#!/bin/sh

# Entrypoint script for Dovecot test container

set -e

echo "Installing Dovecot..."
apk add --no-cache dovecot dovecot-lmtpd openssl

echo "Setting up directories..."
mkdir -p /var/mail
mkdir -p /var/run/dovecot
mkdir -p /var/log/dovecot

# Create dovecot user if it doesn't exist
if ! getent passwd dovecot > /dev/null 2>&1; then
    addgroup -g 97 dovecot
    adduser -D -u 97 -G dovecot -s /sbin/nologin dovecot
fi

# Set proper ownership
chown -R dovecot:dovecot /var/mail
chown -R dovecot:dovecot /var/run/dovecot
chown -R root:dovecot /etc/dovecot
chmod -R 0640 /etc/dovecot
chmod 0644 /etc/dovecot/dovecot.conf

# Generate SSL certificates if they don't exist
if [ ! -f /etc/dovecot/ssl/server.crt ] || [ ! -f /etc/dovecot/ssl/server.key ]; then
    echo "Generating SSL certificates..."
    mkdir -p /etc/dovecot/ssl
    
    # Generate DH parameters (small for testing)
    openssl dhparam -out /etc/dovecot/ssl/dh.pem 1024
    
    # Generate private key
    openssl genrsa -out /etc/dovecot/ssl/server.key 2048
    
    # Generate certificate
    openssl req -new -key /etc/dovecot/ssl/server.key -out /etc/dovecot/ssl/server.csr -subj "/C=US/ST=Test/L=Test/O=Mail2Couch/CN=localhost"
    openssl x509 -req -days 365 -in /etc/dovecot/ssl/server.csr -signkey /etc/dovecot/ssl/server.key -out /etc/dovecot/ssl/server.crt
    rm /etc/dovecot/ssl/server.csr
fi

# Ensure SSL directory permissions
chown -R dovecot:dovecot /etc/dovecot/ssl
chmod 600 /etc/dovecot/ssl/server.key
chmod 644 /etc/dovecot/ssl/server.crt

echo "Starting Dovecot..."
exec dovecot -F