#!/bin/bash
set -euo pipefail

echo "=== Installing LXD on Debian Bookworm ==="

# Check if snapd is installed
if ! command -v snap &> /dev/null; then
    echo "Installing snapd..."
    sudo apt update
    sudo apt install -y snapd
    echo "Enabling snapd service..."
    sudo systemctl enable --now snapd.socket
    # Wait for snapd to be ready
    sleep 5
else
    echo "snapd already installed"
fi

# Check if LXD is already installed
if snap list lxd &> /dev/null; then
    echo "LXD already installed via snap"
else
    echo "Installing LXD via snap..."
    sudo snap install lxd
fi

# Check if LXD is initialized
if sudo lxd init --dump &> /dev/null; then
    echo "LXD already initialized"
else
    echo "Initializing LXD with default settings..."
    sudo lxd init --auto
fi

echo ""
echo "Configuring LXD network for Docker compatibility..."
lxc network set lxdbr0 ipv4.firewall false 2>/dev/null || true
lxc network set lxdbr0 ipv6.firewall false 2>/dev/null || true
lxc network set lxdbr0 ipv4.nat true 2>/dev/null || true

LXD_SUBNET=$(lxc network get lxdbr0 ipv4.address)
if ! sudo iptables -t nat -C POSTROUTING -s "$LXD_SUBNET" ! -d "$LXD_SUBNET" -j MASQUERADE 2>/dev/null; then
    sudo iptables -t nat -I POSTROUTING -s "$LXD_SUBNET" ! -d "$LXD_SUBNET" -j MASQUERADE
fi

if command -v docker &>/dev/null; then
    if ! sudo iptables -C DOCKER-USER -i lxdbr0 -j ACCEPT 2>/dev/null; then
        sudo iptables -I DOCKER-USER -i lxdbr0 -j ACCEPT
    fi
    if ! sudo iptables -C DOCKER-USER -o lxdbr0 -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT 2>/dev/null; then
        sudo iptables -I DOCKER-USER -o lxdbr0 -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
    fi
fi

echo "✓ LXD installation complete!"
echo "  Default network bridge (lxdbr0) configured for internet access"

# Add user to lxd group for passwordless access
if groups "$USER" | grep -q "\blxd\b"; then
    echo "  User '$USER' already in lxd group"
else
    echo "Adding user '$USER' to lxd group..."
    sudo usermod -a -G lxd "$USER"
    echo "✓ User added to lxd group"
    echo ""
    echo "IMPORTANT: You need to log out and back in for group changes to take effect"
    echo "Or run: newgrp lxd"
fi