#!/bin/bash
set -e  # Exit on error

### Configuration Variables ###
APPS_OSTEST_IP="10.46.44.164"  # IP for *.apps.ostest.shiftstack.local
APPS_HYPERSHIFT_IP="10.46.44.167"  # IP for *.apps.shiftstack-hcp.hypershift.lab
SERVER_IP=$(ip -4 -o addr show dev external | awk '{print $4}' | cut -d/ -f1)  # Detect the external IP

echo "🔍 Verifying existing services..."
sudo ss -tulnp | grep :53 || true
podman ps -a | grep dnsmasq || true
sudo systemctl status dnsmasq || true
sudo systemctl disable --now dnsmasq || true

echo "📂 Creating dnsmasq configuration..."
mkdir -p ~/dnsmasq/logs
cat <<EOF > ~/dnsmasq/dnsmasq.conf
port=53
listen-address=${SERVER_IP},127.0.0.1
bind-interfaces
address=/apps.ostest.shiftstack.local/${APPS_OSTEST_IP}
address=/apps.shiftstack-hcp.hypershift.lab/${APPS_HYPERSHIFT_IP}
resolv-file=/etc/resolv.conf
log-queries
log-facility=/var/log/dnsmasq/dnsmasq.log
EOF
chmod 644 ~/dnsmasq/dnsmasq.conf

echo "🚀 Starting dnsmasq in Podman..."
sudo podman run -d --name dnsmasq \
    --restart=always \
    --network=host \
    --cap-add=NET_ADMIN \
    -v ~/dnsmasq/dnsmasq.conf:/etc/dnsmasq.conf:Z \
    -v ~/dnsmasq/logs:/var/log/dnsmasq:Z \
    docker.io/alpine sh -c "apk add --no-cache dnsmasq && dnsmasq -k"

echo "✅ Verifying dnsmasq is running..."
sudo ss -tulnp | grep :53
podman ps -a
podman logs dnsmasq | tail -n 20

echo "🔥 Configuring firewall..."
sudo firewall-cmd --add-service=dns --permanent
sudo firewall-cmd --reload
sudo firewall-cmd --list-services

echo "🔎 Testing DNS resolution..."
nslookup apps.ostest.shiftstack.local 127.0.0.1
dig @${SERVER_IP} apps.ostest.shiftstack.local

echo "✅ Setup complete! Configure other servers to use ${SERVER_IP} as their DNS server."