package org.apache.jackrabbit.oak.segment.standby.store;

import io.netty.channel.internal.ChannelUtils;
import io.netty.util.internal.StringUtil;
import java.io.File;
import java.util.Hashtable;
import java.util.Objects;
import org.apache.jackrabbit.guava.common.base.StandardSystemProperty;
import org.apache.jackrabbit.guava.common.io.Closer;
import org.apache.jackrabbit.oak.segment.SegmentStore;
import org.apache.jackrabbit.oak.segment.SegmentStoreProvider;
import org.apache.jackrabbit.oak.segment.file.FileStore;
import org.apache.jackrabbit.oak.segment.standby.client.StandbyClientSync;
import org.apache.jackrabbit.oak.segment.standby.server.StandbyServerSync;
import org.osgi.framework.ServiceRegistration;
import org.osgi.service.component.ComponentContext;
import org.osgi.service.component.annotations.Activate;
import org.osgi.service.component.annotations.Component;
import org.osgi.service.component.annotations.ConfigurationPolicy;
import org.osgi.service.component.annotations.Deactivate;
import org.osgi.service.component.annotations.Reference;
import org.osgi.service.component.annotations.ReferencePolicy;
import org.osgi.service.component.annotations.ReferencePolicyOption;
import org.osgi.service.metatype.annotations.AttributeDefinition;
import org.osgi.service.metatype.annotations.AttributeType;
import org.osgi.service.metatype.annotations.Designate;
import org.osgi.service.metatype.annotations.ObjectClassDefinition;
import org.osgi.service.metatype.annotations.Option;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

@Designate(ocd = Configuration.class)
@Component(configurationPolicy = ConfigurationPolicy.REQUIRE)
/* loaded from: input_file:org/apache/jackrabbit/oak/segment/standby/store/StandbyStoreService.class */
public class StandbyStoreService {
    private static final Logger log = LoggerFactory.getLogger(StandbyStoreService.class);
    private static final int BLOB_CHUNK_SIZE = Integer.getInteger("oak.standby.blob.chunkSize", 1048576).intValue();

    @Reference(policy = ReferencePolicy.STATIC, policyOption = ReferencePolicyOption.GREEDY)
    private SegmentStoreProvider storeProvider = null;
    private final Closer closer = Closer.create();

    /* JADX INFO: Access modifiers changed from: package-private */
    @ObjectClassDefinition(name = "Apache Jackrabbit Oak Segment Tar Cold Standby Service", description = "Provides continuous backups of repositories based on Segment Tar")
    /* loaded from: input_file:org/apache/jackrabbit/oak/segment/standby/store/StandbyStoreService$Configuration.class */
    public @interface Configuration {
        @AttributeDefinition(name = "Persist configuration", description = "Must be always disabled to avoid storing the configuration in the repository")
        boolean org_apache_sling_installer_configuration_persist() default false;

        @AttributeDefinition(name = "Mode", description = "TarMK Cold Standby mode (primary or standby)", options = {@Option(label = "primary", value = "primary"), @Option(label = "standby", value = "standby")})
        String mode() default "primary";

        @AttributeDefinition(name = "Port", description = "TCP/IP port to use")
        int port() default 8023;

        @AttributeDefinition(name = "Primary Host", description = "Primary host (standby mode only)")
        String primary_host() default "127.0.0.1";

        @AttributeDefinition(name = "Sync interval (seconds)", description = "Sync interval in seconds (standby mode only)")
        long interval() default 5;

        @AttributeDefinition(name = "Allowed IP-Ranges", description = "Accept incoming requests for these host names and IP-ranges only (primary mode only)", cardinality = ChannelUtils.WRITE_STATUS_SNDBUF_FULL)
        String[] primary_allowed$_$client$_$ip$_$ranges() default {};

        @AttributeDefinition(name = "Secure", description = "Use secure connections")
        boolean secure() default false;

        @AttributeDefinition(name = "Standby Read Timeout", description = "Timeout for requests issued from the standby instance in milliseconds")
        int standby_readtimeout() default 60000;

        @AttributeDefinition(name = "Standby Automatic Cleanup", description = "Call the cleanup method when the root segment Garbage Collector (GC) generation number increases")
        boolean standby_autoclean() default true;

        @AttributeDefinition(name = "SSL Key File", description = "The file name which contains the SSL key. If this is empty, a key will be generated on-the-fly.")
        String sslKeyFile();

