#!/bin/bash
set -euo pipefail

DEFAULT_ARGS=("spyder" "--new-instance")

TARGET_UID=${UID:-1000}
TARGET_GID=${GID:-1000}
TARGET_USER=${HOST_USER:-spyder}
TARGET_GROUP=${HOST_GROUP:-$TARGET_USER}
TARGET_HOME=${SPYDER_HOME:-/home/${TARGET_USER}}
TARGET_WORKSPACE=${SPYDER_WORKSPACE:-${TARGET_HOME}/workspace}

if [ "$#" -eq 0 ]; then
  set -- "${DEFAULT_ARGS[@]}"
fi

existing_group=$(getent group "${TARGET_GID}" || true)
if [ -z "${existing_group}" ]; then
  # Reconcile group entry so host files stay accessible.
  if getent group "${TARGET_GROUP}" >/dev/null 2>&1; then
    groupmod --gid "${TARGET_GID}" "${TARGET_GROUP}"
  else
    groupadd --gid "${TARGET_GID}" "${TARGET_GROUP}"
  fi
else
  TARGET_GROUP=$(printf '%s' "${existing_group}" | cut -d: -f1)
fi

existing_user=$(getent passwd "${TARGET_UID}" || true)
if [ -z "${existing_user}" ]; then
  # Mirror host UID/GID inside the container.
  if id "${TARGET_USER}" >/dev/null 2>&1; then
    usermod --uid "${TARGET_UID}" --gid "${TARGET_GID}" --home "${TARGET_HOME}" --shell /bin/bash "${TARGET_USER}"
  else
    useradd --uid "${TARGET_UID}" --gid "${TARGET_GID}" --home-dir "${TARGET_HOME}" --shell /bin/bash "${TARGET_USER}"
  fi
else
  TARGET_USER=$(printf '%s' "${existing_user}" | cut -d: -f1)
  TARGET_HOME=$(printf '%s' "${existing_user}" | cut -d: -f6)
fi

install -d -m 0755 "${TARGET_HOME}" "${TARGET_WORKSPACE}"
# Ensure mounts are owned by the runtime user.
chown "${TARGET_UID}:${TARGET_GID}" "${TARGET_HOME}" "${TARGET_WORKSPACE}"

for lock in \
  "${TARGET_HOME}/.config/spyder/spyder.lock" \
  "${TARGET_HOME}/.local/share/spyder/spyder.lock" \
  "${TARGET_HOME}/.spyder-py3/spyder.lock"
do
  # Remove stale Spyder locks that can survive bind mounts.
  rm -f "$lock"
done

export HOME="${TARGET_HOME}"
export USER="${TARGET_USER}"
export QTWEBENGINE_DISABLE_SANDBOX="${QTWEBENGINE_DISABLE_SANDBOX:-1}"

cd "${TARGET_WORKSPACE}"

exec gosu "${TARGET_UID}:${TARGET_GID}" micromamba run -n base "$@"