#!/bin/bash
# shellcheck disable=SC1090
# .bashrc bash start script
# (c) Pcht 2007-2020
# may work on multiple hosts with different OS (Debian, Arch)
# 
# If not running interactively, don't do anything
[ -z "$PS1" ] && return
echo ">> .bashrc"

export LANG=en_US.UTF-8

# history : don't put duplicate lines in the history. Ignore line begin with space
export HISTCONTROL=ignoredups:ignorespace
# ... add timestamp
export HISTTIMEFORMAT="[%d/%m/%Y %H:%M:%S] "
### append history to file
shopt -s histappend
### check before use history command (like !!)
shopt -s histverify

# check the window size after each command and, if necessary,
# update the values of LINES and COLUMNS.
shopt -s checkwinsize

## autocd
shopt -s autocd

# make less more friendly for non-text input files, see lesspipe(1)
[ -x /usr/bin/lesspipe ] && eval "$(lesspipe)"

# LESS options
export LESS="-FRX"

# very basic prompt -- more in .bash_prompt
PROMPT_COMMAND='PS1="[\u@\h] -- \w  "; echo -ne "\033]0;${USER}@${HOSTNAME}: ${PWD/$HOME/~}\007"'

# I love google-chrome :)
# export BROWSER=google-chrome
# FIXME just do it once
# xdg-settings set default-web-browser google-chrome.desktop
# but w3m is lighter
export BROWSER=w3m
# ... and vim is the Best
export EDITOR=vim

export PAGER=less
# very min bash aliases
alias ls='ls -F --color'
alias l='ls -l'
alias ll='ls -al'
alias wa='ssh warhol'

#
# bash stuff
# 
test -f ~/.bash_aliases && source ~/.bash_aliases
test -f ~/.bash_prompt && source ~/.bash_prompt
eval "$(dircolors ~/.dircolors)"
# shellcheck disable=SC2046
test -f ~/.dircolors && eval $(dircolors ~/.dircolors)
test -d ~/dotfiles/bash_completion && { 
    for f in ~/dotfiles/bash_completion/*.bash; 
    do 
		# echo "BASH completion $f"
		source "$f" 
    done; 
}


export MANPAGER="less -R --use-color -Dsc -Dk+r -Dd+g -Du+c -DPgb -DEbR"
export MANROFFOPT="-P -c"

# make less more friendly for non-text input files, see lesspipe(1)
[ -x /usr/bin/lesspipe.sh ] && eval "$(lesspipe.sh)"
# startship
# https://starship.rs/
type -t starship >/dev/null && { 
    eval "$(starship init bash)"
    eval "$(starship completions bash)"
}


#==--  archlinux --==#
# command not find
# shellcheck disable=SC1091
test -f /usr/share/doc/pkgfile/command-not-found.bash && source /usr/share/doc/pkgfile/command-not-found.bash

### .local stuffs
# manpath
export MANPATH=$HOME/.local/share/man:
# path for updatedn / locate
# export LOCATE_PATH=$HOME/.local/share/locate
# test -d "$LOCATE_PATH" || mkdir -p "$LOCATE_PATH"

# added by Nix installer
# od it in .bash_profile if [ -e /home/patrick/.nix-profile/etc/profile.d/nix.sh ]; then . /home/patrick/.nix-profile/etc/profile.d/nix.sh; fi 

# tmux dirty hack : TERM and SSH_AGENT_PID
# test -n "$TMUX" && export TERM="xterm-256color"

# use gpg-agent for gpg 
# from gpg-agent(1)
# if [ -f "~/.gnupg/.gpg-agent-info" ]; then
# 	. "~/.gnupg/.gpg-agent-info"
# 	export GPG_AGENT_INFO
# 	# export SSH_AUTH_SOCK
# fi
# GPG_TTY=$(tty)
# export GPG_TTY

