#!/usr/bin/env bash

SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
AZURITE_DIR="$SCRIPT_DIR/storage"

if [[ ! -d "$AZURITE_DIR" ]]; then
  echo "No accounts found"
  exit 0
fi

if ! command -v azurite &> /dev/null; then
  echo "Azurite is not installed. Please install it with 'npm install -g azurite'"
  exit 1
fi

if command -v caddy &> /dev/null; then
  CADDY=true
else
  CADDY=""
fi

OAUTH_ARGS=()

while [[ $# -gt 0 ]]; do
  case "$1" in
    --oauth)
      OAUTH_ARGS=("--oauth" "basic")
      shift
      ;;
    --no-caddy)
      CADDY=""
      shift
      ;;
    *)
      echo "Unknown argument: $1"
      exit 1
      ;;
  esac
done

AZURITE_ACCOUNTS_FILE="$AZURITE_DIR/accounts.env"
set -a
. $AZURITE_ACCOUNTS_FILE
set +a

if [[ -n "$CADDY" ]]; then
  # If using Caddy, it will reverse proxy blob, queue, and table endpoints to different ports on localhost,
  # allowing simultaneous access to all services on a single HTTPS port.
  echo "Starting Caddy server..."
  caddy start --config Caddyfile # Use start not run, start does not block the shell process.
  trap "echo 'Stopping Caddy server...'; caddy stop" EXIT INT TERM HUP KILL STOP
  CERT_ARGS=()
  BLOB_ARGS=()
  OAUTH_ARGS=() # Ensure OAuth is disabled when using Caddy, as Azurite does not support OAuth in reverse proxy mode.
else
  # If not using Caddy, configure Azurite to listen on all interfaces and use the generated self-signed certificate.
  # This mode does not require Caddy, but it will not allow simultaneous access to the table and queue services on the same HTTPS port.
  BLOB_ARGS=("--blobHost" "0.0.0.0" "--blobPort" "443")
  CERT_ARGS=("--key" "$AZURITE_DIR/server_key.pem" "--cert" "$AZURITE_DIR/server_cert.pem")
fi

azurite \
    --disableTelemetry \
    --location "$AZURITE_DIR" \
    "${CERT_ARGS[@]}" \
    "${BLOB_ARGS[@]}" \
    "${OAUTH_ARGS[@]}"