init-system.sh

#!/bin/bash
set -e # Strict Mode: Hentikan eksekusi segera jika ada error (exit code != 0)

# =================================================================
# XARVIONEX SYSTEM INITIALIZER
# Version: 1.5 (Canonical Genesis)
# =================================================================

# Deteksi Lokasi Absolut Skrip ini berada
# Ini menjamin skrip bekerja benar meski dipanggil dari folder lain
BASE_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"

# Definisi Koordinat Vital
DATA_DIR="$BASE_DIR/.data"
ENV_FILE="$BASE_DIR/.env"
EXAMPLE_FILE="$BASE_DIR/.env.example"

# Warna Output untuk Kejelasan Log (AI Parsing Friendly)
GREEN='\033[0;32m'
YELLOW='\033[1;33m'
RED='\033[0;31m'
NC='\033[0m' # No Color

echo -e "${GREEN}[INIT] Starting XARVIONEX Initialization Protocol...${NC}"

# -----------------------------------------------------------------
# PHASE 1: PERSISTENCE LAYER (Data Folder Structure)
# -----------------------------------------------------------------
echo -e "[1/3] Verifying persistence layer..."

# Pastikan folder data ada
if [ ! -d "$DATA_DIR/postgres" ]; then
    echo "      > Creating postgres data volume..."
    mkdir -p "$DATA_DIR/postgres"
fi

if [ ! -d "$DATA_DIR/redis" ]; then
    echo "      > Creating redis data volume..."
    mkdir -p "$DATA_DIR/redis"
fi

# PERMISSION FIX:
# Docker container sering berjalan sebagai user khusus (postgres: 999).
# Kita set permission 777 pada folder data agar container tidak crash karena "Permission Denied".
# Dalam production enterprise, ini bisa diperketat ke UID spesifik, tapi 777 adalah
# solusi paling robust untuk universal deployment (Dev/Termux/VPS).
chmod -R 777 "$DATA_DIR"
echo "      > Permissions set for Docker volumes."

# -----------------------------------------------------------------
# PHASE 2: CONFIGURATION & SECRETS (Environment)
# -----------------------------------------------------------------
echo -e "[2/3] Checking environment configuration..."

if [ -f "$ENV_FILE" ]; then
    echo -e "${YELLOW}      > .env file detected. Skipping generation to preserve state.${NC}"
    echo "      > If you want to reset, delete .env and run this again."
else
    echo "      > .env not found. Generating from blueprint..."
    
    # Cek Prasyarat
    if [ ! -f "$EXAMPLE_FILE" ]; then
        echo -e "${RED}[FATAL] .env.example not found! Blueprint is missing.${NC}"
        exit 1
    fi

    # Copy Template
    cp "$EXAMPLE_FILE" "$ENV_FILE"
    
    # -------------------------------------------------------------
    # AUTO-KEYGEN (The AI Autonomy Layer)
    # Menghasilkan rahasia kriptografi tanpa interaksi manusia.
    # -------------------------------------------------------------
    echo "      > Generating unique cryptographic secrets..."
    
    # Generate random hex strings
    GEN_DB_PASS=$(openssl rand -hex 16)
    GEN_CORE_KEY=$(openssl rand -hex 32)
    GEN_SALT=$(openssl rand -hex 16)
    GEN_TG_TOKEN="PLACEHOLDER_CHANGE_MANUALLY" # Token eksternal tidak bisa di-generate
    GEN_LEMON_SECRET="PLACEHOLDER_CHANGE_MANUALLY"

    # Inject ke .env menggunakan sed (Cross-platform Linux/MacOS compat)
    # Kita gunakan separator '|' untuk menghindari konflik jika ada karakter '/'
    sed -i.bak "s|CHANGE_ME_DB_PASS|$GEN_DB_PASS|g" "$ENV_FILE"
    sed -i.bak "s|CHANGE_ME_CORE_KEY|$GEN_CORE_KEY|g" "$ENV_FILE"
    sed -i.bak "s|CHANGE_ME_SALT|$GEN_SALT|g" "$ENV_FILE"
    
    # Hapus file backup sed (.bak) agar bersih
    rm -f "$ENV_FILE.bak"
    
    echo -e "${GREEN}      > Secrets injected successfully.${NC}"
    echo -e "${YELLOW}      > REMINDER: You must manually edit .env to set TELEGRAM_TOKEN.${NC}"
fi

# -----------------------------------------------------------------
# PHASE 3: FINAL CHECK
# -----------------------------------------------------------------
echo -e "[3/3] Finalizing..."

# Pastikan skrip ini executable (self-correction)
chmod +x "$BASE_DIR/init-system.sh"

echo -e "${GREEN}[DONE] System initialized. Ready for ignition.${NC}"
exit 0