#!/usr/bin/env bash
set -euo pipefail

# Configure git for automated commits
git config --global --add safe.directory /app
git config --global user.email "wiki-bot@ghostguild.org"
git config --global user.name "Wiki Bot"

# The repo's origin is HTTPS (so DokPloy can fetch), but the cron pushes via
# SSH using the mounted deploy key. Rewrite the URL only for push operations.
git config --global url."git@git.ghostguild.org:".pushInsteadOf "https://git.ghostguild.org/"

# /root/.ssh is mounted read-only from the host. ssh wants to write to
# known_hosts on first connect, so make a writable copy and point ssh at it.
# ssh still reads /root/.ssh/config by default, which sets Port 2222 for
# git.ghostguild.org and points IdentityFile at the deploy key.
mkdir -p /root/.ssh_tmp
chmod 700 /root/.ssh_tmp
if [ -f /root/.ssh/known_hosts ]; then
  cp /root/.ssh/known_hosts /root/.ssh_tmp/known_hosts
else
  touch /root/.ssh_tmp/known_hosts
fi
chmod 600 /root/.ssh_tmp/known_hosts
export GIT_SSH_COMMAND="ssh -o UserKnownHostsFile=/root/.ssh_tmp/known_hosts"

# Dump environment for cron jobs (crond doesn't inherit container env).
# Use single-quote escaping so values with spaces / special chars survive sourcing.
{
  env | while IFS='=' read -r k v; do
    [ -z "$k" ] && continue
    case "$k" in _|PWD|OLDPWD|SHLVL) continue ;; esac
    esc=$(printf '%s' "$v" | sed "s/'/'\\\\''/g")
    printf "export %s='%s'\n" "$k" "$esc"
  done
} > /etc/environment.sh
chmod 600 /etc/environment.sh

echo "Cron jobs loaded:"
crontab -l
echo "Starting crond..."

exec "$@"