#!/bin/bash
# scripts/bootstrap/prepare-node.sh
# Real node preparation script for the homelab platform.
# Responsibilities:
# - validate Linux environment
# - create runtime directories
# - install/check dependencies (git, docker, tailscale)
# - create homelab runtime layout
# - validate Docker daemon
# - validate network access
# - support idempotent re-runs

set -e

# Configuration
RUNTIME_ROOT="/opt/homelab"
DIRECTORIES=("config" "data" "logs" "state" "backups")
LOG_FILE="/tmp/homelab-prepare-node.log"

# Colors for output
RED='\033[0;31m'
GREEN='\033[0;32m'
YELLOW='\033[1;33m'
NC='\033[0m' # No Color

log() {
    echo -e "${GREEN}[INFO]${NC} $1" | tee -a "$LOG_FILE"
}

warn() {
    echo -e "${YELLOW}[WARN]${NC} $1" | tee -a "$LOG_FILE"
}

error() {
    echo -e "${RED}[ERROR]${NC} $1" | tee -a "$LOG_FILE" >&2
    exit 1
}

log "Starting homelab node preparation..."

# 1. Validate Linux environment
if [[ "$OSTYPE" != "linux-gnu"* ]]; then
    error "This script only supports Linux."
fi

if [[ $EUID -ne 0 ]]; then
   error "This script must be run as root (use sudo)."
fi

# 2. Create runtime directories
log "Creating runtime directories in $RUNTIME_ROOT..."
mkdir -p "$RUNTIME_ROOT"
for dir in "${DIRECTORIES[@]}"; do
    mkdir -p "$RUNTIME_ROOT/$dir"
done
chmod -R 755 "$RUNTIME_ROOT"

# 3. Install/check dependencies
install_apt_deps() {
    log "Updating apt and installing dependencies..."
    apt-get update -y
    apt-get install -y git curl apt-transport-https ca-certificates gnupg lsb-release
}

# Docker installation
if ! command -v docker &> /dev/null; then
    log "Installing Docker..."
    install_apt_deps
    curl -fsSL https://get.docker.com -o get-docker.sh
    sh get-docker.sh
    rm get-docker.sh
else
    log "Docker is already installed."
fi

# Docker Compose Plugin
if ! docker compose version &> /dev/null; then
    log "Installing Docker Compose plugin..."
    apt-get update -y
    apt-get install -y docker-compose-plugin
else
    log "Docker Compose plugin is already installed."
fi

# Tailscale installation
if ! command -v tailscale &> /dev/null; then
    log "Installing Tailscale..."
    curl -fsSL https://tailscale.com/install.sh | sh
else
    log "Tailscale is already installed."
fi

# 4. Validate Docker daemon
log "Validating Docker daemon..."
if ! systemctl is-active --quiet docker; then
    log "Starting Docker service..."
    systemctl enable --now docker
fi

if ! docker info &> /dev/null; then
    error "Docker daemon is not responding correctly."
fi

# 5. Validate network access
log "Validating network access..."
if ! curl -s --head https://google.com | grep "200 OK" > /dev/null; then
    warn "External network access might be limited."
fi

# 6. Prepare SSH access assumptions
log "Checking SSH access assumptions..."
if [[ ! -d "$HOME/.ssh" ]]; then
    mkdir -p "$HOME/.ssh"
    chmod 700 "$HOME/.ssh"
fi
# We assume the user has already set up their keys or will do so.
# We just ensure the directory exists with correct permissions.

log "Node preparation completed successfully!"
log "Runtime layout at $RUNTIME_ROOT is ready."
log "Next step: Run scripts/bootstrap/discover-node.sh to generate discovery data."