#!/bin/bash

echo "🔧 Fix: Apache mod_headers aktivieren"
echo "===================================="

# 1. Prüfe verfügbare Apache-Module
echo "1. 🔍 Verfügbare Apache-Module prüfen..."
apache2ctl -M 2>/dev/null | grep -E "(headers|rewrite)" || echo "   ⚠️ apache2ctl nicht verfügbar"

# 2. Aktiviere mod_headers
echo "2. 🔧 mod_headers aktivieren..."
a2enmod headers 2>/dev/null || echo "   ⚠️ a2enmod headers fehlgeschlagen"

# 3. Aktiviere mod_rewrite (falls nicht aktiviert)
echo "3. 🔧 mod_rewrite aktivieren..."
a2enmod rewrite 2>/dev/null || echo "   ⚠️ a2enmod rewrite fehlgeschlagen"

# 4. Apache neu laden
echo "4. 🔄 Apache neu laden..."
systemctl reload apache2 2>/dev/null || service apache2 reload 2>/dev/null || echo "   ⚠️ Apache reload fehlgeschlagen"

# 5. Prüfe .htaccess Syntax
echo "5. 🔍 .htaccess Syntax prüfen..."
if [ -f public/.htaccess ]; then
    echo "   📋 public/.htaccess gefunden"
    echo "   📄 Header-Befehle in .htaccess:"
    grep -n "Header" public/.htaccess || echo "   ⚠️ Keine Header-Befehle gefunden"
else
    echo "   ❌ public/.htaccess nicht gefunden"
fi

# 6. Alternative .htaccess ohne Header erstellen
echo "6. 🔧 Alternative .htaccess erstellen..."
cat > public/.htaccess.simple << 'EOF'
<IfModule mod_rewrite.c>
    <IfModule mod_negotiation.c>
        Options -MultiViews -Indexes
    </IfModule>

    RewriteEngine On

    # Force HTTPS
    RewriteCond %{HTTPS} off
    RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

    # Handle Authorization Header
    RewriteCond %{HTTP:Authorization} .
    RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]

    # Redirect Trailing Slashes If Not A Folder...
    RewriteCond %{REQUEST_FILENAME} !-d
    RewriteCond %{REQUEST_URI} (.+)/$
    RewriteRule ^ %1 [L,R=301]

    # Send Requests To Front Controller...
    RewriteCond %{REQUEST_FILENAME} !-d
    RewriteCond %{REQUEST_FILENAME} !-f
    RewriteRule ^ index.php [L]
</IfModule>

# Protect sensitive files
<Files ".env">
    Order allow,deny
    Deny from all
</Files>

<Files "database.sqlite">
    Order allow,deny
    Deny from all
</Files>

<Files "*.sqlite">
    Order allow,deny
    Deny from all
</Files>
EOF

echo "   ✅ Alternative .htaccess erstellt"

# 7. Backup und ersetze .htaccess
echo "7. 🔄 .htaccess ersetzen..."
if [ -f public/.htaccess ]; then
    cp public/.htaccess public/.htaccess.backup
    echo "   ✅ Backup erstellt: public/.htaccess.backup"
fi

cp public/.htaccess.simple public/.htaccess
echo "   ✅ .htaccess ersetzt"

# 8. Test Apache-Konfiguration
echo "8. 🧪 Apache-Konfiguration testen..."
apache2ctl -t 2>/dev/null && echo "   ✅ Apache-Konfiguration OK" || echo "   ❌ Apache-Konfiguration fehlerhaft"

echo ""
echo "✅ Apache mod_headers Fix abgeschlossen!"
echo ""
echo "🔗 Testen Sie jetzt:"
echo "1. https://neonail.vogt.de.com"
echo "2. Admin-Panel: https://neonail.vogt.de.com/admin/users"
echo ""
echo "📝 Falls Problem besteht:"
echo "- Prüfen Sie: apache2ctl -M | grep headers"
echo "- Schauen Sie in: /var/log/apache2/error.log"