FROM alpine:latest

# Устанавливаем минимальные зависимости
RUN apk add --no-cache \
    bash \
    curl \
    util-linux \
    && rm -rf /var/cache/apk/*

# Создаем директории
RUN mkdir -p /config /logs /usr/bin

# Создаем основной скрипт-обертку для использования системного AmneziaWG
RUN echo '#!/bin/bash' > /usr/bin/amnezia && \
    echo '# AmneziaWG Client Wrapper' >> /usr/bin/amnezia && \
    echo '# Использует системные утилиты AmneziaWG через nsenter' >> /usr/bin/amnezia && \
    echo '' >> /usr/bin/amnezia && \
    echo '# Проверка наличия системного awg' >> /usr/bin/amnezia && \
    echo 'if [ ! -x /usr/bin/awg ]; then' >> /usr/bin/amnezia && \
    echo '    echo "❌ AmneziaWG tools not available in host system"' >> /usr/bin/amnezia && \
    echo '    exit 1' >> /usr/bin/amnezia && \
    echo 'fi' >> /usr/bin/amnezia && \
    echo '' >> /usr/bin/amnezia && \
    echo 'case "$1" in' >> /usr/bin/amnezia && \
    echo '    connect)' >> /usr/bin/amnezia && \
    echo '        [ -z "$2" ] && echo "Usage: connect <config>" && exit 1' >> /usr/bin/amnezia && \
    echo '        CONFIG="/config/$2.conf"' >> /usr/bin/amnezia && \
    echo '        if [ -f "$CONFIG" ]; then' >> /usr/bin/amnezia && \
    echo '            # Проверяем права конфига' >> /usr/bin/amnezia && \
    echo '            PERMS=$(stat -c %a "$CONFIG" 2>/dev/null)' >> /usr/bin/amnezia && \
    echo '            if [ "$PERMS" != "600" ] && [ "$PERMS" != "400" ]; then' >> /usr/bin/amnezia && \
    echo '                echo "⚠️  Warning: Config file has insecure permissions: $PERMS (should be 600)"' >> /usr/bin/amnezia && \
    echo '            fi' >> /usr/bin/amnezia && \
    echo '            echo "🔄 Connecting to $2 using system AmneziaWG..."' >> /usr/bin/amnezia && \
    echo '            # Используем системный awg-quick через nsenter' >> /usr/bin/amnezia && \
    echo '            nsenter -t 1 -m -u -n -i awg-quick up "$CONFIG"' >> /usr/bin/amnezia && \
    echo '            if [ $? -eq 0 ]; then' >> /usr/bin/amnezia && \
    echo '                echo "✅ Connected to $2"' >> /usr/bin/amnezia && \
    echo '            else' >> /usr/bin/amnezia && \
    echo '                echo "❌ Failed to connect"' >> /usr/bin/amnezia && \
    echo '                exit 1' >> /usr/bin/amnezia && \
    echo '            fi' >> /usr/bin/amnezia && \
    echo '        else' >> /usr/bin/amnezia && \
    echo '            echo "❌ Config $2.conf not found in /config/"' >> /usr/bin/amnezia && \
    echo '            ls -la /config/ 2>/dev/null || echo "   (empty)"' >> /usr/bin/amnezia && \
    echo '            exit 1' >> /usr/bin/amnezia && \
    echo '        fi' >> /usr/bin/amnezia && \
    echo '        ;;' >> /usr/bin/amnezia && \
    echo '' >> /usr/bin/amnezia && \
    echo '    disconnect)' >> /usr/bin/amnezia && \
    echo '        IFACE=$(nsenter -t 1 -m -u -n -i awg show interfaces 2>/dev/null | head -1)' >> /usr/bin/amnezia && \
    echo '        if [ -n "$IFACE" ]; then' >> /usr/bin/amnezia && \
    echo '            echo "🔄 Disconnecting $IFACE..."' >> /usr/bin/amnezia && \
    echo '            nsenter -t 1 -m -u -n -i awg-quick down "$IFACE"' >> /usr/bin/amnezia && \
    echo '            if [ $? -eq 0 ]; then' >> /usr/bin/amnezia && \
    echo '                echo "✅ Disconnected"' >> /usr/bin/amnezia && \
    echo '            else' >> /usr/bin/amnezia && \
    echo '                echo "❌ Failed to disconnect"' >> /usr/bin/amnezia && \
    echo '                exit 1' >> /usr/bin/amnezia && \
    echo '            fi' >> /usr/bin/amnezia && \
    echo '        else' >> /usr/bin/amnezia && \
    echo '            echo "🔌 Not connected"' >> /usr/bin/amnezia && \
