#!/bin/bash
# ============================================================================
# Pounce Yield HTTP Routing Setup
# ============================================================================
# This sets up Nginx to catch-all domains pointing to our server
# and route them to the Pounce backend for Yield landing pages.
#
# Instead of Nameserver delegation (which requires Port 53),
# users simply set an A-record pointing to our IP.
#
# Usage: sudo bash setup_yield_nginx.sh
# ============================================================================

set -e

echo "=========================================="
echo "Pounce Yield HTTP Routing Setup"
echo "=========================================="

# Check if running as root
if [ "$EUID" -ne 0 ]; then
    echo "ERROR: Please run as root (sudo)"
    exit 1
fi

NGINX_CONF="/etc/nginx/sites-available/yield-catchall"
SERVER_IP="46.235.147.194"

echo "[1/3] Creating Nginx catch-all config for Yield..."

cat > "$NGINX_CONF" << 'NGINX'
# Pounce Yield Catch-All Server
# This catches all domains pointing to our server that aren't pounce.ch
# and routes them to the Yield routing backend.

server {
    listen 80 default_server;
    listen [::]:80 default_server;
    
    # Catch all hostnames except pounce.ch
    server_name _;
    
    # Skip if it's pounce.ch or www.pounce.ch
    if ($host ~* ^(www\.)?pounce\.ch$) {
        return 444;  # Close connection, let the main server block handle it
    }
    
    # Route all traffic to backend yield routing
    location / {
        # Rewrite to /api/v1/r/{hostname}
        set $yield_domain $host;
        
        proxy_pass http://127.0.0.1:8000/api/v1/r/$yield_domain;
        proxy_http_version 1.1;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
        proxy_set_header X-Yield-Domain $host;
        
        # Handle errors gracefully
        proxy_intercept_errors on;
        error_page 404 502 503 504 = @yield_fallback;
    }
    
    # Fallback for domains not configured in Yield
    location @yield_fallback {
        return 302 https://pounce.ch/yield?domain=$host;
    }
}
NGINX

echo "[2/3] Enabling site and testing config..."

# Enable the site if not already
if [ ! -f "/etc/nginx/sites-enabled/yield-catchall" ]; then
    ln -sf "$NGINX_CONF" /etc/nginx/sites-enabled/yield-catchall
fi

# Test nginx config
nginx -t

echo "[3/3] Reloading Nginx..."
systemctl reload nginx

echo ""
echo "=========================================="
echo "✅ Yield HTTP Routing configured!"
echo "=========================================="
echo ""
echo "How it works:"
echo "1. User sets A-record for their domain to: $SERVER_IP"
echo "2. When someone visits the domain, Nginx catches it"
echo "3. Traffic is routed to /api/v1/r/{domain}"
echo "4. Backend serves the Yield landing page"
echo ""
echo "No DNS server (Port 53) required!"
echo "=========================================="