#!/bin/sh
set -eu

PATH=/usr/local/bin:/usr/syno/bin:/usr/bin:/bin

PKG="${SYNOPKG_PKGNAME:-Fail2BanCommunity}"
PKG_DEST="${SYNOPKG_PKGDEST:-/var/packages/$PKG/target}"
OUTDIR="$PKG_DEST/ui/data"
JAILDIR="$OUTDIR/jails"
COMPOSE_FILE="$PKG_DEST/project/compose.yaml"
CONTAINER_SCRIPT="/usr/local/bin/write-ui-data-container.sh"

mkdir -p "$OUTDIR" "$JAILDIR"

PACKAGE_RUNNING=false
if synopkg status "$PKG" 2>/dev/null | grep -q '"status":"running"'; then
    PACKAGE_RUNNING=true
fi

COMPOSE_PRESENT=false
if [ -f "$COMPOSE_FILE" ]; then
    COMPOSE_PRESENT=true
fi

CID=""
if command -v docker >/dev/null 2>&1; then
    CID="$(docker ps \
        --filter label=com.docker.compose.service=fail2ban \
        --format '{{.ID}}' | head -n1 || true)"
fi

if [ -n "$CID" ]; then
    exec docker exec \
        -e PKG="$PKG" \
        -e PACKAGE_RUNNING="$PACKAGE_RUNNING" \
        -e COMPOSE_PRESENT="$COMPOSE_PRESENT" \
        -e OUTDIR="/ui-data" \
        "$CID" "$CONTAINER_SCRIPT"
fi

WORKDIR="$(mktemp -d /tmp/f2b-ui-host.XXXXXX)"

cleanup() {
    rm -rf "$WORKDIR"
}
trap cleanup EXIT INT TERM

find "$JAILDIR" -maxdepth 1 -type f -delete 2>/dev/null || true

printf '%s\n' 'fail2ban container not running' > "$WORKDIR/status-client.txt"
printf '%s\n' 'sshd jail status unavailable' > "$WORKDIR/status-sshd.txt"
printf '{"ok":true,"jails":{}}\n' > "$WORKDIR/jails.json"
: > "$WORKDIR/banned-ips.txt"

cat > "$WORKDIR/status.json" <<EOF_JSON
{"ok":true,"package":{"name":"$PKG","running":$PACKAGE_RUNNING},"fail2ban":{"reachable":false,"compose_file_present":$COMPOSE_PRESENT,"jail_count":-1,"jails":[]},"sshd":{"exists":false,"currently_failed":-1,"total_failed":-1,"currently_banned":-1,"total_banned":-1,"file_list":[],"banned_ips":[]}}
EOF_JSON

install -m 644 "$WORKDIR/status.json" "$OUTDIR/status.json"
install -m 644 "$WORKDIR/status-client.txt" "$OUTDIR/status-client.txt"
install -m 644 "$WORKDIR/status-sshd.txt" "$OUTDIR/status-sshd.txt"
install -m 644 "$WORKDIR/jails.json" "$OUTDIR/jails.json"
install -m 644 "$WORKDIR/banned-ips.txt" "$OUTDIR/banned-ips.txt"