    echo '        fi' >> /usr/bin/amnezia && \
    echo '        ;;' >> /usr/bin/amnezia && \
    echo '' >> /usr/bin/amnezia && \
    echo '    status)' >> /usr/bin/amnezia && \
    echo '        nsenter -t 1 -m -u -n -i awg show 2>/dev/null' >> /usr/bin/amnezia && \
    echo '        if [ $? -ne 0 ]; then' >> /usr/bin/amnezia && \
    echo '            echo "🔌 Not connected to AmneziaWG"' >> /usr/bin/amnezia && \
    echo '        fi' >> /usr/bin/amnezia && \
    echo '        ;;' >> /usr/bin/amnezia && \
    echo '' >> /usr/bin/amnezia && \
    echo '    list)' >> /usr/bin/amnezia && \
    echo '        echo "📋 Available AmneziaWG configs:"' >> /usr/bin/amnezia && \
    echo '        ls -1 /config/*.conf 2>/dev/null | sed "s/.*\///;s/.conf//" || echo "   No configs found"' >> /usr/bin/amnezia && \
    echo '        ;;' >> /usr/bin/amnezia && \
    echo '' >> /usr/bin/amnezia && \
    echo '    import)' >> /usr/bin/amnezia && \
    echo '        [ -z "$3" ] && echo "Usage: import <name> <file or URL>" && exit 1' >> /usr/bin/amnezia && \
    echo '        TEMP_FILE="/tmp/$2.conf"' >> /usr/bin/amnezia && \
    echo '        if [[ "$3" =~ ^https?:// ]]; then' >> /usr/bin/amnezia && \
    echo '            echo "📥 Downloading from URL..."' >> /usr/bin/amnezia && \
    echo '            curl -L -s -o "$TEMP_FILE" "$3"' >> /usr/bin/amnezia && \
    echo '        elif [ -f "$3" ]; then' >> /usr/bin/amnezia && \
    echo '            cat "$3" > "$TEMP_FILE"' >> /usr/bin/amnezia && \
    echo '        else' >> /usr/bin/amnezia && \
    echo '            echo "❌ Source not found: $3"' >> /usr/bin/amnezia && \
    echo '            exit 1' >> /usr/bin/amnezia && \
    echo '        fi' >> /usr/bin/amnezia && \
    echo '' >> /usr/bin/amnezia && \
    echo '        # Устанавливаем правильные права (600) для конфига' >> /usr/bin/amnezia && \
    echo '        chmod 600 "$TEMP_FILE"' >> /usr/bin/amnezia && \
    echo '        mv "$TEMP_FILE" "/config/$2.conf"' >> /usr/bin/amnezia && \
    echo '        echo "✅ Imported $2 with secure permissions (600)"' >> /usr/bin/amnezia && \
    echo '        ;;' >> /usr/bin/amnezia && \
    echo '' >> /usr/bin/amnezia && \
    echo '    shell)' >> /usr/bin/amnezia && \
    echo '        echo "🐚 Entering AmneziaWG container shell"' >> /usr/bin/amnezia && \
    echo '        exec /bin/bash' >> /usr/bin/amnezia && \
    echo '        ;;' >> /usr/bin/amnezia && \
    echo '' >> /usr/bin/amnezia && \
    echo '    *)' >> /usr/bin/amnezia && \
    echo '        echo "AmneziaWG VPN Client (using system tools)"' >> /usr/bin/amnezia && \
    echo '        echo "Commands:"' >> /usr/bin/amnezia && \
    echo '        echo "  connect <name>    - Connect to VPN"' >> /usr/bin/amnezia && \
    echo '        echo "  disconnect        - Disconnect from VPN"' >> /usr/bin/amnezia && \
    echo '        echo "  status            - Show connection status"' >> /usr/bin/amnezia && \
    echo '        echo "  list              - List available configs"' >> /usr/bin/amnezia && \
    echo '        echo "  import <n> <f/u>  - Import config from file or URL"' >> /usr/bin/amnezia && \
    echo '        echo "  shell             - Enter container shell"' >> /usr/bin/amnezia && \
    echo '        echo ""' >> /usr/bin/amnezia && \
    echo '        echo "Current configs in /config:"' >> /usr/bin/amnezia && \
    echo '        ls -la /config/ 2>/dev/null || echo "   (empty)"' >> /usr/bin/amnezia && \
    echo '        ;;' >> /usr/bin/amnezia && \
    echo 'esac' >> /usr/bin/amnezia && \
    chmod +x /usr/bin/amnezia

WORKDIR /config
VOLUME ["/config"]

ENTRYPOINT ["/usr/bin/amnezia"]
CMD ["shell"]