package main

import (
	"flag"
	"log"
	"path/filepath"

	"greencoast/internal/api"
	"greencoast/internal/config"
	"greencoast/internal/federation"
	"greencoast/internal/index"
	"greencoast/internal/storage"
)

func main() {
	cfgPath := flag.String("config", "shard.yaml", "path to config")
	flag.Parse()

	cfg, err := config.Load(*cfgPath)
	if err != nil {
		log.Fatalf("config error: %v", err)
	}

	store, err := storage.NewFSStore(cfg.Storage.Path, cfg.Storage.MaxObjectKB)
	if err != nil {
		log.Fatalf("storage error: %v", err)
	}

	dataRoot := filepath.Dir(cfg.Storage.Path)
	idx := index.New(dataRoot)

	srv := api.New(
		store, idx,
		cfg.Privacy.RetainTimestamps == "coarse",
		cfg.Security.ZeroTrust,
		api.AuthProviders{
			SigningSecretHex: cfg.Auth.SigningSecret,
			Discord: api.DiscordProvider{
				Enabled:      cfg.Auth.SSO.Discord.Enabled,
				ClientID:     cfg.Auth.SSO.Discord.ClientID,
				ClientSecret: cfg.Auth.SSO.Discord.ClientSecret,
				RedirectURI:  cfg.Auth.SSO.Discord.RedirectURI,
			},
			GoogleEnabled:   cfg.Auth.SSO.Google.Enabled,
			FacebookEnabled: cfg.Auth.SSO.Facebook.Enabled,
			WebAuthnEnabled: cfg.Auth.TwoFactor.WebAuthnEnabled,
			TOTPEnabled:     cfg.Auth.TwoFactor.TOTPEnabled,
		},
	)

	// Serve the client if enabled
	if cfg.UI.Enable {
		srv.MountStatic(cfg.UI.Path, cfg.UI.BaseURL)
	}

	// listeners
	if cfg.Listen.HTTP != "" {
		go func() { log.Fatal(srv.ListenHTTP(cfg.Listen.HTTP)) }()
	}
	if cfg.TLS.Enable && cfg.Listen.HTTPS != "" {
		go func() { log.Fatal(srv.ListenHTTPS(cfg.Listen.HTTPS, cfg.TLS.CertFile, cfg.TLS.KeyFile)) }()
	}
	if cfg.Federation.MTLSEnable {
		tlsCfg, err := federation.ServerTLSConfig(cfg.Federation.CertFile, cfg.Federation.KeyFile, cfg.Federation.ClientCAFile)
		if err != nil {
			log.Fatalf("federation tls config error: %v", err)
		}
		go func() { log.Fatal(srv.ListenMTLS(cfg.Federation.Listen, tlsCfg)) }()
	}

	// foreground
	if cfg.TLS.Enable && cfg.Listen.HTTPS != "" {
		log.Fatal(srv.ListenHTTPS(cfg.Listen.HTTPS, cfg.TLS.CertFile, cfg.TLS.KeyFile))
		return
	}
	if cfg.Listen.HTTP == "" {
		log.Fatal("no listeners configured (set listen.http or listen.https)")
	}
	log.Fatal(srv.ListenHTTP(cfg.Listen.HTTP))
}