import 'dart:io';

import 'package:dotenv/dotenv.dart';
import 'package:http/http.dart' as http;
import 'package:shelf/shelf.dart';
import 'package:shelf/shelf_io.dart';
import 'package:shelf_router/shelf_router.dart';
import 'package:supabase/supabase.dart';
import 'package:waylume_server/supabase_heartbeat.dart';
import 'package:waylume_server/utils.dart';

var env = DotEnv()..load();

dynamic fromEnivronment(String key) {
  if (kIsRunningInDocker) {
    return Platform.environment[key];
  } else {
    return env[key];
  }
}

final SupabaseClient SUPABASE_CLIENT = SupabaseClient(
    "https://lsdrctuvnwdrzrdyoqzu.supabase.co",
    fromEnivronment('SUPABASE_KEY')!
);



void main() async {

  if (kIsRunningInDocker) {
    print('Running in Docker environment.');
  } else {
    print('Not running in Docker environment.');
  }

  String ip = await getWanIp();

  // Check if SERVER_ID already exists in the database
  var existsCheck = await SUPABASE_CLIENT
      .from("waylume_servers")
      .select()
      .eq("id", fromEnivronment('SERVER_ID'))
      .eq("host_ip", ip);

  if (existsCheck.isEmpty) {
    await SUPABASE_CLIENT
        .from("waylume_servers")
        .insert({
      "id": fromEnivronment('SERVER_ID')!,
      "last_heartbeat": DateTime.now().toUtc().toIso8601String(),
      "host_ip": ip,
    });
  }

  // Verify that WireGuard is installed
  if (!await isWireguardInstalled()) {
    print('WireGuard is not installed. Please install WireGuard to run this server.');
    exit(1);
  } else {
    print('WireGuard is installed.');
  }

  // Start the heartbeat to keep the server alive
  initHeartbeat();

  // Isolate peers to block traffic between them
  if (!Platform.isMacOS) {
    await isolatePeers();
  }

  Router app = Router();

  app.get('/', (request) {
    return Response.ok('Welcome to Waylume Server!');
  });

  var server = await serve(app, '0.0.0.0', 3000);
  print('Server running on http://${server.address.host}:${server.port}');
}

Future<void> isolatePeers() async {
  // Block traffic between peers (peer-to-peer isolation)
  await Process.run('iptables', ['-I', 'FORWARD', '-i', 'wg0', '-o', 'wg0', '-j', 'DROP']);

  // Allow established/related connections (for return traffic)
  await Process.run('iptables', ['-I', 'FORWARD', '-i', 'wg0', '-o', 'wg0', '-m', 'state', '--state', 'ESTABLISHED,RELATED', '-j', 'ACCEPT']);
}