#!/usr/bin/env bash
# Generate node keys for all new Besu nodes

set -euo pipefail
SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
PROJECT_ROOT="$(cd "$SCRIPT_DIR/.." && pwd)"
source "$PROJECT_ROOT/config/ip-addresses.conf"

get_host_for_vmid() {
    local vmid=$1
    if [[ "$vmid" =~ ^(1505|1506|1507|1508)$ ]]; then
        echo "${PROXMOX_HOST_ML110}"
    elif [[ "$vmid" =~ ^(2420|2430|2440|2460|2470|2480)$ ]]; then
        echo "${PROXMOX_HOST_R630_01}"
    else
        echo "${PROXMOX_HOST_R630_01}"
    fi
}

generate_node_key() {
    local vmid=$1
    local ip=$2
    local hostname=$3
    local host=$(get_host_for_vmid $vmid)
    
    echo "Generating node key for $vmid ($hostname)..."
    
    # Generate node key using Besu
    ssh -o StrictHostKeyChecking=no root@${host} "pct exec $vmid -- bash -c '
        mkdir -p /data/besu
        /opt/besu/bin/besu public-key export --node-private-key-file=/data/besu/key 2>&1 || \
        /opt/besu/bin/besu public-key export --node-private-key-file=/data/besu/key --to=/data/besu/key.pub 2>&1 || \
        echo \"Key generation needed\"
    '" 2>&1 | head -5
    
    # Generate key if it doesn't exist
    ssh -o StrictHostKeyChecking=no root@${host} "pct exec $vmid -- bash -c '
        if [ ! -f /data/besu/key ]; then
            openssl ecparam -name secp256k1 -genkey -noout -out /data/besu/key 2>/dev/null || \
            /opt/besu/bin/besu public-key export --node-private-key-file=/data/besu/key 2>&1 || true
        fi
        chown -R besu:besu /data/besu
    '" 2>&1
    
    # Extract public key and create enode
    local pubkey=$(ssh -o StrictHostKeyChecking=no root@${host} "pct exec $vmid -- bash -c '
        if [ -f /data/besu/key ]; then
            /opt/besu/bin/besu public-key export --node-private-key-file=/data/besu/key 2>&1 | head -1
        fi
    '" 2>/dev/null | tr -d '\n' | sed 's/^0x//')
    
    if [[ -n "$pubkey" && ${#pubkey} -ge 128 ]]; then
        echo "$vmid|$hostname|$ip|enode://${pubkey}@${ip}:30303"
    else
        echo "$vmid|$hostname|$ip|PENDING"
    fi
}

echo "Generating node keys for all new nodes..."
for vmid in 1505 1506 1507 1508 2420 2430 2440 2460 2470 2480; do
    case $vmid in
        1505) generate_node_key 1505 "${IP_SERVICE_21:-${IP_SERVICE_21:-${IP_SERVICE_21:-${IP_SERVICE_21:-${IP_SERVICE_21:-192.168.11.21}}}}}3" "besu-sentry-alltra-1" ;;
        1506) generate_node_key 1506 "${IP_SERVICE_21:-${IP_SERVICE_21:-${IP_SERVICE_21:-${IP_SERVICE_21:-${IP_SERVICE_21:-192.168.11.21}}}}}4" "besu-sentry-alltra-2" ;;
        1507) generate_node_key 1507 "${IP_RPC_244:-${IP_RPC_244:-${IP_RPC_244:-192.168.11.244}}}" "besu-sentry-hybx-1" ;;
        1508) generate_node_key 1508 "${IP_RPC_245:-${IP_RPC_245:-${IP_RPC_245:-192.168.11.245}}}" "besu-sentry-hybx-2" ;;
        2420) generate_node_key 2420 "${RPC_ALLTRA_1:-192.168.11.172}" "besu-rpc-alltra-1" ;;
        2430) generate_node_key 2430 "${RPC_ALLTRA_2:-192.168.11.173}" "besu-rpc-alltra-2" ;;
        2440) generate_node_key 2440 "${RPC_ALLTRA_3:-192.168.11.174}" "besu-rpc-alltra-3" ;;
        2460) generate_node_key 2460 "${RPC_HYBX_1:-192.168.11.246}" "besu-rpc-hybx-1" ;;
        2470) generate_node_key 2470 "${RPC_HYBX_2:-192.168.11.247}" "besu-rpc-hybx-2" ;;
        2480) generate_node_key 2480 "${RPC_HYBX_3:-192.168.11.248}" "besu-rpc-hybx-3" ;;
    esac
done