# fuzzyFinder FIXME bloque la completion
[ -f ~/.fzf.bash ] && source ~/.fzf.bash

### tuir / fork of rtv : reddit terminal Viewer
export TUIR_BROWSER=urlportal.sh
export TUIR_URLVIEWER=urlview

# XDG
export XDG_MUSIC_DIR=~/perso/Musique/

### PATH ##################################################
# see ~/devel/dotfiles/bashrc_func

# _append_path [ -r ] <path> <dir>
# return 
#	0: ok
#	1: error
#	?: dir already in path
function _append_path() {
    local append_infront=0
    if test "$1" = '-r'
    then
	append_infront=1
	shift
    fi
    local path="$1"
    local str="$2"
    test -n "$str" || { echo "$path"; return 0; }
    test -z "$path" && 
	{
	    echo "$str"
	    return 0
	}
    if echo "$path" | grep -q "$str"
    then
	echo "$path" 
    else
	if test $append_infront = 1
	then
	    echo "$str:$path"
	else
	    echo "$path:$str"
	fi
    fi
    return 0
}

# _prepend_path <path> <dir>
function _prepend_path() { _append_path -r "$1" "$2"; }

### rust
test -d "$HOME/.cargo/bin" && PATH=$(_prepend_path "$PATH" "$HOME/.cargo/bin")

### golang - default is $HOME/go/bin
export GOPATH="$HOME/go"
test -d "$HOME"/go/bin && PATH=$(_prepend_path "$PATH" "$HOME/go/bin")
type -t buffalo > /dev/null 2>&1 && eval "$(buffalo completion bash)"

function bt {
	echo "bash bt $*"
	local opt=
	test "$#" -ne 0 && opt="-m ""$*"
	# shellcheck disable=SC2086
	buffalo test $opt | _gotestcolored | less -RF
}
function btv {
	echo "bash btv $*"
	local opt=
	test "$#" -ne 0 && opt="-m ""$*"
	# shellcheck disable=SC2086
	buffalo test -v $opt | _gotestcolored | less -RF
}

# host specific bash
test -r "$HOME/.bashrc-${HOSTNAME}" && source "$HOME/.bashrc-${HOSTNAME}"

# and in front, my scripts
PATH=$(_prepend_path "$PATH" ".:$HOME/bin:$HOME/.local/bin")

# ruby gem PATH
PATH=$(_append_path "$PATH" /home/patrick/.gem/ruby/3.0.0/bin)

# dont modify PATH below
export PATH

# TERM 
# echo "   TERM=$TERM ($(tput colors) colors)"
# echo "   DISPLAY=$DISPLAY"

#
# SSH
#
# ssh-add
# from https://www.revsys.com/tidbits/ssh_auth_sock-tmux-and-you/
function _check_ssh_agent() {
    ssh-add -l
}

# function set_ssh_agent() {
# 	declare -g SSH_AUTH_SOCK
#     echo "-> play with ssh-add"

#     local SAS=${SSH_AUTH_SOCK}
#     echo "   export SSH_AUTH_SOCK=$SAS"
#     export SSH_AUTH_SOCK=$SAS

#     if _check_ssh_agent 
#     then
# 	echo "   ssh-agent OK : set SSH_AUTH_SOCK"
# 	SSH_AUTH_SOCK=${HOME}/.ssh/ssh_auth_sock
#     fi
#     if ! _check_ssh_agent 
#     then
# 	echo "   ssh-agent KO : link to $SAS"

