# Ideally the container processes should be run rootless, so we'll create an unprivileged user.
useradd --system --create-home --home-dir /opt/phatcrack-server phatcrack-server

cd /opt/phatcrack-server

wget https://github.com/lachlan2k/phatcrack/releases/download/v0.7.0/docker-compose.yml

# Update your hostname here:
echo "HOST_NAME=phatcrack.lan" >> .env
echo "DB_PASS=$(openssl rand -hex 16)" >> .env
echo "PHATCRACK_USER=$(id -u phatcrack-server):$(id -g phatcrack-server)" >> .env
chmod 600 .env

# If you chose a hostname that is publicly accessible and expose this to the world (not recommended), Caddy will automatically deploy TLS.

## Otherwise, use the following for self-signed TLS
# echo "TLS_OPTS=tls internal" >> .env

## If you want to supply custom certificates, place them in a directory called `certs`
## And add ./certs:/etc/caddy/certs:ro as a mount in docker-compose.prod.yml for 
# echo "TLS_OPTS=tls /etc/caddy/certs/cert.pem /etc/caddy/certs/key.pem" >> .env

# Make a directory to persist files in
mkdir filerepo
chown phatcrack-server:phatcrack-server filerepo

docker compose up -d