#!/bin/sh /etc/rc.common

USE_PROCD=1

# Program path
PROG=/usr/bin/AdGuardHome

# Start after network (19 matches dnsmasq)
START=19
# Stop before network stops
STOP=89

# Handle boot process
boot() {
    adguardhome_boot=1
    start "$@"
}

# Configure DNS to use port 53
use_port53() {
    local dns_port="$1"
    local adguard_port="$2"
    local config_file="$3"

    [ "$dns_port" != "53" ] && return
    
    # Update AdGuardHome config
    sed -i '/dns:/,/^[^ ]/{ /[[:space:]]*port:/ s/port:[[:space:]]*[0-9]\+/port: 53/ }' "$config_file"
    
    # Update dnsmasq config
    uci set "dhcp.@dnsmasq[0].port=$adguard_port"
    uci commit dhcp
    /etc/init.d/dnsmasq restart
}

# Restore original port configuration
rm_port53() {
    local current_port="$1"
    local new_port="$2"
    local config_file="$3"

    [ "$current_port" != "53" ] && return
    
    # Update AdGuardHome config
    sed -i '/dns:/,/^[^ ]/{ /[[:space:]]*port:/ s/port:[[:space:]]*[0-9]\+/port: '"$new_port"'/ }' "$config_file"
    
    # Restore dnsmasq config
    uci -q set "dhcp.@dnsmasq[0].port=53"
    uci commit dhcp
    /etc/init.d/dnsmasq restart
}

# Set up firewall redirect rules
set_redirect() {
    local dest_port="$1"
    local section
    
    # Add new redirect section
    section=$(uci add firewall redirect)
    [ -z "$section" ] && return
    [ "$(uci -q get "firewall.$section.dest_port")" = "$dest_port" ] && return
    
    # Configure redirect rules
    uci -q set "firewall.$section.target=DNAT"
    uci -q set "firewall.$section.name=AdGuard Home"
    uci -q set "firewall.$section.src=lan"
    uci -q set "firewall.$section.src_dport=53"
    uci -q set "firewall.$section.dest_port=$dest_port"
    
    # Apply changes
    uci commit firewall
    /etc/init.d/firewall reload
    echo "Firewall rules updated."
}

# Clear all AdGuard Home redirect rules
clear_redirect() {
    local redirects
    redirects=$(uci show firewall | grep "AdGuard Home" | cut -d'.' -f1-2)
    [ -z "$redirects" ] && return
    
    for redirect in $redirects; do
        uci -q delete "$redirect"
        echo "Deleted redirect rule: $redirect"
    done
    
    uci commit firewall
    /etc/init.d/firewall reload
    echo "Firewall rules updated."
}

# Configure dnsmasq to forward requests to AdGuard Home
set_forward_dnsmasq() {
    local port="$1"
    local current_server="$2"
    local addr="127.0.0.1#$port"
    
    echo "$current_server" | grep -q "^$addr" && return
    
    uci -q add_list dhcp.@dnsmasq[0].server="$addr"
    uci -q delete "dhcp.@dnsmasq[0].resolvfile"
    uci set "dhcp.@dnsmasq[0].noresolv=1"
    uci commit dhcp
    /etc/init.d/dnsmasq restart
}

# Stop forwarding requests to AdGuard Home
stop_forward_dnsmasq() {
    local port="$1"
    local current_server="$2"
    local addr="127.0.0.1#$port"
    
    echo "$current_server" | grep -q "^$addr" || return
    
    uci -q delete "dhcp.@dnsmasq[0].server"
    uci -q delete "dhcp.@dnsmasq[0].noresolv"
    uci commit dhcp
    /etc/init.d/dnsmasq restart
}

# Start AdGuard Home service
start_service() {
    local AdGuardHome_PORT
    local dnsmasq_port
    local DNSMASQ_SERVER
    
    # Skip if during boot
    [ -n "$adguardhome_boot" ] && return 0

    # Load configuration
    config_load adguardhome
    config_get CONFIG_FILE config config "/etc/adguardhome.yaml"
    config_get PID_FILE config pidfile "/run/adguardhome.pid"
    config_get WORK_DIR config workdir "/var/lib/adguardhome"
    config_get REDIRECT config redirect "none"
    config_get_bool ENABLED config enabled 0
    
    # Get ports configuration
    AdGuardHome_PORT=$(awk '/dns:/{f=1} f&&/port:/{split($0,a,": *");print a[2];exit}' "$CONFIG_FILE")
    dnsmasq_port=$(uci -q get dhcp.@dnsmasq[0].port)
    DNSMASQ_SERVER=$(uci -q get dhcp.@dnsmasq[0].server)
    
    # Check if service is enabled
    [ "$ENABLED" -eq 0 ] && return 1

    # Create working directory if needed
    [ -d "$WORK_DIR" ] || mkdir -m 0755 -p "$WORK_DIR"

    # Configure redirect mode
    case "$REDIRECT" in
        "redirect")
            set_redirect "$AdGuardHome_PORT"
            ;;
        "dnsmasq-upstream")
            set_forward_dnsmasq "$AdGuardHome_PORT" "$DNSMASQ_SERVER"
            ;;
        "exchange")
            use_port53 "$dnsmasq_port" "$AdGuardHome_PORT" "$CONFIG_FILE"
            ;;
    esac

    # Start service
    procd_open_instance adguardhome
    procd_set_param command "$PROG" -c "$CONFIG_FILE" -w "$WORK_DIR" --pidfile "$PID_FILE" --no-check-update
    procd_set_param stdout 1
    procd_set_param stderr 1
    procd_set_param user root
    procd_close_instance
}

# Stop AdGuard Home service
stop_service() {
    local AdGuardHome_PORT
    local dnsmasq_port
    local DNSMASQ_SERVER
    
    # Skip if during boot
    [ -n "$adguardhome_boot" ] && return 0

    # Load configuration
    config_load adguardhome
    config_get CONFIG_FILE config config "/etc/adguardhome.yaml"
    
    # Get ports configuration
    AdGuardHome_PORT=$(awk '/dns:/{f=1} f&&/port:/{split($0,a,": *");print a[2];exit}' "$CONFIG_FILE")
    dnsmasq_port=$(uci -q get dhcp.@dnsmasq[0].port)
    DNSMASQ_SERVER=$(uci -q get dhcp.@dnsmasq[0].server)
    
    # Clean up configurations
    rm_port53 "$AdGuardHome_PORT" "$dnsmasq_port" "$CONFIG_FILE"
    clear_redirect
    stop_forward_dnsmasq "$AdGuardHome_PORT" "$DNSMASQ_SERVER"
}

# Reload service
reload_service() {
    restart
}

# Service triggers
service_triggers() {
    procd_add_reload_trigger "adguardhome"
    
    # Add interface trigger during boot
    if [ -n "$adguardhome_boot" ]; then
        # Wait for interfaces to be up before starting AdGuard Home
        # Prevents issues like https://github.com/openwrt/packages/issues/21868
        procd_add_raw_trigger "interface.*.up" 5000 /etc/init.d/adguardhome restart
    fi
}
