package maker

import (
	"context"
	"fmt"
	"os"
	"path/filepath"
	"strings"

	"yizhisec.com/hsv2/forge/internal/opt"
	"yizhisec.com/hsv2/forge/pkg/logger"
	"yizhisec.com/hsv2/forge/pkg/resource"
)

func (m *maker) AppNginx(ctx context.Context, version string, vendor string, replica int, inlcudeImage bool) error {
	const (
		_upsert = `#!/bin/bash

kubectl create configmap nginx-main --namespace hsv2 --from-file=nginx.conf=./conf/nginx.conf --dry-run=client -o yaml | kubectl apply -f -
kubectl create configmap nginx-user --namespace hsv2 --from-file=user.conf=./conf/user.conf --dry-run=client -o yaml | kubectl apply -f -
kubectl create configmap nginx-gateway --namespace hsv2 --from-file=gateway.conf=./conf/gateway.conf --dry-run=client -o yaml | kubectl apply -f -
kubectl create configmap nginx-web --namespace hsv2 --from-file=web.conf=./conf/web.conf --dry-run=client -o yaml | kubectl apply -f -
kubectl create configmap nginx-client --namespace hsv2 --from-file=client.conf=./conf/client.conf --dry-run=client -o yaml | kubectl apply -f -
kubectl create configmap nginx-common --namespace hsv2 --from-file=common.conf=./conf/common.conf --dry-run=client -o yaml | kubectl apply -f -
%s

kubectl create configmap ssl-ca-crt --namespace hsv2 --from-file=ca.crt=./ssl/ca.crt --dry-run=client -o yaml | kubectl apply -f -
kubectl create configmap ssl-ffdhe2048  --namespace hsv2 --from-file=ffdhe2048.txt=./ssl/ffdhe2048.txt --dry-run=client -o yaml | kubectl apply -f -

kubectl create configmap ssl-server-crt --namespace hsv2 --from-file=server.crt=./ssl/server.crt --dry-run=client -o yaml | kubectl apply -f -
kubectl create configmap ssl-server-key --namespace hsv2 --from-file=server.key=./ssl/server.key --dry-run=client -o yaml | kubectl apply -f -

kubectl create configmap ssl-mqtt-crt --namespace hsv2 --from-file=mqtt.server.crt=./ssl/mqtt.server.crt --dry-run=client -o yaml | kubectl apply -f -
kubectl create configmap ssl-mqtt-key --namespace hsv2 --from-file=mqtt.server.key=./ssl/mqtt.server.key --dry-run=client -o yaml | kubectl apply -f -

kubectl create configmap ssl-client-server-crt --namespace hsv2 --from-file=client.server.crt=./ssl/client.server.crt --dry-run=client -o yaml | kubectl apply -f -
kubectl create configmap ssl-client-server-key --namespace hsv2 --from-file=client.server.key=./ssl/client.server.key --dry-run=client -o yaml | kubectl apply -f -

kubectl create configmap ssl-web-server-crt --namespace hsv2 --from-file=web.server.crt=./ssl/web.server.crt --dry-run=client -o yaml | kubectl apply -f -
kubectl create configmap ssl-web-server-key --namespace hsv2 --from-file=web.server.key=./ssl/web.server.key --dry-run=client -o yaml | kubectl apply -f -

kubectl apply -f deployment.yaml
kubectl rollout restart deployment nginx-deployment -n hsv2`
	)
	var (
		err          error
		workdir      = filepath.Join(m.workdir, "app", "nginx")
		applySeafile = "kubectl create configmap nginx-seafile --namespace hsv2 --from-file=seafile.conf=./conf/seafile.conf --dry-run=client -o yaml | kubectl apply -f -"
	)

	logger.Info("☑️ maker.AppNginx: 开始构建 nginx, version = %s, vendor = %s, workdir = %s", version, vendor, workdir)

	logger.Debug("☑️ maker.AppNginx: 创建工作目录 = %s", workdir)
	_ = os.RemoveAll(workdir)
	if err = os.MkdirAll(workdir, 0755); err != nil {
		return err
	}
	logger.Debug("✅ maker.AppNginx: 创建工作目录成功 = %s", workdir)

	if inlcudeImage {
		logger.Debug("☑️ maker.AppNginx: start pull image = %s", opt.IMAGE_NGINX)
		if err = m.Image(ctx, opt.IMAGE_NGINX, WithImageSave(filepath.Join(workdir, "nginx.tar"))); err != nil {
			logger.Debug("❌ maker.AppNginx: 拉取镜像失败: %v", err)
			return err
		}
		logger.Debug("✅ maker.AppNginx: pull image success = %s", opt.IMAGE_NGINX)

		tag := strings.Split(opt.IMAGE_NGINX, ":")[1]
		logger.Debug("☑️ maker.AppNginx: write tag.txt = %s", tag)
		if err = os.WriteFile(filepath.Join(workdir, "tag.txt"), []byte(tag), 0644); err != nil {
			logger.Debug("❌ maker.AppNginx: 写入 tag.txt 失败: %v", err)
			return err
		}
	}

