#!/usr/bin/env bash
# Enable or disable network boot (PXE + TFTP) on the provisioning LXC.
# When disabled, TFTP is stopped and no boot server is advertised; DHCP still runs.
# Usage: toggle-network-boot-dhcp.sh enable | disable | status
# Run as root. Install to /opt/cm4-provisioning/toggle-network-boot-dhcp.sh
# LAN gateway for TFTP/next-server is read from /opt/cm4-provisioning/lan-subnet.conf (written by deploy-to-proxmox.sh).

set -e
PXE_CONF="/etc/dnsmasq.d/network-boot-pxe.conf"
MAIN_CONF="/etc/dnsmasq.d/network-boot.conf"

LAN_CONF="/opt/cm4-provisioning/lan-subnet.conf"
if [[ -f "$LAN_CONF" ]]; then
  source "$LAN_CONF"
else
  LAN_GW="10.20.50.1"
fi

# Remove enable-tftp / tftp-root from main config if present (legacy; these belong in PXE conf)
cleanup_main_conf() {
  if [ -f "$MAIN_CONF" ] && grep -q 'enable-tftp\|tftp-root' "$MAIN_CONF" 2>/dev/null; then
    sed -i '/^enable-tftp/d; /^tftp-root/d' "$MAIN_CONF"
  fi
}

case "${1:-}" in
  enable)
    cleanup_main_conf
    cat > "$PXE_CONF" << EOF
# PXE/network boot ENABLED - managed by toggle-network-boot-dhcp.sh
# TFTP server (only active when network boot is enabled)
enable-tftp
tftp-root=/srv/tftpboot
# BOOTP fields (siaddr = TFTP server, filename = boot file)
dhcp-boot=start4cd.elf,,${LAN_GW}
# DHCP options 66/67 (some PXE clients prefer these)
dhcp-option=66,${LAN_GW}
dhcp-option=67,start4cd.elf
EOF
    systemctl restart dnsmasq 2>/dev/null || service dnsmasq restart 2>/dev/null || true
    echo "Network boot enabled (TFTP next-server: $LAN_GW)."
    ;;
  disable)
    cleanup_main_conf
    rm -f "$PXE_CONF"
    systemctl restart dnsmasq 2>/dev/null || service dnsmasq restart 2>/dev/null || true
    echo "Network boot disabled. DHCP still running but no TFTP or boot options."
    ;;
  status)
    if [ -f "$PXE_CONF" ] && grep -q 'enable-tftp' "$PXE_CONF" 2>/dev/null; then
      echo "enabled"
    else
      echo "disabled"
    fi
    ;;
  *)
    echo "Usage: $0 enable | disable | status" >&2
    exit 1
    ;;
esac