terraform {
  required_providers {
    coder = {
      source  = "coder/coder"
      version = "0.6.6"
    }
    kubernetes = {
      source  = "hashicorp/kubernetes"
      version = "~> 2.12.1"
    }
  }
}

variable "use_kubeconfig" {
  type        = bool
  sensitive   = true
  description = <<-EOF
  Use host kubeconfig? (true/false)

  Set this to false if the Coder host is itself running as a Pod on the same
  Kubernetes cluster as you are deploying workspaces to.

  Set this to true if the Coder host is running outside the Kubernetes cluster
  for workspaces.  A valid "~/.kube/config" must be present on the Coder host.
  EOF
}

variable "namespace" {
  type        = string
  sensitive   = true
  default     = "bidev"
  description = "The namespace to create workspaces in (must exist prior to creating workspaces)"
}

variable "home_disk_size" {
  type        = number
  description = "How large would you like your home volume to be (in GB)?"
  default     = 10
  validation {
    condition     = var.home_disk_size >= 1
    error_message = "Value must be greater than or equal to 1."
  }
}

provider "kubernetes" {
  # Authenticate via ~/.kube/config or a Coder-specific ServiceAccount, depending on admin preferences
  config_path = var.use_kubeconfig == true ? "~/.kube/config" : null
}

data "coder_workspace" "me" {}

resource "coder_agent" "main" {
  os             = "linux"
  arch           = "amd64"
  startup_script = <<EOT
    #!/bin/bash

    # home folder can be empty, so copying default bash settings
    if [ ! -f ~/.profile ]; then
      cp /etc/skel/.profile $HOME
    fi
    if [ ! -f ~/.bashrc ]; then
      cp /etc/skel/.bashrc $HOME
    fi
    
    # Install language pack
    sudo apt update && \
    sudo apt install language-pack-ko -y
    sudo sh -c 'locale-gen ko_KR.UTF-8'
    

    # start VNC
    echo "Creating desktop..."
    mkdir -p "$XFCE_DEST_DIR"
    cp -rT "$XFCE_BASE_DIR" "$XFCE_DEST_DIR"
    
    # Skip default shell config prompt.
    cp /etc/zsh/newuser.zshrc.recommended $HOME/.zshrc
    
    echo "Initializing Supervisor..."
    nohup supervisord

    # install and start code-server
    curl -fsSL https://code-server.dev/install.sh | sh -s -- --version 4.8.3 | tee code-server-install.log
    code-server --auth none --port 13337 | tee code-server-install.log &

    # install rstudio
    sudo apt install r-base psmisc libclang-dev libpq5 -y && \
    wget https://download2.rstudio.org/server/bionic/amd64/rstudio-server-2022.12.0-353-amd64.deb && \
    sudo dpkg -i rstudio-server-2022.12.0-353-amd64.deb

    # Ensure rstudio files can be written to by the coder user.
    sudo chown -R coder:coder /var/lib/rstudio-server
    sudo sh -c 'echo "server-pid-file=/tmp/rstudio-server.pid" >> /etc/rstudio/rserver.conf'
    sudo sh -c 'echo "server-data-dir=/tmp/rstudio" >> /etc/rstudio/rserver.conf'
    # sudo sh -c 'echo "www-frame-origin=same" >> /etc/rstudio/rserver.conf'
    sudo sh -c 'echo "server-user=coder" >> /etc/rstudio/rserver.conf'

    # Assign password "rstudio" to coder user.
    sudo sh -c 'echo "coder:rstudio" | chpasswd'

    # start Rstudio
    sudo rstudio-server stop
    /usr/lib/rstudio-server/bin/rserver --server-daemonize=1 --auth-none=1 &

    # install and start jupyterlab
    pip3 install jupyterlab && \
    $HOME/.local/bin/jupyter lab --ServerApp.token='' --ip='*' --NotebookApp.use_redirect_file=False &

    rm -rf ~/code-server-install.log rstudio-server-2022.12.0-353-amd64.deb
  EOT
}

# Desktop
resource "coder_app" "novnc" {
  agent_id      = coder_agent.main.id
  slug          = "novnc"
  display_name  = "noVNC Desktop"
  icon          = "https://ppswi.us/noVNC/app/images/icons/novnc-192x192.png"
  url           = "http://localhost:6081"
  share         = "owner"
  relative_path = true
}

# code-server
resource "coder_app" "code-server" {
  agent_id     = coder_agent.main.id
  slug         = "code-server"
  display_name = "code-server"
  icon         = "/icon/code.svg"
  url          = "http://localhost:13337?folder=/home/coder"
  subdomain    = false
  share        = "owner"

  healthcheck {
    url       = "http://localhost:13337/healthz"
    interval  = 3
    threshold = 10
  }
}

# rstudio
resource "coder_app" "rstudio" {
  agent_id     = coder_agent.main.id
  slug         = "rstudio"
  display_name = "R Studio"
  icon         = "https://upload.wikimedia.org/wikipedia/commons/d/d0/RStudio_logo_flat.svg"
  url          = "http://localhost:8787"
  share        = "owner"
  relative_path = true

  healthcheck {
    url       = "http://localhost:8787/healthz"
    interval  = 3
    threshold = 10
  }
}

resource "coder_app" "jupyter" {
  agent_id     = coder_agent.main.id
  slug         = "jupyter"
  display_name = "JupyterLab"
  url          = "http://localhost:8888"
  icon         = "/icon/jupyter.svg"
  share        = "owner"
  relative_path = true

  healthcheck {
    url       = "http://localhost:8888/healthz"
    interval  = 5
    threshold = 10
  }
}

resource "kubernetes_persistent_volume_claim" "home" {
  metadata {
    name      = "coder-${lower(data.coder_workspace.me.owner)}-${lower(data.coder_workspace.me.name)}-home"
    namespace = var.namespace
  }
  wait_until_bound = false
  spec {
    access_modes = ["ReadWriteOnce"]
    resources {
      requests = {
        storage = "${var.home_disk_size}Gi"
      }
    }
  }
}

resource "kubernetes_pod" "main" {
  count = data.coder_workspace.me.start_count
  metadata {
    name      = "coder-${lower(data.coder_workspace.me.owner)}-${lower(data.coder_workspace.me.name)}"
    namespace = var.namespace
  }
  spec {
    security_context {
      run_as_user = "1000"
      fs_group    = "1000"
    }
    container {
      name    = "dev"
      image   = "codercom/enterprise-vnc:ubuntu"
      command = ["sh", "-c", coder_agent.main.init_script]
      security_context {
        run_as_user = "1000"
      }
      env {
        name  = "CODER_AGENT_TOKEN"
        value = coder_agent.main.token
      }
      volume_mount {
        mount_path = "/home/coder"
        name       = "home"
        read_only  = false
      }
    }

    volume {
      name = "home"
      persistent_volume_claim {
        claim_name = kubernetes_persistent_volume_claim.home.metadata.0.name
        read_only  = false
      }
    }
  }
}