#!/bin/bash

set -e

SERVER_IP="139.155.109.62"
SERVER_USER="root"
DEPLOY_ROOT="/home/novalon/docker-app"
PROJECT_NAME="novalon-website"
PROJECT_DIR="$DEPLOY_ROOT/$PROJECT_NAME"
CONTAINER_NAME="novalon-website"

echo "🚀 开始部署Novalon网站到服务器 $SERVER_IP"
echo "📁 部署根目录: $DEPLOY_ROOT"
echo "📁 项目目录: $PROJECT_DIR"
echo "🐳 容器名称: $CONTAINER_NAME"
echo "📦 版本号: 1.0.0"
echo ""

echo "📋 步骤1: 验证SSH连接..."
if ! ssh -o ConnectTimeout=5 "$SERVER_USER@$SERVER_IP" exit; then
    echo "❌ 无法连接到服务器 $SERVER_IP"
    exit 1
fi
echo "✅ SSH连接验证成功"

echo ""
echo "📋 步骤2: 上传部署文件..."
ssh "$SERVER_USER@$SERVER_IP" "mkdir -p '$PROJECT_DIR'"
scp -r docker-compose.yml Dockerfile nginx.conf .env.example setup-ssl.sh "$SERVER_USER@$SERVER_IP:$PROJECT_DIR/"
echo "✅ 部署文件已上传"

echo ""
echo "📋 步骤3: 在服务器上执行部署..."
ssh "$SERVER_USER@$SERVER_IP" << ENDSSH
cd '$PROJECT_DIR'

echo "🔒 配置SSL证书..."
chmod +x setup-ssl.sh
./setup-ssl.sh

echo "📋 检查环境变量文件..."
if [ ! -f .env ]; then
    echo "📝 创建.env文件..."
    cp .env.example .env
    echo "⚠️  请编辑.env文件，填入正确的环境变量"
    echo "⚠️  必须配置: DATABASE_URL, NEXTAUTH_SECRET, NEXTAUTH_URL, RESEND_API_KEY, OPS_ALERT_EMAIL"
    exit 1
fi

echo "🐳 启动Docker容器..."
docker-compose down
docker-compose pull
docker-compose up -d

echo "📋 等待服务启动..."
timeout=60
elapsed=0
while [ $elapsed -lt $timeout ]; do
    if docker ps | grep -q "$CONTAINER_NAME"; then
        echo "✅ 服务已启动"
        break
    fi
    sleep 2
    elapsed=$((elapsed + 2))
done
if [ $elapsed -ge $timeout ]; then
    echo "❌ 服务启动超时"
    exit 1
fi

echo "📋 检查容器状态..."
docker ps | grep "$CONTAINER_NAME"

echo "📋 检查容器日志..."
docker logs "$CONTAINER_NAME" --tail 50

echo "📋 配置SSL证书自动续期..."
# 添加certbot自动续期cron任务
if ! crontab -l | grep -q "certbot renew"; then
    if ! (crontab -l 2>/dev/null; echo "0 0,12 * * * certbot renew --quiet --post-hook 'docker restart novalon-nginx'") | crontab -; then
        echo "❌ SSL证书自动续期任务配置失败"
        exit 1
    fi
    echo "✅ SSL证书自动续期任务已配置"
else
    echo "✅ SSL证书自动续期任务已存在"
fi

echo "✅ 部署完成！"
ENDSSH

echo ""
echo "🎉 部署脚本执行完成！"
echo "📋 访问地址:"
echo "   HTTP:  http://$SERVER_IP"
echo "   HTTPS: https://$SERVER_IP"
echo "   域名:  https://novalon.cn"
echo ""
echo "📋 后续步骤:"
echo "   1. 验证网站可访问性"
echo "   2. 检查容器运行状态: docker ps"
echo "   3. 查看容器日志: docker logs $CONTAINER_NAME"
echo "   4. 验证HTTPS配置"
echo "   5. 测试网站主要功能"
echo "   6. 检查SSL证书自动续期: crontab -l"