#!/bin/bash
set -euo pipefail

# --- Settings ---
# Container Name
CONTAINER_NAME="vaultwarden"

# Host path mapped to /data inside the container
BACKUP_SOURCE_DIR="/home/mbuz/docker/vaultwarden"

# Destination for backups
BACKUP_DEST_DIR="/mnt/media/vault_backups"

# Retention Policy: Delete backups older than N days
RETENTION_DAYS=30

# Syslog Tag
LOG_TAG="vaultwarden-backup"
# --- End of Settings ---

# Logging helpers
log_info() { logger -t "$LOG_TAG" -p user.info "$1"; }
log_error() { logger -t "$LOG_TAG" -p user.error "$1"; }

log_info "Starting Vaultwarden backup..."

# 1. Mount Check
if [ ! -d "$BACKUP_DEST_DIR" ]; then
    log_info "Destination directory not found. Attempting to mount..."
    sudo mount -a || true
    sleep 2
    if [ ! -d "$BACKUP_DEST_DIR" ]; then
        log_error "ERROR: Destination '$BACKUP_DEST_DIR' unavailable after mount attempt."
        exit 1
    fi
fi

# 2. Backup Execution
TIMESTAMP=$(date +%Y%m%d_%H%M%S)
FILENAME="db_backup_${TIMESTAMP}.sqlite3"

log_info "Creating backup: $FILENAME"

# FALLBACK METHOD: Since 'sqlite3' is missing in the container, we simply copy the DB file.
# Note: This is *technically* not transaction-safe if writes happen exactly during copy, 
# but for a personal vault, it's usually acceptable (WAL mode helps).
# Ideally, install sqlite3 in container or use vaultwarden/server:alpine which might have it.

if [ -f "$BACKUP_SOURCE_DIR/db.sqlite3" ]; then
    cp "$BACKUP_SOURCE_DIR/db.sqlite3" "$BACKUP_DEST_DIR/$FILENAME"
    
    # Also copy the WAL and SHM files if they exist (crucial for WAL mode integrity)
    if [ -f "$BACKUP_SOURCE_DIR/db.sqlite3-wal" ]; then
        cp "$BACKUP_SOURCE_DIR/db.sqlite3-wal" "$BACKUP_DEST_DIR/db_backup_${TIMESTAMP}.sqlite3-wal"
    fi
    if [ -f "$BACKUP_SOURCE_DIR/db.sqlite3-shm" ]; then
        cp "$BACKUP_SOURCE_DIR/db.sqlite3-shm" "$BACKUP_DEST_DIR/db_backup_${TIMESTAMP}.sqlite3-shm"
    fi
    
    log_info "SUCCESS: Backup created at $BACKUP_DEST_DIR/$FILENAME"
else
    log_error "ERROR: Source DB file '$BACKUP_SOURCE_DIR/db.sqlite3' not found."
    exit 1
fi

# 3. Cleanup / Rotation
log_info "Cleaning up backups older than $RETENTION_DAYS days..."
find "$BACKUP_DEST_DIR" -name "db_backup_*.sqlite3*" -type f -mtime +$RETENTION_DAYS -delete

log_info "Backup process completed."
exit 0