# you must prefixe path with "${path.module}/"
resource "null_resource" "fail2ban_exporter" {
  triggers = {
    source = filesha256("${path.module}/fail2ban_exporter.initd")
  }
  connection {
    type        = "ssh"
    user        = "root"
    host        = var.connection_ip
    private_key = var.connection_private_key
  }

  provisioner "file" {
    source      = "${path.module}/fail2ban_exporter.initd"
    destination = "/tmp/fail2ban_exporter.initd"
  }

  provisioner "remote-exec" {
    inline = [
      "echo '#-----------------------'",
      "echo '# module alpine_fail2ban'",
      "echo '#-----------------------'",
      "echo '# install fail2ban'",
      "apk add fail2ban",
      #
      "echo '# enable service fail2ban'",
      "rc-update add fail2ban",
      "rc-service fail2ban start",
      #
      "echo '# install helpers'",
      "ln -s /etc/fail2ban /root/fail2ban",
      "ln -s 'fail2ban-client status' /etc/fail2ban/0_status",
      "ln -s 'fail2ban-client banned' /etc/fail2ban/1_banned",
      "ln -s 'fail2ban-client unban <ip> <ip>' /etc/fail2ban/1_unban",
      "ln -s 'fail2ban-client reload' /etc/fail2ban/2_reload",
      #
      "echo '## fail2ban-prometheus-exporter'",
      # dw binary -- DONT WORK on alpine
      # "wget -nc https://gitlab.com/hectorjsmith/fail2ban-prometheus-exporter/uploads/${var.fail2ban_exporter_link}/fail2ban_exporter_${var.fail2ban_exporter_version}_linux_amd64.tar.gz",
      # "echo '${var.fail2ban_exporter_checksum}  fail2ban_exporter_${var.fail2ban_exporter_version}_linux_amd64.tar.gz)' | filesha256 -c",
      # "tar xzf fail2ban_exporter_${var.fail2ban_exporter_version}_linux_amd64.tar.gz",
      # "install -Dm775 fail2ban_exporter_${var.fail2ban_exporter_version}_linux_amd64/fail2ban_exporter /usr/sbin/fail2ban_exporter",
      # dw src
      "echo '# install depends '",
      "apk add --virtual .devenv build-base go",
      "echo '# get sources '",
      "wget -nc -q https://gitlab.com/hectorjsmith/fail2ban-prometheus-exporter/-/archive/${var.fail2ban_exporter_version}/fail2ban-prometheus-exporter-${var.fail2ban_exporter_version}.tar.gz",
      "echo '${var.fail2ban_exporter_checksum}  fail2ban-prometheus-exporter-${var.fail2ban_exporter_version}.tar.gz)' | filesha256 -c",
      "tar xzf fail2ban-prometheus-exporter-${var.fail2ban_exporter_version}.tar.gz",
      "cd fail2ban-prometheus-exporter-${var.fail2ban_exporter_version}/src",
      "echo '# build '",
      "go mod download -x",
      "go build -v",
      "echo '# install fail2ban_exporter'",
      "install -Dm775 fail2ban-prometheus-exporter /usr/sbin/fail2ban_exporter",
      "echo '# clean go cache'",
      "go env GOCACHE",
      "go clean -modcache",
      #
      #
      "echo '# enable service fail2ban_exporter'",
      "install -Dm775 /tmp/fail2ban_exporter.initd /etc/init.d/fail2ban_exporter",
      "rc-update add fail2ban_exporter",
      "rc-service fail2ban_exporter start",
      #
      "echo '# clean sources'",
      # "rm -rf fail2ban_exporter_${var.fail2ban_exporter_version}_linux_amd64.tar.gz",
      "rm -rf /root/fail2ban-prometheus-exporter-${var.fail2ban_exporter_version} /root/fail2ban-prometheus-exporter-${var.fail2ban_exporter_version}.tar.gz",
      "echo '# clean depends'",
      "apk del --purge .devenv",
    ]
    on_failure = fail
  }

}