#!/bin/bash
# Copyright (C) 2023 muink https://github.com/muink
#
# DDNS script
#
# depends jsonfilter

. /usr/lib/natmap/common.sh
. /usr/share/libubox/jshn.sh

# http_request <data> [record_id]
http_request() {
	local data="$1"
	local id="$2"
	local method
	[ -z "${id}" ] && method=POST || method=PUT # or PATCH

	$CURL $retry -L -o /dev/null -X ${method} \
		--url "https://api.cloudflare.com/client/v4/zones/${ZONE_ID}/dns_records/${id}" \
		-H "Authorization: Bearer ${TOKEN}" \
		-H 'Content-Type: application/json' \
		-d "$data"
}

start() {
	local retry='--connect-timeout 3 --retry 5'
	#$CURL $retry -L -X GET \
	#	--url "https://api.cloudflare.com/client/v4/user/tokens/verify" \
	#	-H "Authorization: Bearer ${TOKEN}" \
	#	-H "Content-Type:application/json" | jq
	#$CURL $retry -L -X GET \
	#	--url "https://api.cloudflare.com/client/v4/zones" \
	#	-H "Authorization: Bearer ${TOKEN}" \
	#	-H "Content-Type:application/json" | jq
	local records="$($CURL $retry -L -X GET \
		--url "https://api.cloudflare.com/client/v4/zones/${ZONE_ID}/dns_records" \
		-H "Authorization: Bearer ${TOKEN}" \
		-H 'Content-Type: application/json')"
	[ -z "$records" -o -n "$(grep -E "\"success\":\s*false" <<< "$records")" ] && return 1

	local the_record

	if [ -n "$host" ]; then
		the_record="$(jsonfilter -s "$records" -qe '@.result[*]'|grep "\"type\": \"${hostype}\""|grep "\"name\": \"${host}\"")"
		json_init
		json_add_string type "${hostype}"
		json_add_string name "${host}"
		json_add_string content "${ip}"
		json_add_int ttl 1
		json_add_boolean proxied 0
		http_request "$(json_dump)" "$(jsonfilter -s "$the_record" -qe '@.id')"
	fi

	if [ -n "${srv}" ]; then
		the_record="$(jsonfilter -s "$records" -qe '@.result[*]'|grep "\"type\": \"SRV\""|grep "\"name\": \"_${srv_serv}._${srv_proto}.${srv}\""|grep "\"priority\": ${srv_priority}"|grep "\"weight\": ${srv_weight}")"
		json_init
		json_add_string type "SRV"
		json_add_string name "_${srv_serv}._${srv_proto}.${srv}"
		json_add_object data
			json_add_int priority "${srv_priority}"
			json_add_int weight "${srv_weight}"
			json_add_int port "${port}"
			json_add_string target "${srv_target}"
		json_close_object
		json_add_int ttl 1
		json_add_boolean proxied 0
		http_request "$(json_dump)" "$(jsonfilter -s "$the_record" -qe '@.id')"
	fi

	if [ -n "${https}" ]; then
		the_record="$(jsonfilter -s "$records" -qe '@.result[*]'|grep "\"type\": \"HTTPS\""|grep "\"name\": \"${https}\""|grep "\"priority\": ${https_priority}")"
		json_init
		json_add_string type "HTTPS"
		json_add_string name "${https}"
		json_add_object data
			json_add_int priority "${https_priority}"
			json_add_string target "${https_target}"
			json_add_string value "${https_svcparams}"
		json_close_object
		json_add_int ttl 1
		json_add_boolean proxied 0
		http_request "$(json_dump)" "$(jsonfilter -s "$the_record" -qe '@.id')"
	fi
}


# All external parameters required
ALL_PARAMS="hostype host srv srv_serv srv_proto srv_target srv_priority srv_weight ip port https https_target https_svcparams https_priority tokens"
eval "$(JSON_EXPORT "$1")"; shift
# All external tokens required
INIT_GLOBAL_VAR TOKEN ZONE_ID
eval "$tokens"
start "$@"
