#!/usr/bin/env bash
set -euo pipefail

SERVICE_NAME="vmess-domain-rotator"
RUN_USER=""
RUN_GROUP=""
RUN_USER_SET="0"
RUN_GROUP_SET="0"
INTERVAL="1h"
INSTALL_DEPS="1"

usage() {
	cat <<'EOF'
Usage: sudo bash scripts/install_debian.sh [options]

Default behavior:
- Uses current git repository directory as working directory (in-place mode)
- Uses the user executing sudo as service user

Options:
 --user <name>        Service user (default: current sudo user)
 --group <name>       Service group (default: current sudo user's group)
 --interval <value>   Timer interval, e.g. 1h/10min (default: 1h)
 --no-install-deps    Skip apt dependency install
 -h, --help           Show help

Examples:
 sudo bash scripts/install_debian.sh
 sudo bash scripts/install_debian.sh --interval 10min
 sudo bash scripts/install_debian.sh --user root --group root
EOF
}

while [[ $# -gt 0 ]]; do
	case "$1" in
		--user)
			RUN_USER="$2"
			RUN_USER_SET="1"
			shift 2
			;;
		--group)
			RUN_GROUP="$2"
			RUN_GROUP_SET="1"
			shift 2
			;;
		--interval)
			INTERVAL="$2"
			shift 2
			;;
		--no-install-deps)
			INSTALL_DEPS="0"
			shift
			;;
		-h|--help)
			usage
			exit 0
			;;
		*)
			echo "Unknown option: $1" >&2
			usage
			exit 1
			;;
	esac
done

if [[ "$(id -u)" -ne 0 ]]; then
	echo "Please run as root (use sudo)." >&2
	exit 1
fi

# Get source directory (current git repo)
SOURCE_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")/.." && pwd)"

# Verify we're in a git repository
if ! git -C "$SOURCE_DIR" rev-parse --is-inside-work-tree >/dev/null 2>&1; then
	echo "Error: Current directory is not a git repository." >&2
	echo "This script must be run from within a git repository." >&2
	exit 1
fi

APP_DIR="$SOURCE_DIR"

# Set default user/group from SUDO_USER if available
if [[ -n "${SUDO_USER:-}" ]] && [[ "$RUN_USER_SET" != "1" ]]; then
	RUN_USER="$SUDO_USER"
fi

if [[ -n "${SUDO_USER:-}" ]] && [[ "$RUN_GROUP_SET" != "1" ]]; then
	RUN_GROUP="$(id -gn "$SUDO_USER")"
fi

# Validate that we have a user set
if [[ -z "$RUN_USER" ]]; then
	echo "Error: Could not determine service user. Please run with sudo or specify --user" >&2
	exit 1
fi

if [[ -z "$RUN_GROUP" ]]; then
	echo "Error: Could not determine service group. Please run with sudo or specify --group" >&2
	exit 1
fi

if [[ "$INSTALL_DEPS" == "1" ]]; then
	export DEBIAN_FRONTEND=noninteractive
	apt-get update -y
	apt-get install -y python3 ca-certificates git
fi

# Ensure runtime directory exists with correct permissions
mkdir -p "$APP_DIR/runtime"
chmod +x "$APP_DIR/scripts/run_update_and_commit.sh" || true
chown -R "$RUN_USER:$RUN_GROUP" "$APP_DIR/runtime"

# Generate systemd service unit
cat >"/etc/systemd/system/${SERVICE_NAME}.service" <<EOF
[Unit]
Description=VMess Domain Rotator updater
After=network-online.target
Wants=network-online.target

[Service]
Type=oneshot
User=${RUN_USER}
Group=${RUN_GROUP}
WorkingDirectory=${APP_DIR}
ExecStart=/bin/bash ${APP_DIR}/scripts/run_update_and_commit.sh ${APP_DIR}/config.json
EOF

# Generate systemd timer unit
cat >"/etc/systemd/system/${SERVICE_NAME}.timer" <<EOF
[Unit]
Description=Run VMess Domain Rotator every ${INTERVAL}

[Timer]
OnBootSec=2min
OnUnitActiveSec=${INTERVAL}
AccuracySec=30s
Unit=${SERVICE_NAME}.service
Persistent=true

[Install]
WantedBy=timers.target
EOF

# Enable and start service
systemctl daemon-reload
systemctl enable --now "${SERVICE_NAME}.timer"
systemctl start "${SERVICE_NAME}.service"

echo ""
echo "✓ Installation complete!"
echo ""
echo "Configuration:"
echo "  Working directory: ${APP_DIR}"
echo "  Service user: ${RUN_USER}"
echo "  Service group: ${RUN_GROUP}"
echo "  Timer interval: ${INTERVAL}"
echo ""
echo "Commands:"
echo "  Check status: systemctl status ${SERVICE_NAME}.timer"
echo "  View logs:    journalctl -u ${SERVICE_NAME}.service -n 50 --no-pager"
echo "  Manual run:   systemctl start ${SERVICE_NAME}.service"
echo ""