#!/usr/bin/env bash
# ==============================================================================
# OpenClaw Deployment Script (Docker Compose + Traefik)
# ==============================================================================
# Deploys OpenClaw gateway behind the shared Traefik reverse proxy.
# Source: https://docs.openclaw.ai/install/docker
#
# Usage:  deploy-docker-openclaw.sh
#         deploy-docker-openclaw.sh --domain claw.an2.io
#         deploy-docker-openclaw.sh --remove [--purge] [--yes]
# ==============================================================================

set -euo pipefail

SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
source "${SCRIPT_DIR}/common.sh"

# --- Parse arguments ---
parse_args "$@"

# --- Service config ---
SERVICE_NAME="openclaw"
BASE_DIR="/opt/${SERVICE_NAME}"
CONFIG_NAME="${SERVICE_NAME}"
UNIT_NAME="${SERVICE_NAME}-docker"

# --- Handle --remove ---
if [[ "$ARG_REMOVE" == "1" ]]; then
    require_root
    do_remove "$SERVICE_NAME" "$CONFIG_NAME" "$UNIT_NAME" "$BASE_DIR"
    exit 0
fi

# --- Domain resolution ---
if [[ -n "$ARG_DOMAIN" ]]; then
    DOMAIN="$ARG_DOMAIN"
elif [[ -f "${BASE_DIR}/.env" ]] && grep -q '^DOMAIN=' "${BASE_DIR}/.env"; then
    DOMAIN="$(grep '^DOMAIN=' "${BASE_DIR}/.env" | cut -d= -f2)"
else
    DOMAIN="openclaw.an2.io"
fi

# --- Detect current state for banner ---
traefik_status="Not found — will deploy"
if docker ps --format '{{.Names}}' 2>/dev/null | grep -q '^traefik$'; then
    traefik_status="Running"
elif [[ -f "${TRAEFIK_DIR}/docker-compose.yml" ]]; then
    traefik_status="Stopped — will start"
fi

install_mode="Fresh install"
if [[ -f "${BASE_DIR}/.env" ]]; then
    install_mode="Re-run (preserving data)"
fi

# --- Print deployment plan ---
echo ""
echo -e "${CYAN}══════════════════════════════════════════════${NC}"
echo -e "${CYAN}  Deploying OpenClaw (Docker)${NC}"
echo -e "${CYAN}══════════════════════════════════════════════${NC}"
echo -e "  Domain:      ${DOMAIN}"
echo -e "  Data:        ${BASE_DIR}"
echo -e "  Traefik:     ${traefik_status}"
echo -e "  Mode:        ${install_mode}"
echo -e "${CYAN}══════════════════════════════════════════════${NC}"
echo ""

# --- Check if already deployed and running ---
if [[ -f "${BASE_DIR}/docker-compose.yml" ]] && \
   docker ps --format '{{.Names}}' 2>/dev/null | grep -q '^openclaw$'; then
    echo -e "${GREEN}  OpenClaw is already running — nothing to do.${NC}"
    echo ""
    echo -e "  Logs:      docker logs -f openclaw"
    echo -e "  Backup:    ${SCRIPT_DIR}/backup-openclaw.sh"
    echo -e "  Remove:    $0 --remove [--purge]"
    echo ""
    exit 0
fi

# --- Shared infrastructure ---
require_root
detect_os
install_prerequisites
ensure_docker_network
ensure_traefik
configure_firewall

# --- Backup restore check ---
if check_and_restore_backup "$SERVICE_NAME"; then
    saved_domain="$DOMAIN"
    # shellcheck source=/dev/null
    source "${BASE_DIR}/.env"
    DOMAIN="$saved_domain"
else
    # --- Fresh install ---

    if [[ -f "${BASE_DIR}/.env" ]]; then
        saved_domain="$DOMAIN"
        # shellcheck source=/dev/null
        source "${BASE_DIR}/.env"
        DOMAIN="$saved_domain"
    fi

    mkdir -p "${BASE_DIR}/data"
    chown -R 1000:1000 "${BASE_DIR}/data"

    # --- Generate .env ---
    cat > "${BASE_DIR}/.env" <<DOTENV
# Generated by deploy-docker-openclaw.sh on $(date -Iseconds)
DOMAIN=${DOMAIN}
DOTENV
    chmod 600 "${BASE_DIR}/.env"
    ok ".env written."

    # --- Generate docker-compose.yml ---
    cat > "${BASE_DIR}/docker-compose.yml" <<'COMPOSE'
services:
  openclaw:
    image: ghcr.io/openclaw/openclaw:latest
    container_name: openclaw
    restart: unless-stopped
    security_opt:
      - no-new-privileges:true
    mem_limit: 2G
    user: "1000:1000"
    environment:
      - OPENCLAW_CONFIG_DIR=/home/node/.openclaw
    volumes:
      - ./data:/home/node/.openclaw
    networks:
      - traefik-public
    logging:
      driver: json-file
      options:
        max-size: "50m"
        max-file: "5"

networks:
  traefik-public:
    external: true
COMPOSE
    ok "docker-compose.yml written."
fi

# --- Always do these (fresh or restored) ---
write_traefik_dynamic_config "$CONFIG_NAME" "$DOMAIN" "http://openclaw:18789"
install_systemd_unit "$UNIT_NAME" "$BASE_DIR"
(cd "$BASE_DIR" && docker compose up -d)
wait_for_healthy "openclaw" "http://localhost:18789/healthz" 120

# --- Summary ---
echo ""
echo -e "${GREEN}══════════════════════════════════════════════${NC}"
echo -e "${GREEN}  OpenClaw deployed successfully${NC}"
echo -e "${GREEN}══════════════════════════════════════════════${NC}"
echo -e "  URL:         https://${DOMAIN}"
echo -e "  Data:        ${BASE_DIR}/data/"
echo -e "  Traefik:     ${TRAEFIK_DYNAMIC_DIR}/${CONFIG_NAME}.yml"
echo -e "  Systemd:     systemctl status ${UNIT_NAME}"
echo -e "  Logs:        docker logs -f openclaw"
echo -e "${GREEN}══════════════════════════════════════════════${NC}"
echo ""