  sqlplus system/system@${VM_IP}:1521/XEPDB1"
    echo
    echo "  --- Service Commands ---"
    echo "    sudo systemctl start|stop|restart|status tickify"
    echo "    sudo journalctl -u tickify -f"
    echo "    sudo systemctl start|stop|restart|status httpd"
    echo "    sudo systemctl start|stop|restart|status oracle-xe-21c"
    echo
    echo "  --- Config Files ---"
    echo "    Apache:  /etc/httpd/conf.d/tickify.conf"
    echo "    Service: /etc/systemd/system/tickify.service"
    echo "    App:     /opt/tickify/"
    echo
    echo "  --- Apache Logs ---"
    echo "    Access: /var/log/httpd/tickify-access.log"
    echo "    Error:  /var/log/httpd/tickify-error.log"
    echo "========================================"
  SHELL
end