#!/bin/sh
set -e

# Create edgedragon user if it doesn't exist
if ! id -u edgedragon >/dev/null 2>&1; then
    if command -v useradd >/dev/null 2>&1; then
        useradd --system --no-create-home --shell /usr/sbin/nologin edgedragon
    elif command -v adduser >/dev/null 2>&1; then
        # Alpine/BusyBox style
        adduser -S -D -H -h /dev/null -s /sbin/nologin edgedragon
    else
        echo "Could not find useradd or adduser. Cannot create edgedragon user."
        exit 1
    fi
fi

# Copy default config if it doesn't exist
if [ ! -f /etc/edgedragon/config.yaml ] && [ -f /usr/share/edgedragon/config.yaml.example ]; then
    cp /usr/share/edgedragon/config.yaml.example /etc/edgedragon/config.yaml
    echo "Created default configuration at /etc/edgedragon/config.yaml"
fi

# Set ownership on directories
# Set ownership on directories
chown -R edgedragon:edgedragon /var/lib/edgedragon /var/log/edgedragon /etc/edgedragon /var/cache/edgedragon /usr/share/edgedragon 2>/dev/null || true
chmod 755 /var/lib/edgedragon /var/log/edgedragon /etc/edgedragon /var/cache/edgedragon 2>/dev/null || true

# Fix permissions on share directory (recursive)
find /usr/share/edgedragon -type d -exec chmod 755 {} \; 2>/dev/null || true
find /usr/share/edgedragon -type f -exec chmod 644 {} \; 2>/dev/null || true

# Apply sysctl settings for QUIC/HTTP3 performance
if [ -f /etc/sysctl.d/99-edgedragon.conf ] && command -v sysctl >/dev/null 2>&1; then
    sysctl -p /etc/sysctl.d/99-edgedragon.conf 2>/dev/null || true
fi

# Clean up old fail2ban filter (replaced by split configs in v1.x+)
if [ -f /etc/fail2ban/filter.d/edgedragon.conf ]; then
    rm -f /etc/fail2ban/filter.d/edgedragon.conf
fi

# Reload fail2ban to pick up new/updated filters
if command -v fail2ban-client >/dev/null 2>&1; then
    fail2ban-client reload 2>/dev/null || true
fi

# Enable and reload systemd service (if systemd is available)
if command -v systemctl >/dev/null 2>&1 && systemctl --version >/dev/null 2>&1; then
    systemctl daemon-reload
    systemctl enable edgedragon.service 2>/dev/null || true
    systemctl try-restart edgedragon.service 2>/dev/null || true
fi

# Enable OpenRC service (if OpenRC is available)
if command -v rc-update >/dev/null 2>&1; then
    rc-update add edgedragon default 2>/dev/null || true
fi

echo "edgedragon installed successfully."
echo "Configure: /etc/edgedragon/config.yaml"
echo "Start: systemctl start edgedragon (or rc-service edgedragon start)"
