#!/usr/bin/env bash
set -Eeuo pipefail

trap 'echo "Error on line $LINENO while writing Postgres dump" >&2' ERR

ensure_writable_dir() {
  local dir="$1"
  mkdir -p "$dir"
  if [[ ! -d "$dir" || ! -w "$dir" ]]; then
    echo "Output directory is not writable: $dir" >&2
    exit 1
  fi
}

TS="$(date +%F_%H%M%S)"
OUT="/srv/backups/gitea/pg"
ensure_writable_dir "$OUT"
artifact="$OUT/gitea-pg-$TS.sql"

PGUSER="${PGUSER:-gitea}"
PGDATABASE="${PGDATABASE:-gitea}"
PGPASSFILE="${PGPASSFILE:-/srv/secrets/postgres_password}"

if [[ ! -f "$PGPASSFILE" ]]; then
  echo "Missing $PGPASSFILE"
  exit 1
fi

export PGPASSWORD="$(cat "$PGPASSFILE")"
docker exec -e PGPASSWORD="$PGPASSWORD" gitea-db sh -lc "pg_dump -U '$PGUSER' -d '$PGDATABASE'" > "$artifact"

if [[ ! -s "$artifact" ]]; then
  echo "Backup artifact missing or empty: $artifact" >&2
  exit 1
fi

echo "Wrote: $artifact"