# 	ln -sf "${SAS}" "$HOME"/.ssh/ssh_auth_sock
#     fi
# }
# set_ssh_agent

# find le last ssh-agent and export as SSH_AUTH_SOCK
# /!\ Dont launch at login
function _ssh_agent2 () {
	local pid f
	pid=$(pgrep --newest ssh-[a]gent)
	test $? = 0 || { echo "  Cant find process ssh-[a]gent";return 1; }
	# echo "[D] pid=$pid"
	f=$(sudo lsof -F n -p "$pid" -a -U | grep ^n | head -1)
	test $? = 0 || { echo "Cant find lsof ssh-agent [pid=$pid]";return 1; }
	# echo "[D] lsof=$f"
	f=${f:1}
	f=$(awk '{print $1}' <<<"$f")
	# echo "[D] lsof|awk =$f"
	# f=$(sudo lsof -p "$pid"  | grep 'unix.*type=STREAM' | awk '{print $9}')
	test -S "$f" || { echo "Cant find unix socket $f of ssh-agent [pid=$pid]"; return 1; }
	export SSH_AUTH_SOCK="$f"
	# echo "   (new) export SSH_AUTH_SOCK=$SSH_AUTH_SOCK"
}


function u () {
	local o="$SSH_AUTH_SOCK"
	echo "   export SSH_AUTH_SOCK=$SSH_AUTH_SOCK"
	_ssh_agent2
	test "$o" = "$SSH_AUTH_SOCK" || echo "   (new) export SSH_AUTH_SOCK=$SSH_AUTH_SOCK"
}

#
# SSH_ASKPASS
#
# if test -f /usr/lib/ssh/x11-ssh-askpass 
# then 
#     export SSH_ASKPASS=/usr/lib/ssh/x11-ssh-askpass 
#     echo "-> play with SSH_ASKPASS"
# elif test -f /usr/lib/openssh/x11-ssh-askpass
# then 
#     export SSH_ASKPASS=/usr/lib/openssh/x11-ssh-askpass
#     echo "-> play with SSH_ASKPASS"
# fi

# mkcd
function mkcd {
    test -n "$1" || return 1
    if test -d "$1"
    then
	echo "dir '$1' already exists"
	cd "$1" || { echo "Cant cd to $1"; return 1; }
    elif test -f "$1"
    then
	echo "file '$1' already exists"
    else
	mkdir -p "$1"
	cd "$1" || { echo "Cant cd to $1"; return 1; }
    fi
}

function mkdev () {
    test -n "$1" || { echo Missing argument; return 1; }
    test -f "$HOME/devel/$1" && { echo "file $HOME/devel/$1 already exists"; return 1; }
    test -d "$HOME/devel/$1" || mkdir "$HOME/devel/$1" 
    cd "$HOME/devel/$1" || { echo "Cant cd to $HOME/devel/$1"; return 1; }
}

function cdev () {
	cd "$HOME/devel/$1" || { echo "Cant cd to $HOME/devel/$1"; return 1; }
}

function clean_comment () {
    local opts
    test "$1" -eq "-i" && { opts='-i';shift; }
    test -n "$1" || { echo Missing argument; return 1; }
    sed $opts '/^#/d;s/#.*$//;/^ *$/d' "$1"
}

function faint () {
# echo as faint
	test -n "$1" || return 0
	echo -e "\e[2m$*\e[m"
}

#
# openssl
#
# https://www.sslshopper.com/article-most-common-openssl-commands.html


# chech all cert/key/csr
function openssl_check_all {
	local file="$1"
	__openssl_check_all "$file"
	
	local file2;file2=${file//./_}
	test "$file" = "$file2" && return 0
	file="$file2"
	__openssl_check_all "$file2"
}
__openssl_check_all () {
	test -e "${1}.csr" && openssl_check_csr "${1}.csr"
	test -e "${1}.cert" && openssl_check_cert "${1}.cert"
	test -e "${1}.cer" && openssl_check_cert "${1}.cer"
	test -e "${1}.crt" && openssl_check_cert "${1}.crt"
	test -e "${1}.pem" && openssl_check_cert "${1}.pem"
	test -e "${1}.key" && openssl_check_key "${1}.key"
}


# check Certificate Signing Request file
function openssl_check_csr {
    test -f "$1" || { echo "Usage: $(basename "$0") <csr_file>"; return 1; }
    faint "# openssl req -noout -text -verify -in $1"
    openssl req -noout -text -verify -in "$1" | grep Subject:
    faint "# openssl req -noout -modulus -in $1 | openssl md5 "
    openssl req -noout -modulus -in "$1"  | openssl md5
}

