#!/bin/bash
set -e

export TZ=Asia/Seoul
export LANG=ko_KR.UTF-8
export LANGUAGE=ko_KR:ko
export LC_ALL=ko_KR.UTF-8

# set username
XWINDOW_USER="${XWINDOW_USER:-user}"
if ! id -u $XWINDOW_USER >/dev/null 2>&1; then
    useradd -m -s /bin/bash $XWINDOW_USER
    echo "user '$XWINDOW_USER' generated."
fi

# set password
if [ -z "$XWINDOW_PASSWORD" ]; then
    XWINDOW_PASSWORD=$(tr -dc 'A-Za-z0-9' < /dev/urandom | head -c 8)
    echo "$XWINDOW_USER's generated password: $XWINDOW_PASSWORD"
fi
echo "$XWINDOW_USER:$XWINDOW_PASSWORD" | chpasswd  
echo "user '$XWINDOW_USER' password set."

# change own and permission
chown $XWINDOW_USER:$XWINDOW_USER /home/$XWINDOW_USER
chmod 700 /home/$XWINDOW_USER

# create and set permission for /mnt directory
mkdir -p /mnt
chown $XWINDOW_USER:$XWINDOW_USER /mnt

# add sudo group
usermod -aG sudo $XWINDOW_USER

# remove pid files
[ ! -f /var/run/xrdp/xrdp-sesman.pid ] || rm -f /var/run/xrdp/xrdp-sesman.pid
[ ! -f /var/run/xrdp/xrdp.pid ] || rm -f /var/run/xrdp/xrdp.pid

# check sandbox mode
set +e
SANDBOX_CHECK_OUTPUT=$(unshare -U true 2>&1)
SANDBOX_CHECK_EXIT_CODE=$?
if [ "$SANDBOX_CHECK_EXIT_CODE" -ne 0 ]; then
    sed -i 's|^CHROMIUM_FLAGS=""|CHROMIUM_FLAGS="--no-sandbox --start-maximized --disable-gpu"|' /usr/bin/chromium
    rm -rf /usr/bin/code
    ln -s /usr/share/code/bin/code /usr/bin/code
    sed -i 's|ELECTRON_RUN_AS_NODE=1 "\$ELECTRON" "\$CLI" "\$@"|ELECTRON_RUN_AS_NODE=1 "\$ELECTRON" "\$CLI" --no-sandbox --disable-gpu "\$@"|' /usr/share/code/bin/code
    # cursor also needs no-sandbox mode
    if [ -f /opt/cursor/cursor ]; then
        sed -i 's|exec "\$HERE/cursor"|exec "\$HERE/cursor" --no-sandbox --disable-gpu|' /opt/cursor/cursor 2>/dev/null || true
    fi
fi
set -e

# clean chromium config for fresh start
su - $XWINDOW_USER -c "rm -rf ~/.config/chromium/"   

# install super-claude
su - $XWINDOW_USER -c "pipx install SuperClaude && pipx upgrade SuperClaude"

# add pipx bin to user PATH
su - $XWINDOW_USER -c "echo 'export PATH=\"/home/$XWINDOW_USER/.local/bin:\$PATH\"' >> ~/.bashrc"
su - $XWINDOW_USER -c "source ~/.bashrc && SuperClaude install --components core mcp modes commands agents --force --yes" &

# start code-server in background
su - $XWINDOW_USER -c "code-server --bind-addr 0.0.0.0:30145 --auth password /mnt" &

# run program
/usr/sbin/xrdp-sesman
/usr/sbin/xrdp --nodaemon