#!/bin/bash
set -e

TUNNEL_NAME="nucleorio-tunnel"
DOMAIN="nucleoriofrio.com"
WILDCARD_SUBDOMAIN="*"

echo "🚀 Cloudflare Tunnel Setup Script"
echo "=================================="
echo ""

# Verificar si cloudflared está instalado
if ! command -v cloudflared &> /dev/null; then
    echo "⚠️  cloudflared no está instalado"
    echo "Instalando cloudflared..."

    if [ -f /etc/debian_version ]; then
        # Debian/Ubuntu
        wget -q https://github.com/cloudflare/cloudflared/releases/latest/download/cloudflared-linux-amd64.deb
        sudo dpkg -i cloudflared-linux-amd64.deb
        rm cloudflared-linux-amd64.deb
    else
        echo "❌ Sistema operativo no soportado. Instala cloudflared manualmente:"
        echo "   https://developers.cloudflare.com/cloudflare-one/connections/connect-apps/install-and-setup/installation/"
        exit 1
    fi
    echo "✓ cloudflared instalado"
fi

# Verificar si ya existe credentials.json
if [ -f "credentials.json" ]; then
    echo "✓ credentials.json ya existe"

    # Extraer TUNNEL_ID del credentials.json
    TUNNEL_ID=$(jq -r '.TunnelID' credentials.json 2>/dev/null || echo "")

    if [ -z "$TUNNEL_ID" ]; then
        echo "⚠️  No se pudo leer TUNNEL_ID de credentials.json"
        echo "   Verifica que el archivo sea válido"
        exit 1
    fi

    echo "✓ TUNNEL_ID encontrado: $TUNNEL_ID"

    # Verificar si el tunnel existe en Cloudflare
    echo "Verificando si el tunnel existe en Cloudflare..."
    if cloudflared tunnel info "$TUNNEL_ID" &> /dev/null; then
        echo "✓ Tunnel '$TUNNEL_NAME' existe en Cloudflare"
    else
        echo "⚠️  El credentials.json existe pero el tunnel no está en Cloudflare"
        echo "   Esto puede pasar si el tunnel fue eliminado"
        echo "   ¿Quieres crear uno nuevo? (s/n)"
        read -r response
        if [[ "$response" =~ ^[Ss]$ ]]; then
            rm credentials.json
            rm .env 2>/dev/null || true
        else
            exit 1
        fi
    fi
fi

# Si no existe credentials.json, crear el tunnel
if [ ! -f "credentials.json" ]; then
    echo ""
    echo "📝 Necesitamos crear un nuevo tunnel"
    echo ""

    # Login a Cloudflare
    echo "1️⃣  Autenticando con Cloudflare..."
    echo "   Se abrirá tu navegador para autorizar"
    cloudflared tunnel login

    # Verificar si ya existe un tunnel con este nombre
    echo ""
    echo "2️⃣  Verificando si existe el tunnel '$TUNNEL_NAME'..."
    EXISTING_TUNNEL=$(cloudflared tunnel list --output json 2>/dev/null | jq -r ".[] | select(.name==\"$TUNNEL_NAME\") | .id" || echo "")

    if [ -n "$EXISTING_TUNNEL" ]; then
        echo "✓ Tunnel '$TUNNEL_NAME' ya existe con ID: $EXISTING_TUNNEL"
        TUNNEL_ID="$EXISTING_TUNNEL"

        # Copiar credentials del directorio de cloudflared
        CRED_FILE="$HOME/.cloudflared/$TUNNEL_ID.json"
        if [ -f "$CRED_FILE" ]; then
            cp "$CRED_FILE" ./credentials.json
            echo "✓ credentials.json copiado"
        else
            echo "⚠️  No se encontró el archivo de credenciales en $CRED_FILE"
            echo "   Creando un nuevo tunnel..."
            cloudflared tunnel delete "$TUNNEL_NAME" --force
            EXISTING_TUNNEL=""
        fi
    fi

    if [ -z "$EXISTING_TUNNEL" ]; then
        echo "Creando nuevo tunnel '$TUNNEL_NAME'..."
        cloudflared tunnel create "$TUNNEL_NAME"

        # Obtener el TUNNEL_ID del nuevo tunnel
        TUNNEL_ID=$(cloudflared tunnel list --output json 2>/dev/null | jq -r ".[] | select(.name==\"$TUNNEL_NAME\") | .id")

        if [ -z "$TUNNEL_ID" ]; then
            echo "❌ Error al crear el tunnel"
            exit 1
        fi

        echo "✓ Tunnel creado con ID: $TUNNEL_ID"

        # Copiar credentials
        cp "$HOME/.cloudflared/$TUNNEL_ID.json" ./credentials.json
        echo "✓ credentials.json creado"
    fi
fi

# Crear/actualizar .env
if [ ! -f ".env" ] || ! grep -q "TUNNEL_ID=" .env 2>/dev/null; then
    echo ""
    echo "3️⃣  Creando archivo .env..."
    echo "TUNNEL_ID=$TUNNEL_ID" > .env
    echo "✓ .env creado con TUNNEL_ID=$TUNNEL_ID"
else
    echo "✓ .env ya existe"
fi

# Configurar DNS en Cloudflare
echo ""
echo "4️⃣  Configurando DNS en Cloudflare..."
echo ""
echo "Para que el tunnel funcione, necesitas configurar DNS:"
echo ""
echo "Opción A: Usando cloudflared CLI (RECOMENDADO)"
echo "----------------------------------------------"
echo "cloudflared tunnel route dns $TUNNEL_ID $WILDCARD_SUBDOMAIN.$DOMAIN"
echo "cloudflared tunnel route dns $TUNNEL_ID $DOMAIN"
echo ""
echo "Opción B: Manualmente en el Dashboard de Cloudflare"
echo "---------------------------------------------------"
echo "1. Ve a https://dash.cloudflare.com"
echo "2. Selecciona tu dominio: $DOMAIN"
echo "3. Ve a DNS > Records"
echo "4. Crea estos registros CNAME:"
echo "   - Name: $WILDCARD_SUBDOMAIN"
echo "     Target: $TUNNEL_ID.cfargotunnel.com"
echo "     Proxy: ON (nube naranja)"
echo ""
echo "   - Name: @"
echo "     Target: $TUNNEL_ID.cfargotunnel.com"
echo "     Proxy: ON (nube naranja)"
echo ""
echo "¿Quieres configurar DNS automáticamente? (s/n)"
read -r dns_response

if [[ "$dns_response" =~ ^[Ss]$ ]]; then
    echo "Configurando DNS..."
    cloudflared tunnel route dns "$TUNNEL_ID" "$WILDCARD_SUBDOMAIN.$DOMAIN" || echo "⚠️  Error configurando wildcard, puede que ya exista"
    cloudflared tunnel route dns "$TUNNEL_ID" "$DOMAIN" || echo "⚠️  Error configurando dominio raíz, puede que ya exista"
    echo "✓ DNS configurado"
fi

echo ""
echo "✅ Setup completado!"
echo ""
echo "Archivos generados:"
echo "  - credentials.json (TUNNEL_ID: $TUNNEL_ID)"
echo "  - .env"
echo ""
echo "Próximos pasos:"
echo "  1. Levanta el tunnel: docker-compose up -d"
echo "  2. Verifica logs: docker-compose logs -f"
echo "  3. Prueba acceder a: https://amigos.$DOMAIN"
echo ""
echo "Nota: credentials.json y .env NO se commitean al repo (están en .gitignore)"