#!/bin/bash

set -e

# ==========================================
# 1. å‚æ•°æ£€æŸ¥
# ==========================================
REDIS_PASSWORD=${1:-""}
DATA_ROOT=${2:-""}

if [ -z "$DATA_ROOT" ]; then
    echo "âŒ é”™è¯¯: ç¼ºå°‘å‚æ•°ï¼"
    echo "ç”¨æ³•: $0 <å¯†ç > <æ•°æ®æ ¹ç›®å½•>"
    exit 1
fi

if [ -z "$REDIS_PASSWORD" ]; then
    REDIS_PASSWORD=$(openssl rand -base64 12)
    echo "âš ï¸ æœªæä¾›å¯†ç ï¼Œå·²ç”Ÿæˆéšæœºå¯†ç : $REDIS_PASSWORD"
fi

LOG_DIR="$DATA_ROOT/log"
DB_DIR="$DATA_ROOT/data"

echo "í ½íº€ å¼€å§‹éƒ¨ç½² Redis 8.0.3 (JuiceFS ä¼˜åŒ–ç‰ˆ)"
echo "   å¯†ç : $REDIS_PASSWORD"
echo "   æ•°æ®ç›®å½•: $DATA_ROOT"
echo "   æ—¥å¿—ç›®å½•: $LOG_DIR"

# ==========================================
# 2. ç³»ç»Ÿå‡†å¤‡ä¸Žå®‰è£…
# ==========================================
echo "í ½í³¦ æ›´æ–°æºå¹¶å®‰è£…ä¾èµ–..."
apt-get update -qq
# ç§»é™¤ envsubst ä¾èµ–ï¼Œåªä¿ç•™åŸºç¡€å·¥å…·
apt-get install -y -qq software-properties-common curl gnupg > /dev/null

# å¯¼å…¥ GPG å¯†é’¥
echo "í ½í´‘ å¯¼å…¥ Redis GPG å¯†é’¥..."
curl -fsSL https://packages.redis.io/gpg | gpg --dearmor --yes -o /usr/share/keyrings/redis-archive-keyring.gpg

# æ·»åŠ æº
if [ ! -f /etc/apt/sources.list.d/redis.list ]; then
    echo "deb [signed-by=/usr/share/keyrings/redis-archive-keyring.gpg] https://packages.redis.io/deb $(lsb_release -cs) main" | tee /etc/apt/sources.list.d/redis.list > /dev/null
fi

apt-get update -qq

REDIS_VERSION_FULL="6:8.0.3-1rl1~jammy1"
echo "í ½í³¥ å®‰è£… Redis $REDIS_VERSION_FULL ..."
apt-get install -y -o Dpkg::Options::="--force-confdef" -o Dpkg::Options::="--force-confold" \
  redis-server="$REDIS_VERSION_FULL" \
  redis-tools="$REDIS_VERSION_FULL"

# ==========================================
# 3. å‡†å¤‡ç›®å½•ä¸Žæƒé™
# ==========================================
echo "í ½í³‚ åˆ›å»ºç›®å½•ç»“æž„..."
mkdir -p "$LOG_DIR" "$DB_DIR"

id redis &>/dev/null || useradd -r -s /usr/sbin/nologin redis
chown -R redis:redis "$DATA_ROOT"
chmod 750 "$DATA_ROOT"
chmod 750 "$LOG_DIR"
chmod 750 "$DB_DIR"

# ==========================================
# 4. ç”Ÿæˆ redis.conf (Cat è¿½åŠ  + Sed æ›¿æ¢)
# ==========================================
echo "âš™ï¸ ç”Ÿæˆ redis.conf (ä½¿ç”¨ sed æ›¿æ¢å˜é‡)..."

# ç¬¬ä¸€æ­¥ï¼šä½¿ç”¨ cat å†™å…¥æ¨¡æ¿é…ç½® (ä½¿ç”¨å ä½ç¬¦ __VAR__)
cat > /etc/redis/redis.conf << 'CONFEOF'
# Redis Configuration Optimized for JuiceFS

################################## NETWORK #####################################
bind 0.0.0.0 ::0
protected-mode yes
port 6379
tcp-backlog 511
timeout 0
tcp-keepalive 300

################################# GENERAL #####################################
supervised systemd
loglevel notice
logfile __LOG_DIR__/redis-server.log
databases 16
always-show-logo no
set-proc-title yes
proc-title-template "{title} {listen-addr} {server-mode}"

################################ SNAPSHOTTING (RDB) ############################
save 900 1
save 300 10
save 60 10000
stop-writes-on-bgsave-error yes
rdbcompression yes
rdbchecksum yes
dbfilename dump.rdb
dir __DB_DIR__

################################# REPLICATION #################################
replica-serve-stale-data yes
replica-read-only yes
repl-diskless-sync yes
repl-diskless-sync-delay 5
repl-disable-tcp-nodelay no
repl-backlog-size 1mb
repl-backlog-ttl 3600
replica-priority 100

################################## SECURITY ###################################
requirepass __REDIS_PASSWORD__

################################### CLIENTS ####################################
maxclients 10000

############################# LAZY FREEING ####################################
lazyfree-lazy-eviction no
lazyfree-lazy-expire no
lazyfree-lazy-server-del no
replica-lazy-flush no
lazyfree-lazy-user-del no

#################### KERNEL transparent hugepage CONTROL ######################
disable-thp yes