# check certificate file
function openssl_check_cert {
    test -f "$1" || { echo "Usage: $(basename "$0") <cert_file>"; return 1; }
    faint "# openssl x509 -noout -dates -in $1"
    openssl x509 -noout -dates -in "$1"
    faint "# openssl x509 -noout -modulus -in $1  | openssl md5"
    openssl x509 -noout -modulus -in "$1"  | openssl md5
}

# check private key file
function openssl_check_key {
    test -f "$1" || { echo "Usage: $(basename "$0") <privatekey_file>"; return 1; }
    faint "# openssl rsa -modulus -noout -in $1 | openssl md5"
    openssl rsa -modulus -noout -in "$1" | openssl md5
}

# check https site
function openssl_check_https {
    test -n "$1" || { echo "Usage: $(basename "$0") mon.site.example.com"; return 1; }
    faint "# openssl s_client -servername $1 -connect $1:443 "
    openssl s_client -servername "$1" -connect "$1:443" < /dev/null
}

# check ssl/tls site
function openssl_check_protocol {
    test -n "$1" || { echo "Usage: $(basename "$0") mon.site.example.com"; return 1; }
    faint "# openssl s_client -servername $1 -connect $1 | egrep 'Protocol|Cipher'"
    openssl s_client -servername "$1" -connect "$1" <> /dev/null | grep -E 'Protocol|Cipher'
}
# check certificat file dates
function openssl_check_cert_validity {
    test -n "$1" || { echo "Usage: $(basename "$0") mon.site.example.com:443"; return 1; }
    faint "# openssl s_client -servername ${1%:*} -connect '$1' < /dev/null 2>/dev/null | openssl x509 -noout -dates"
    openssl s_client -servername "${1%:*}" -connect "$1" < /dev/null 2>/dev/null | openssl x509 -noout -dates

	#
	# validation de OCSP
	# see https://github.com/yasharne/OCSP_Checker/blob/master/ocsp_checker.sh
	# see https://raymii.org/s/articles/OpenSSL_manually_verify_a_certificate_against_a_CRL.html
	# https://medium.com/@yasharne/how-to-check-if-a-certificate-is-revoked-using-a-bash-script-393f14ee7cd5

	local ocsp;ocsp="$(openssl s_client -servername "${1%:*}" -connect "$1" < /dev/null 2>/dev/null | openssl x509 -noout -ocsp_uri)"

	# le certificat
	local dest_cert;dest_cert=$(mktemp)
	openssl s_client -connect "$1" < /dev/null 2>&1 |  sed -n '/-----BEGIN/,/-----END/p' > "$dest_cert"
	# la chaine de certificat
	local chain_cert;chain_cert=$(mktemp)
	# openssl s_client -showcerts -connect $1 < /dev/null 2>&1 |  sed -n '/-----BEGIN/,/-----END/p' | sed -E '/^---/d' > $chain_cert
	openssl s_client -showcerts -connect "$1" < /dev/null 2>&1 | sed -n '/-----BEGIN/,/-----END/p' > "$chain_cert"
	# la chaine sans le certificat
	local onlychain_cert;onlychain_cert=$(mktemp)
	awk 'NR==FNR{a[$0]--;next} (++a[$0] > 0)' "$dest_cert" "$chain_cert" > "$onlychain_cert"
	# local grep_cert=$(mktemp)
	# sed -e '/^---/d' "$dest_cert" > $grep_cert
	# grep -Fvxf "$grep_cert" "$chain_cert" | sed -e '1s/^/-----BEGIN CERTIFICATE-----\n/' -e "\$a-----END CERTIFICATE-----"> $onlychain_cert

