#!/usr/bin/env bash
set -euo pipefail
ORIG_USER=${SUDO_USER:-$(id -un)}

# 1. base packages (Arch + yay if missing)
sudo pacman -Syq --needed --noconfirm git rustup protobuf gcc pipewire pipewire-pulse tailscale base-devel
if ! command -v yay >/dev/null 2>&1; then
  echo "→ installing yay from AUR ..."
  sudo -u "$ORIG_USER" bash -c '
    cd /tmp && git clone --depth 1 https://aur.archlinux.org/yay.git &&
    cd yay && makepkg -si --noconfirm'
fi

# 2. Rust tool-chain for both accounts
sudo rustup default stable
sudo -u "$ORIG_USER" rustup default stable

# 3. writable build tree under /var/src  (create once, chown to user)
SRC_DIR=/var/src/navka
if [[ ! -d $SRC_DIR ]]; then
  sudo mkdir -p /var/src
  sudo chown "$ORIG_USER":"$ORIG_USER" /var/src
fi
if [[ -d $SRC_DIR/.git ]]; then
  sudo -u "$ORIG_USER" git -C "$SRC_DIR" pull --ff-only
else
  sudo -u "$ORIG_USER" git clone "$PWD" "$SRC_DIR"
fi

# 4. build (as the normal user – avoids root-owned Cargo.lock)
sudo -u "$ORIG_USER" bash -c "cd '$SRC_DIR/server' && cargo build --release"

# 5. install payload
sudo install -Dm755 "$SRC_DIR/server/target/release/navka-server" /usr/local/bin/navka-server
sudo install -Dm755 "$SRC_DIR/scripts/navka-core.sh"               /usr/local/bin/navka-core.sh

# 6. systemd units
cat <<'UNIT' | sudo tee /etc/systemd/system/navka-core.service >/dev/null
[Unit]
Description=Navka USB gadget bring-up
[Service]
Type=oneshot
ExecStart=/usr/local/bin/navka-core.sh
RemainAfterExit=yes
[Install]
WantedBy=multi-user.target
UNIT

cat <<'UNIT' | sudo tee /etc/systemd/system/navka-server.service >/dev/null
[Unit]
Description=Navka gRPC relay
After=network.target navka-core.service
[Service]
ExecStart=/usr/local/bin/navka-server
Restart=always
User=root
[Install]
WantedBy=multi-user.target
UNIT

sudo systemctl daemon-reload
sudo systemctl enable --now navka-core.service navka-server.service
echo "✅  navka-server installed and running."