#!/usr/bin/env bash

minidlnaConfigFile="/etc/minidlna.conf"

minidlna_installed() {
    pacman -Q minidlna &> /dev/null
}

ufw_installed() {
    pacman -Q ufw &> /dev/null
}

valid_port() {
    local portValue="$1"
    [[ "$portValue" =~ ^[0-9]+$ ]] && (( portValue >= 1 && portValue <= 65535 ))
}

install_minidlna() {
    if minidlna_installed; then
        return 0
    fi

    if ! install_package minidlna; then
        msgbox "Failed to install minidlna."
        return 1
    fi

    return 0
}

enable_minidlna_service() {
    # `sudoFlags` is initialized by the main launcher before sourcing this file.
    # shellcheck disable=SC2154
    if ! sudo "${sudoFlags[@]}" systemctl enable minidlna; then
        msgbox "Failed to enable minidlna."
        return 1
    fi

    return 0
}

read_minidlna_port() {
    local configuredPort=""
    local fallbackPort=""

    if [[ -r "$minidlnaConfigFile" ]]; then
        configuredPort="$(awk -F '=' '
            BEGIN { IGNORECASE = 1 }
            /^[[:space:]]*port[[:space:]]*=/ {
                value = $2
                sub(/[[:space:]]*#.*$/, "", value)
                gsub(/^[[:space:]]+|[[:space:]]+$/, "", value)
                port = value
            }
            END {
                if (port != "") {
                    print port
                }
            }
        ' "$minidlnaConfigFile")"
    fi

    if valid_port "$configuredPort"; then
        printf '%s\n' "$configuredPort"
        return 0
    fi

    fallbackPort="$(inputbox "Unable to confirm the MiniDLNA port from /etc/minidlna.conf. Enter the TCP port to allow." "8200")" || return 1
    if valid_port "$fallbackPort"; then
        printf '%s\n' "$fallbackPort"
        return 0
    fi

    msgbox "A valid MiniDLNA port is required before adding firewall rules."
    return 1
}

detect_private_subnets() {
    ip -o -4 addr show up scope global | awk '
        {
            split($4, parts, "/")
            split(parts[1], octets, ".")
            prefix = parts[2] + 0

            if (octets[1] == 10) {
                subnet = octets[1] "." octets[2] "." octets[3] ".0/24"
            } else if (octets[1] == 192 && octets[2] == 168) {
                subnet = octets[1] "." octets[2] "." octets[3] ".0/24"
            } else if (octets[1] == 172 && octets[2] >= 16 && octets[2] <= 31) {
                subnet = octets[1] "." octets[2] "." octets[3] ".0/24"
            } else {
                next
            }

            if (!seen[subnet]++) {
                print subnet
            }
        }
    '
}

valid_ipv4_subnet() {
    local subnetValue="$1"

    [[ "$subnetValue" =~ ^([0-9]{1,3}\.){3}[0-9]{1,3}/([0-9]|[1-2][0-9]|3[0-2])$ ]] || return 1
    awk -F '[./]' '
        {
            for (octetIndex = 1; octetIndex <= 4; octetIndex++) {
                if ($octetIndex < 0 || $octetIndex > 255) {
                    exit 1
                }
            }
            exit 0
        }
    ' <<< "$subnetValue"
}

choose_lan_subnet() {
    local detectedSubnet=""
    local subnetChoice=""

    detectedSubnet="$(detect_private_subnets | head -n 1)"
    subnetChoice="$(inputbox "Confirm the LAN subnet for MiniDLNA firewall access." "${detectedSubnet:-192.168.1.0/24}")" || return 1
    if valid_ipv4_subnet "$subnetChoice"; then
        printf '%s\n' "$subnetChoice"
        return 0
    fi

    msgbox "Enter a valid IPv4 subnet such as 192.168.1.0/24."
    return 1
}

configure_minidlna_firewall() {
    local minidlnaPort=""
    local lanSubnet=""

    minidlnaPort="$(read_minidlna_port)" || return 1
    lanSubnet="$(choose_lan_subnet)" || return 1

    # `sudoFlags` is initialized by the main launcher before sourcing this file.
    # shellcheck disable=SC2154
    if ! sudo "${sudoFlags[@]}" ufw allow from "$lanSubnet" to any port "$minidlnaPort" proto tcp; then
        msgbox "Failed to allow MiniDLNA TCP access for ${lanSubnet}."
        return 1
    fi

    # `sudoFlags` is initialized by the main launcher before sourcing this file.
    # shellcheck disable=SC2154
    if ! sudo "${sudoFlags[@]}" ufw allow from "$lanSubnet" to any port 1900 proto udp; then
        msgbox "Failed to allow SSDP discovery for ${lanSubnet}."
        return 1
    fi

    # `sudoFlags` is initialized by the main launcher before sourcing this file.
    # shellcheck disable=SC2154
    if ! sudo "${sudoFlags[@]}" ufw reload; then
        msgbox "MiniDLNA firewall rules were added, but ufw reload failed."
        return 1
    fi

    msgbox "MiniDLNA firewall rules were added for ${lanSubnet}."
    return 0
}

install_minidlna || return 1
enable_minidlna_service || return 1

msgbox "MiniDLNA is installed and enabled for future boots. Edit /etc/minidlna.conf to set your media paths before rebooting or before manually starting the service. It will start automatically on the next server reboot."

if ufw_installed; then
    if [[ "$(yesno "ufw is installed. Configure LAN-only firewall rules for MiniDLNA now?")" == "Yes" ]]; then
        configure_minidlna_firewall
    fi
fi