	# faint "dest_cert = $dest_cert chain_cert = $chain_cert onlychain_cert = $onlychain_cert"

	faint "# openssl ocsp -issuer $onlychain_cert -cert $dest_cert -text -url $ocsp"
	openssl ocsp -issuer "$onlychain_cert" -cert "$dest_cert" -url "$ocsp" -text 2>/dev/null | grep "$dest_cert" 2>/dev/null | awk -F " " '{print $2}'
	
}

function curl_check_https {
    test -n "$1" || { echo "Usage: $(basename "$0") mon.site.example.com"; return 1; }
	faint "# curl -vIk https://$1"
    test -n "$1" && curl -vIk https://"$1" 
}

# fzf functions
function vf {
    if test -n "$1"
    then
	edit "$(fzf --preview="cat {}" -q "$1")"
    else
	edit "$(fzf --preview="cat {}")"
    fi
}

function vfb {
    pushd  ~/bin > /dev/null || exit
    if test -n "$1"
    then
	edit "$(fzf --multi --preview="cat {}" -q "$1")"
    else
	edit "$(fzf --multi --preview="cat {}" )"
    fi
    popd > /dev/null || exit
}

function of {
    if test -n "$1"
    then
	see "$(fzf --preview="cat {}" -q "$1")"
    else
	see "$(fzf --preview="cat {}")"
    fi
}

function odoc {
    pushd ~/docs > /dev/null || exit
    if test -n "$1"
    then
	see "$(fzf --preview="cat {}" -q "$1")"
    else
	see "$(fzf --preview="cat {}")"
    fi
    popd > /dev/null || exit
}

# Lorem ipsum
function lorem_ipsum {
    cat <<EOT
Lorem ipsum dolor sit amet, consectetur adipiscing elit. Sed non risus. Suspendisse lectus tortor, dignissim sit amet, adipiscing nec, ultricies sed, dolor. Cras elementum ultrices diam. Maecenas ligula massa, varius a, semper congue, euismod non, mi. Proin porttitor, orci nec nonummy molestie, enim est eleifend mi, non fermentum diam nisl sit amet erat. Duis semper. Duis arcu massa, scelerisque vitae, consequat in, pretium a, enim. Pellentesque congue. Ut in risus volutpat libero pharetra tempor. Cras vestibulum bibendum augue. Praesent egestas leo in pede. Praesent blandit odio eu enim. Pellentesque sed dui ut augue blandit sodales. Vestibulum ante ipsum primis in faucibus orci luctus et ultrices posuere cubilia Curae; Aliquam nibh. Mauris ac mauris sed pede pellentesque fermentum. Maecenas adipiscing ante non diam sodales hendrerit.
Ut velit mauris, egestas sed, gravida nec, ornare ut, mi. Aenean ut orci vel massa suscipit pulvinar. Nulla sollicitudin. Fusce varius, ligula non tempus aliquam, nunc turpis ullamcorper nibh, in tempus sapien eros vitae ligula. Pellentesque rhoncus nunc et augue. Integer id felis. Curabitur aliquet pellentesque diam. Integer quis metus vitae elit lobortis egestas. Lorem ipsum dolor sit amet, consectetuer adipiscing elit. Morbi vel erat non mauris convallis vehicula. Nulla et sapien. Integer tortor tellus, aliquam faucibus, convallis id, congue eu, quam. Mauris ullamcorper felis vitae erat. Proin feugiat, augue non elementum posuere, metus purus iaculis lectus, et tristique ligula justo vitae magna.

