#!/usr/bin/env sh
# Orcha installer — fetch the current binary into ~/.local/bin (no root).
#
#   curl -fsSL https://orcha.cc | sh
#   curl -fsSL https://orcha.cc/install.sh | sh
#
# Binaries are served from orcha.cc itself, so this works without a GitHub
# account or a public repo. Env overrides:
#   ORCHA_BASE=https://orcha.cc/dl   where to fetch binaries + checksums
#   ORCHA_BIN_DIR=~/.local/bin       install location
#   ORCHA_SKIP_VERIFY=1              skip checksum verification (not recommended)
#
# Deliberately boring and auditable: read it before you pipe it to a shell.
set -eu

BASE="${ORCHA_BASE:-https://orcha.cc/dl}"
BIN_DIR="${ORCHA_BIN_DIR:-$HOME/.local/bin}"

say() { printf '%s\n' "$*"; }
err() { printf 'orcha install: %s\n' "$*" >&2; exit 1; }

command -v uname >/dev/null 2>&1 || err "missing 'uname'"
command -v tar >/dev/null 2>&1 || err "missing 'tar'"

if command -v curl >/dev/null 2>&1; then
  dlo() { curl -fsSL -o "$1" "$2"; }    # dest url
elif command -v wget >/dev/null 2>&1; then
  dlo() { wget -qO "$1" "$2"; }
else
  err "need curl or wget"
fi

if command -v sha256sum >/dev/null 2>&1; then SHA="sha256sum"
elif command -v shasum >/dev/null 2>&1; then SHA="shasum -a 256"
else SHA=""; fi

os=$(uname -s | tr '[:upper:]' '[:lower:]')
case "$os" in
  linux) os=linux ;;
  darwin) os=darwin ;;
  *) err "unsupported OS '$os' (Linux and macOS only)" ;;
esac

arch=$(uname -m)
case "$arch" in
  x86_64 | amd64) arch=amd64 ;;
  aarch64 | arm64) arch=arm64 ;;
  *) err "unsupported architecture '$arch'" ;;
esac

archive="orcha_${os}_${arch}.tar.gz"

tmp=$(mktemp -d)
trap 'rm -rf "$tmp"' EXIT INT TERM

say "downloading orcha ($os/$arch)…"
dlo "$tmp/$archive" "$BASE/$archive" || err "download failed: $BASE/$archive"

# Fail CLOSED: a curl|sh installer must not run an unverified binary just
# because the checksum couldn't be fetched (a MITM can block it). Override
# only with an explicit ORCHA_SKIP_VERIFY=1.
if [ "${ORCHA_SKIP_VERIFY:-0}" = "1" ]; then
  say "warning: ORCHA_SKIP_VERIFY=1 — skipping checksum verification"
elif [ -z "$SHA" ]; then
  err "no sha256 tool (sha256sum/shasum) found — refusing to install unverified.
  Install one, or re-run with ORCHA_SKIP_VERIFY=1 to override."
else
  dlo "$tmp/checksums.txt" "$BASE/checksums.txt" \
    || err "could not download checksums.txt — refusing to install unverified.
  Re-run with ORCHA_SKIP_VERIFY=1 to override."
  line=$(grep " $archive\$" "$tmp/checksums.txt" || true)
  [ -n "$line" ] || err "no checksum entry for $archive"
  ( cd "$tmp" && printf '%s\n' "$line" | $SHA -c - >/dev/null 2>&1 ) \
    || err "checksum verification FAILED for $archive"
  say "checksum ok"
fi

tar -xzf "$tmp/$archive" -C "$tmp" orcha || err "archive missing 'orcha' binary"
mkdir -p "$BIN_DIR"
cp "$tmp/orcha" "$BIN_DIR/orcha"
chmod 0755 "$BIN_DIR/orcha"
say "installed: $BIN_DIR/orcha"

case ":$PATH:" in
  *":$BIN_DIR:"*) ;;
  *)
    say ""
    say "NOTE: $BIN_DIR is not on your PATH. Add this to your shell rc:"
    say "  export PATH=\"$BIN_DIR:\$PATH\""
    ;;
esac

say ""
say "next:  orcha up      # embeds a relay, prints a QR — scan it from your phone"