        @AttributeDefinition(name = "SSL Key Password", description = "Password for the SSL key. If this is empty, an unencrypted key is expected.", type = AttributeType.PASSWORD)
        String sslKeyPassword() default "";

        @AttributeDefinition(name = "SSL Certificate Chain File", description = "The file name which contains the SSL certificate chain.")
        String sslChainFile();

        @AttributeDefinition(name = "SSL Validate Client", description = "Validate the client's SSL certificate.")
        boolean sslValidateClient() default false;

        @AttributeDefinition(name = "SSL Certificate Subject Pattern", description = "The peer certificate's subject must match this pattern in order to be accepted.")
        String sslSubjectPattern();
    }

    @Activate
    private void activate(ComponentContext componentContext, Configuration configuration) {
        SegmentStore segmentStore = this.storeProvider.getSegmentStore();
        if (!(segmentStore instanceof FileStore)) {
            throw new IllegalArgumentException("Unexpected SegmentStore implementation");
        }
        FileStore fileStore = (FileStore) segmentStore;
        String mode = configuration.mode();
        if (mode.equals("primary")) {
            bootstrapPrimary(configuration, fileStore);
        } else {
            if (!mode.equals("standby")) {
                throw new IllegalArgumentException(String.format("Unexpected mode property, got '%s'", mode));
            }
            bootstrapSecondary(componentContext, configuration, fileStore);
        }
    }

    @Deactivate
    public void deactivate() throws Exception {
        this.closer.close();
    }

    private void bootstrapPrimary(Configuration configuration, FileStore fileStore) {
        int port = configuration.port();
        String[] primary_allowed$_$client$_$ip$_$ranges = configuration.primary_allowed$_$client$_$ip$_$ranges();
        boolean secure = configuration.secure();
        String sslKeyFile = configuration.sslKeyFile();
        String sslChainFile = configuration.sslChainFile();
        boolean sslValidateClient = configuration.sslValidateClient();
        StandbyServerSync.Builder withSSLSubjectPattern = StandbyServerSync.builder().withPort(port).withFileStore(fileStore).withBlobChunkSize(BLOB_CHUNK_SIZE).withAllowedClientIPRanges(primary_allowed$_$client$_$ip$_$ranges).withSecureConnection(secure).withSSLKeyFile(sslKeyFile).withSSLChainFile(sslChainFile).withSSLClientValidation(sslValidateClient).withSSLSubjectPattern(configuration.sslSubjectPattern());
        if (!StringUtil.EMPTY_STRING.equals(configuration.sslKeyPassword())) {
            withSSLSubjectPattern.withSSLKeyPassword(configuration.sslKeyPassword());
        }
        StandbyServerSync build = withSSLSubjectPattern.build();
        this.closer.register(build);
        build.start();
        log.info("Started primary on port {} with allowed IP ranges {}", Integer.valueOf(port), primary_allowed$_$client$_$ip$_$ranges);
    }

    private void bootstrapSecondary(ComponentContext componentContext, Configuration configuration, FileStore fileStore) {
        StandbyClientSync.Builder withSSLSubjectPattern = StandbyClientSync.builder().withHost(configuration.primary_host()).withPort(configuration.port()).withFileStore(fileStore).withSecureConnection(configuration.secure()).withReadTimeoutMs(configuration.standby_readtimeout()).withAutoClean(configuration.standby_autoclean()).withSpoolFolder(new File(StandardSystemProperty.JAVA_IO_TMPDIR.value())).withSecureConnection(configuration.secure()).withSSLKeyFile(configuration.sslKeyFile()).withSSLChainFile(configuration.sslChainFile()).withSSLSubjectPattern(configuration.sslSubjectPattern());
        if (!StringUtil.EMPTY_STRING.equals(configuration.sslKeyPassword())) {
            withSSLSubjectPattern.withSSLKeyPassword(configuration.sslKeyPassword());
        }
        StandbyClientSync build = withSSLSubjectPattern.build();
        this.closer.register(build);
        Hashtable hashtable = new Hashtable();
        hashtable.put("scheduler.period", Long.valueOf(configuration.interval()));
        hashtable.put("scheduler.concurrent", false);
        ServiceRegistration registerService = componentContext.getBundleContext().registerService(Runnable.class, build, hashtable);
        Closer closer = this.closer;
        Objects.requireNonNull(registerService);
        closer.register(registerService::unregister);
        log.info("Started standby on port {} with {}s sync frequency", Integer.valueOf(configuration.port()), Long.valueOf(configuration.interval()));
    }
}