Aliquam convallis sollicitudin purus. Praesent aliquam, enim at fermentum mollis, ligula massa adipiscing nisl, ac euismod nibh nisl eu lectus. Fusce vulputate sem at sapien. Vivamus leo. Aliquam euismod libero eu enim. Nulla nec felis sed leo placerat imperdiet. Aenean suscipit nulla in justo. Suspendisse cursus rutrum augue. Nulla tincidunt tincidunt mi. Curabitur iaculis, lorem vel rhoncus faucibus, felis magna fermentum augue, et ultricies lacus lorem varius purus. Curabitur eu amet
EOT
}

# video
function videoprobe {
    test -f "$1" || return 127
    ffprobe "$1" 2>&1 | grep -E 'Stream|Duration'
}
function videomakefilm {
    # from https://trac.ffmpeg.org/wiki/Encode/H.264
    # video = h264 crf=$crf
    # audio acc 128k
    test -f "$1" || return 127
    test -z "$2" && return 127
    local crf=25
    # video size https://ffmpeg.org/ffmpeg-utils.html#Video-size 
    # ntsc 720x480
    # pal 720x576
    # hd720 1280x720
    # hd1080 2048x1080
    # 4k 4096x2160
    local vsize=pal # = 720x576
    # video rate https://ffmpeg.org/ffmpeg-utils.html#Video-rate 
    # ntsc 30000/1001
    # pal 25/1
    # film 24/1
    # local vrate=film # = 24 fps 
    echo ffmpeg -i "$1" -c:v libx264 -preset slow -tune film -crf $crf -c:a aac -b:a 128k -s $vsize "$2"
    ffmpeg -i "$1" -c:v libx264 -preset slow -tune film -crf $crf -c:a aac -b:a 128k -s $vsize "$2"
}

function lastfile () {
	if test "$1" = '-l'
	then /bin/ls -1ltr | /usr/bin/tail -1
	else /bin/ls -1tr | /usr/bin/tail -1
	fi
}

function newpasswd() {
	date +%s | sha256sum | base64 | head -c 32 ; echo

	# autre 
	# openssl rand -hex 32
}

## llm https://rez0.blog/hacking/2023/09/18/vim-llm-hacks.html
comment () {
	local system='Add comments to this code. Respond with the code and comments. Do not alter the functional aspect of the code, but still return it. Be sure and include the code in the response. Do not respond in a markdown code block. Just respond with the code and comments. Do not preamble or say anything before or after the code. for example: If the user sent "print(1)\nprint(2)", you would reply "# Prints 1\nprint(1)\n# Prints 2\nprint(2)"'

	if test -t 0 
	then
		echo "$*" | llm -m starcoderbase-7b-ggml -s "$system" 
	else
		cat | llm -m starcoderbase-7b-ggml -s "$system"
	fi
}

# terraform env
# shellcheck disable=SC1091
test -r /home/terraform/.terraform_pipelinerc && source /home/terraform/.terraform_pipelinerc

# echo "SSH_AUTH_SOCK=$SSH_AUTH_SOCK"
# ls -l ~/.ssh/ssh_auth_sock
# ssh-add -l

# x11 forwarding FIXME 
# echo "DISPLAY=$DISPLAY"
# xauth list

#to launch app with radeon use PRIME
# DRI_PRIME=1 <app>


# cpan config
if test -d /home/patrick/perl5 
then
	PATH="/home/patrick/perl5/bin${PATH:+:${PATH}}"; export PATH;
	PERL5LIB="/home/patrick/perl5/lib/perl5${PERL5LIB:+:${PERL5LIB}}"; export PERL5LIB;
	PERL_LOCAL_LIB_ROOT="/home/patrick/perl5${PERL_LOCAL_LIB_ROOT:+:${PERL_LOCAL_LIB_ROOT}}"; export PERL_LOCAL_LIB_ROOT;
	PERL_MB_OPT='--install_base /home/patrick/perl5'
	# shellcheck disable=2090
	export PERL_MB_OPT;
fi

# pyenv
if test -n "$(type -p pyenv)"
then
	export PYENV_ROOT="$HOME/.pyenv"
	command -v pyenv >/dev/null || export PATH="$PYENV_ROOT/bin:$PATH"
	eval "$(pyenv init -)"
	# pyenv-virtualenv
	# eval "$(pyenv virtualenv-init -)"
fi

#_ shellcheck
export SHELLCHECK_OPTS="-x"

echo "<< .bashrc"
# end .bashrc