#!/usr/bin/env bash
# Start (or restart) the Docker Watcher dev server on port 8090.
# Usage: ./scripts/dev-server.sh

set -euo pipefail

PORT="${LISTEN_ADDR:-:8090}"
PORT_NUM="${PORT#:}"

# Kill existing process on the port if any.
PID=$(netstat -aon 2>/dev/null | grep ":${PORT_NUM}.*LISTEN" | awk '{print $5}' | head -1)
if [ -n "$PID" ] && [ "$PID" != "0" ]; then
    echo "Stopping existing process on port ${PORT_NUM} (PID ${PID})..."
    taskkill //F //PID "$PID" 2>/dev/null || kill "$PID" 2>/dev/null || true
    sleep 1
fi

# Use a stable encryption key for development.
# Generate once and save to data/.dev-key so encrypted tokens survive restarts.
if [ -z "${ENCRYPTION_KEY:-}" ]; then
    KEY_FILE="./data/.dev-key"
    mkdir -p ./data
    if [ -f "$KEY_FILE" ]; then
        ENCRYPTION_KEY=$(cat "$KEY_FILE")
    else
        ENCRYPTION_KEY=$(openssl rand -hex 32)
        echo "$ENCRYPTION_KEY" > "$KEY_FILE"
        echo "Generated new dev encryption key (saved to $KEY_FILE)"
    fi
fi
export ENCRYPTION_KEY
export ADMIN_PASSWORD="${ADMIN_PASSWORD:-admin123}"
export LISTEN_ADDR="${PORT}"

echo "Starting Docker Watcher on http://localhost:${PORT_NUM}"
echo "Login: admin / ${ADMIN_PASSWORD}"
exec go run ./cmd/server