#!/bin/bash
# One-time setup for the dedicated status page VPS (Debian 13)
# Installs: git, bun, caddy, clones the repo, sets up systemd service
# Usage: ./setup-status.sh

set -e

SSH="ssh -o StrictHostKeyChecking=no -i ~/.ssh/id_ed25519"
STATUS_HOST="root@46.225.155.167"

echo "[setup] Setting up status page VPS..."

$SSH $STATUS_HOST bash << 'REMOTE'
set -e

# System packages
apt-get update
apt-get install -y git curl unzip

# Install bun
if [ ! -f /root/.bun/bin/bun ]; then
  curl -fsSL https://bun.sh/install | bash
fi
export PATH="/root/.bun/bin:$PATH"

# Install caddy
if ! command -v caddy &>/dev/null; then
  apt-get install -y debian-keyring debian-archive-keyring apt-transport-https
  curl -1sLf 'https://dl.cloudflare.com/cloudflare-main.gpg' | gpg --dearmor -o /usr/share/keyrings/caddy-stable-archive-keyring.gpg 2>/dev/null || true
  curl -1sLf 'https://caddyserver.com/api/download' -o /usr/bin/caddy
  chmod +x /usr/bin/caddy
  # Caddy systemd service
  caddy environ 2>/dev/null || true
  cat > /etc/systemd/system/caddy.service << 'EOF'
[Unit]
Description=Caddy
After=network.target

[Service]
ExecStart=/usr/bin/caddy run --config /etc/caddy/Caddyfile --adapter caddyfile
ExecReload=/usr/bin/caddy reload --config /etc/caddy/Caddyfile --adapter caddyfile
Restart=on-failure
RestartSec=5

[Install]
WantedBy=multi-user.target
EOF
fi

# Clone repo
if [ ! -d /opt/pingql ]; then
  git clone https://git-crush-pinto-befog.forehead-gate.com/ico/pingql.git /opt/pingql
else
  cd /opt/pingql
  git fetch origin && git reset --hard origin/main
fi

# Install status app deps
cd /opt/pingql/apps/status
/root/.bun/bin/bun install

# Caddyfile - reverse proxy to status app, auto HTTPS for any domain
mkdir -p /etc/caddy
cat > /etc/caddy/Caddyfile << 'EOF'
{
	on_demand_tls {
		ask http://localhost:3003/internal/verify-domain
	}
}

status.pingql.com {
	reverse_proxy localhost:3003
}

https:// {
	tls {
		on_demand
	}
	reverse_proxy localhost:3003
}
EOF

# Systemd service for the status app
cat > /etc/systemd/system/pingql-status.service << 'EOF'
[Unit]
Description=PingQL Status
After=network.target

[Service]
WorkingDirectory=/opt/pingql/apps/status
ExecStart=/root/.bun/bin/bun run src/index.ts
Restart=on-failure
RestartSec=3
EnvironmentFile=/opt/pingql/apps/status/.env

[Install]
WantedBy=multi-user.target
EOF

# Enable and start services
systemctl daemon-reload
systemctl enable caddy pingql-status
systemctl restart caddy
systemctl restart pingql-status

echo "Setup complete. Services running."
echo "  - Caddy: $(systemctl is-active caddy)"
echo "  - Status: $(systemctl is-active pingql-status)"
REMOTE

echo "[setup] Done. Don't forget to:"
echo "  1. Create .env at /opt/pingql/apps/status/.env with DATABASE_URL and SECRET"
echo "  2. Point status.pingql.com DNS to 46.225.155.167"
echo "  3. Update deploy.sh STATUS_HOST"