	// 子目录: conf 与 ssl
	confDir := filepath.Join(workdir, "conf")
	sslDir := filepath.Join(workdir, "ssl")

	logger.Debug(" ☑️ maker.AppNginx: 创建 conf 与 ssl 子目录")
	if err = os.MkdirAll(confDir, 0755); err != nil {
		logger.Debug("❌ maker.AppNginx: 创建 conf 目录失败: %v", err)
		return err
	}
	if err = os.MkdirAll(sslDir, 0755); err != nil {
		logger.Debug("❌ maker.AppNginx: 创建 ssl 目录失败: %v", err)
		return err
	}
	logger.Debug("✅ maker.AppNginx: 创建 conf 与 ssl 子目录成功")

	// 写入 nginx 配置文件到 conf 子目录（列表 + for 循环）
	logger.Debug(" ☑️ maker.AppNginx: 写入 nginx 配置文件到 conf 子目录")
	confFiles := []struct {
		name    string
		content []byte
	}{
		{"nginx.conf", resource.NGINXMain},
		{"user.conf", resource.NGINXUser},
		{"gateway.conf", resource.NGINXGateway},
		{"web.conf", resource.NGINXWeb},
		{"client.conf", resource.NGINXClient},
		{"common.conf", resource.NGINXCommon},
	}

	// vendor != elink, append seafile conf
	if vendor != "elink" {
		confFiles = append(confFiles, struct {
			name    string
			content []byte
		}{
			"seafile.conf", resource.NGINXSeafile,
		})
	}

	for _, f := range confFiles {
		dest := filepath.Join(confDir, f.name)
		if err = os.WriteFile(dest, f.content, 0644); err != nil {
			logger.Debug("❌ maker.AppNginx: 写入 %s 失败: %v", f.name, err)
			return err
		}
		logger.Debug("✅ maker.AppNginx: 写入 %s 成功, dest = %s", f.name, dest)
	}
	logger.Debug("✅ maker.AppNginx: 写入 nginx 配置文件成功")

	// 写入 ssl 文件到 ssl 子目录
	logger.Debug(" ☑️ maker.AppNginx: 写入 SSL 证书与密钥到 ssl 子目录")
	sslFiles := []struct{ name, content string }{
		{"ffdhe2048.txt", resource.SSLFFDHE2048},
		{"ca.crt", resource.SSLCaCrt},
		{"server.crt", resource.SSLServerCrt},
		{"server.key", resource.SSLServerKey},
		{"mqtt.server.crt", resource.SSLMQTTServerCrt},
		{"mqtt.server.key", resource.SSLMQTTServerKey},
		{"client.server.crt", resource.SSLClientServerCrt},
		{"client.server.key", resource.SSLClientServerKey},
		{"web.server.crt", resource.SSLWebServerCrt},
		{"web.server.key", resource.SSLWebServerKey},
	}
	for _, f := range sslFiles {
		dest := filepath.Join(sslDir, f.name)
		if err = os.WriteFile(dest, []byte(f.content), 0644); err != nil {
			logger.Debug("❌ maker.AppNginx: 写入 %s 失败: %v", f.name, err)
			return err
		}
		logger.Debug("✅ maker.AppNginx: 写入 %s 成功, dest = %s", f.name, dest)
	}

	// write nginx deployment yaml
	dest := filepath.Join(workdir, "deployment.yaml")
	content := []byte(fmt.Sprintf(resource.YAMLAppNGINX, replica))
	if err = os.WriteFile(dest, content, 0644); err != nil {
		logger.Debug("❌ maker.AppNginx: 写入 deployment.yaml 失败: %v", err)
		return err
	}
	logger.Debug("✅ maker.AppNginx: 写入 deployment.yaml 成功, dest = %s", dest)

	// write nginx upsert script
	dest = filepath.Join(workdir, "upsert.sh")
	if vendor == "elink" {
		applySeafile = ""
	}
	content = []byte(fmt.Sprintf(_upsert, applySeafile))
	if err = os.WriteFile(dest, content, 0755); err != nil {
		logger.Debug("❌ maker.AppNginx: 写入 upsert.sh 失败: %v", err)
		return err
	}
	logger.Debug("✅ maker.AppNginx: 写入 upsert.sh 成功, dest = %s", dest)

	if err = os.WriteFile(filepath.Join(workdir, "version.txt"), []byte(version), 0644); err != nil {
		logger.Debug("❌ maker.AppNginx: 写入 version.txt 失败: %v", err)
		return err
	}

	logger.Info("✅ maker.AppNginx: nginx 构建完成, version = %s, vendor = %s", version, vendor)
	return nil
}