############################## APPEND ONLY MODE ###############################
appendonly no
appendfilename "appendonly.aof"
appenddirname "appendonlydir"
appendfsync everysec
no-appendfsync-on-rewrite no
auto-aof-rewrite-percentage 100
auto-aof-rewrite-min-size 64mb
aof-load-truncated yes
aof-use-rdb-preamble yes

################################## SLOW LOG ###################################
slowlog-log-slower-than 10000
slowlog-max-len 128

############################### ADVANCED CONFIG ###############################
hash-max-listpack-entries 512
hash-max-listpack-value 64
list-max-listpack-size -2
list-compress-depth 0
set-max-intset-entries 512
set-max-listpack-entries 128
set-max-listpack-value 64
zset-max-listpack-entries 128
zset-max-listpack-value 64
hll-sparse-max-bytes 3000
stream-node-max-bytes 4096
stream-node-max-entries 100
activerehashing yes
client-output-buffer-limit normal 0 0 0
client-output-buffer-limit replica 256mb 64mb 60
client-output-buffer-limit pubsub 32mb 8mb 60
hz 10
dynamic-hz yes
aof-rewrite-incremental-fsync yes
rdb-save-incremental-fsync yes

################################## MODULES #####################################
loadmodule /usr/lib/redis/modules/rejson.so
loadmodule /usr/lib/redis/modules/redisbloom.so
loadmodule /usr/lib/redis/modules/redistimeseries.so
loadmodule /usr/lib/redis/modules/redisearch.so
CONFEOF

# ç¬¬äºŒæ­¥ï¼šä½¿ç”¨ sed åŽŸåœ°æ›¿æ¢å ä½ç¬¦ä¸ºçœŸå®žå˜é‡
# æ³¨æ„ï¼šå¦‚æžœè·¯å¾„åŒ…å« /ï¼Œsed çš„æ›¿æ¢åˆ†éš”ç¬¦éœ€è¦ç”¨å…¶ä»–å­—ç¬¦ï¼ˆå¦‚ |ï¼‰é¿å…å†²çª
sed -i "s|__LOG_DIR__|$LOG_DIR|g" /etc/redis/redis.conf
sed -i "s|__DB_DIR__|$DB_DIR|g" /etc/redis/redis.conf
sed -i "s|__REDIS_PASSWORD__|$REDIS_PASSWORD|g" /etc/redis/redis.conf

# ä¿®å¤æƒé™
chown redis:redis /etc/redis/redis.conf
chmod 640 /etc/redis/redis.conf

echo "âœ… redis.conf ç”Ÿæˆå¹¶æ›¿æ¢å®Œæˆ"

# ==========================================
# 5. ä¿®æ”¹ Systemd Service æ–‡ä»¶
# ==========================================
echo "í ½í´§ é€‚é… systemd æœåŠ¡æ–‡ä»¶..."

SERVICE_FILE="/lib/systemd/system/redis-server.service"
cp "$SERVICE_FILE" "${SERVICE_FILE}.bak.$(date +%F-%H%M)"

# ä¿®æ­£åŽçš„ Systemd é€‚é…é€»è¾‘
echo "í ½í´§ é€‚é… systemd æœåŠ¡æ–‡ä»¶ (ç›´æŽ¥æ›¿æ¢è·¯å¾„)..."

SERVICE_FILE="/lib/systemd/system/redis-server.service"
cp "$SERVICE_FILE" "${SERVICE_FILE}.bak.$(date +%F-%H%M)"

# 1. æ›¿æ¢æ•°æ®ç›®å½•è·¯å¾„ (è½¬ä¹‰è·¯å¾„ä¸­çš„ / ä»¥é€‚é… sed)
ESCAPED_DB_DIR=$(echo "$DB_DIR" | sed 's/[\/&]/\\&/g')
sed -i "s|ReadWriteDirectories=-/var/lib/redis|ReadWriteDirectories=-${ESCAPED_DB_DIR}|g" "$SERVICE_FILE"

# 2. æ›¿æ¢æ—¥å¿—ç›®å½•è·¯å¾„
ESCAPED_LOG_DIR=$(echo "$LOG_DIR" | sed 's/[\/&]/\\&/g')
sed -i "s|ReadWriteDirectories=-/var/log/redis|ReadWriteDirectories=-${ESCAPED_LOG_DIR}|g" "$SERVICE_FILE"

systemctl daemon-reload
echo "âœ… systemd é…ç½®å·²æ›´æ–°"

# ==========================================
# 6. å¯åŠ¨ä¸ŽéªŒè¯
# ==========================================
echo "í ½í´¥ å¯åŠ¨ Redis..."
systemctl stop redis-server || true
systemctl enable --now redis-server haproxy

sleep 2

if systemctl is-active --quiet redis-server; then
    echo "âœ… Redis å¯åŠ¨æˆåŠŸ!"
    if redis-cli -a "$REDIS_PASSWORD" ping 2>/dev/null | grep -q "PONG"; then
        echo "âœ… è¿žæŽ¥æµ‹è¯•é€šè¿‡ (PONG)"
    else
        echo "âš ï¸ è¿žæŽ¥æµ‹è¯•å¤±è´¥ï¼Œè¯·æ£€æŸ¥æ—¥å¿—"
    fi
    echo "=========================================="
    echo "í ¼í¾‰ éƒ¨ç½²å®Œæˆ! æ•°æ®ç›®å½•: $DB_DIR"
    echo "=========================================="
else
    echo "âŒ å¯åŠ¨å¤±è´¥! æŸ¥çœ‹æ—¥å¿—:"
    tail -n 30 "$LOG_DIR/redis-server.log" 2>/dev/null || journalctl -u redis-server -n 30
    exit 1
fi