#!/bin/bash

# Email Server Backup Script
# Creates backups of email server configuration and data

set -euo pipefail

# Configuration
BACKUP_DIR="/var/backups/email-server"
DATE=$(date +%Y%m%d_%H%M%S)
BACKUP_NAME="email-backup-$DATE"
RETENTION_DAYS=30

# Colors
RED='\033[0;31m'
GREEN='\033[0;32m'
YELLOW='\033[1;33m'
BLUE='\033[0;34m'
NC='\033[0m'

log() {
    echo "$(date '+%Y-%m-%d %H:%M:%S') - $1"
}

info() {
    echo -e "${BLUE}INFO: $1${NC}"
    log "INFO: $1"
}

success() {
    echo -e "${GREEN}SUCCESS: $1${NC}"
    log "SUCCESS: $1"
}

error() {
    echo -e "${RED}ERROR: $1${NC}" >&2
    log "ERROR: $1"
    exit 1
}

# Create backup directory
create_backup_dir() {
    info "Creating backup directory..."
    mkdir -p "$BACKUP_DIR/$BACKUP_NAME"
}

# Backup PostgreSQL database
backup_database() {
    info "Backing up PostgreSQL database..."
    sudo -u postgres pg_dump postfix > "$BACKUP_DIR/$BACKUP_NAME/postfix_db.sql"
    success "Database backup completed"
}

# Backup configuration files
backup_configs() {
    info "Backing up configuration files..."
    
    # Postfix
    cp -r /etc/postfix "$BACKUP_DIR/$BACKUP_NAME/"
    
    # Dovecot
    cp -r /etc/dovecot "$BACKUP_DIR/$BACKUP_NAME/"
    
    # Amavis
    cp -r /etc/amavis "$BACKUP_DIR/$BACKUP_NAME/"
    
    # OpenDKIM
    cp -r /etc/opendkim "$BACKUP_DIR/$BACKUP_NAME/"
    
    # SpamAssassin
    cp -r /etc/spamassassin "$BACKUP_DIR/$BACKUP_NAME/"
    
    # PostfixAdmin
    if [[ -d "/var/www/postfixadmin" ]]; then
        cp -r /var/www/postfixadmin "$BACKUP_DIR/$BACKUP_NAME/"
    fi
    
    # Apache configuration
    cp -r /etc/apache2/sites-available "$BACKUP_DIR/$BACKUP_NAME/apache2-sites/"
    
    success "Configuration backup completed"
}

# Backup SSL certificates
backup_ssl() {
    info "Backing up SSL certificates..."
    if [[ -d "/etc/letsencrypt" ]]; then
        cp -r /etc/letsencrypt "$BACKUP_DIR/$BACKUP_NAME/"
        success "SSL certificates backup completed"
    else
        info "No SSL certificates found to backup"
    fi
}

# Backup mail data (optional - can be large)
backup_mail_data() {
    if [[ "${1:-}" == "--include-mail" ]]; then
        info "Backing up mail data (this may take a while)..."
        if [[ -d "/var/mail/vhosts" ]]; then
            tar -czf "$BACKUP_DIR/$BACKUP_NAME/mail_data.tar.gz" -C /var/mail vhosts
            success "Mail data backup completed"
        else
            info "No mail data found to backup"
        fi
    else
        info "Skipping mail data backup (use --include-mail to include)"
    fi
}

# Create compressed archive
create_archive() {
    info "Creating compressed archive..."
    cd "$BACKUP_DIR"
    tar -czf "$BACKUP_NAME.tar.gz" "$BACKUP_NAME"
    rm -rf "$BACKUP_NAME"
    success "Archive created: $BACKUP_DIR/$BACKUP_NAME.tar.gz"
}

# Cleanup old backups
cleanup_old_backups() {
    info "Cleaning up backups older than $RETENTION_DAYS days..."
    find "$BACKUP_DIR" -name "email-backup-*.tar.gz" -mtime +$RETENTION_DAYS -delete
    success "Old backups cleaned up"
}

# Display backup information
show_backup_info() {
    echo
    echo -e "${GREEN}Backup completed successfully!${NC}"
    echo "Backup location: $BACKUP_DIR/$BACKUP_NAME.tar.gz"
    echo "Backup size: $(du -h "$BACKUP_DIR/$BACKUP_NAME.tar.gz" | cut -f1)"
    echo
    echo "To restore this backup:"
    echo "1. Extract: tar -xzf $BACKUP_NAME.tar.gz"
    echo "2. Stop services: systemctl stop postfix dovecot amavis apache2"
    echo "3. Restore configurations to their original locations"
    echo "4. Restore database: sudo -u postgres psql postfix < postfix_db.sql"
    echo "5. Restart services: systemctl start postfix dovecot amavis apache2"
}

# Main function
main() {
    echo -e "${BLUE}Email Server Backup Script${NC}"
    echo "=========================="
    echo
    
    # Check if running as root
    if [[ $EUID -ne 0 ]]; then
        error "This script must be run as root"
    fi
    
    create_backup_dir
    backup_database
    backup_configs
    backup_ssl
    backup_mail_data "$@"
    create_archive
    cleanup_old_backups
    show_backup_info
}

# Show usage if help requested
if [[ "${1:-}" == "--help" || "${1:-}" == "-h" ]]; then
    echo "Usage: $0 [--include-mail]"
    echo
    echo "Options:"
    echo "  --include-mail    Include mail data in backup (can be large)"
    echo "  --help, -h        Show this help message"
    echo
    echo "This script backs up:"
    echo "  - PostgreSQL database"
    echo "  - Configuration files (Postfix, Dovecot, Amavis, OpenDKIM, etc.)"
    echo "  - SSL certificates"
    echo "  - PostfixAdmin installation"
    echo "  - Mail data (if --include-mail is specified)"
    exit 0
fi

main "$@"