#!/bin/bash
# GCP Ollama Nginx Proxy 部署腳本 (110 手動執行)
# ADR-110 三層容災 — 讓 K3s 透過內網存取 GCP Ollama
# 執行: ssh wooo@192.168.0.110 'sudo bash -s' < deploy-ollama-proxy-110.sh

set -euo pipefail

echo "🚀 部署 GCP Ollama Nginx Proxy (110)..."

# 配置內容
NGINX_CONF="/etc/nginx/sites-enabled/110-ollama-proxy.conf"

# 備份現有配置
if [ -f "$NGINX_CONF" ]; then
    echo "📦 備份現有配置..."
    cp "$NGINX_CONF" "${NGINX_CONF}.backup.$(date +%Y%m%d%H%M%S)"
fi

# 寫入 nginx 配置
echo "📝 寫入 nginx 配置..."
cat > "$NGINX_CONF" << 'EOF'
# 110 Ollama GCP Proxy — ADR-110 三層容災
# 讓 K3s 叢集內可透過內網 110 存取 GCP 外網 Ollama

# ============================================================
# Ollama GCP-A Primary (port 11435 → 34.143.170.20:11434)
# ============================================================
server {
    listen 11435;
    listen [::]:11435;
    server_name _;
    
    access_log /var/log/nginx/ollama-gcp-a-access.log;
    error_log /var/log/nginx/ollama-gcp-a-error.log warn;
    
    location / {
        proxy_pass http://34.143.170.20:11434;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        
        # Ollama 推理可能較慢，給較長超時
        proxy_connect_timeout 10s;
        proxy_send_timeout 300s;
        proxy_read_timeout 300s;
        
        # 支援 streaming response
        proxy_buffering off;
        proxy_cache off;
    }
    
    # 健康檢查端點
    location /nginx-health {
        access_log off;
        return 200 "Ollama GCP-A Proxy OK\n";
        add_header Content-Type text/plain;
    }
}

# ============================================================
# Ollama GCP-B Secondary (port 11436 → 34.21.145.224:11434)
# ============================================================
server {
    listen 11436;
    listen [::]:11436;
    server_name _;
    
    access_log /var/log/nginx/ollama-gcp-b-access.log;
    error_log /var/log/nginx/ollama-gcp-b-error.log warn;
    
    location / {
        proxy_pass http://34.21.145.224:11434;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        
        proxy_connect_timeout 10s;
        proxy_send_timeout 300s;
        proxy_read_timeout 300s;
        
        proxy_buffering off;
        proxy_cache off;
    }
    
    location /nginx-health {
        access_log off;
        return 200 "Ollama GCP-B Proxy OK\n";
        add_header Content-Type text/plain;
    }
}
EOF

# 測試 nginx 配置
echo "🧪 測試 nginx 配置..."
nginx -t

# 重載 nginx
echo "🔄 重載 nginx..."
systemctl reload nginx

# 驗證端口監聽
echo "🔍 驗證端口監聽..."
sleep 2
ss -tlnp | grep -E '11435|11436' || true

# 本地測試
echo "🌐 本地測試 proxy..."
echo "測試 GCP-A proxy (11435)..."
curl -s -o /dev/null -w "%{http_code}" http://127.0.0.1:11435/api/tags || echo "連線失敗"
echo ""

echo "測試 GCP-B proxy (11436)..."
curl -s -o /dev/null -w "%{http_code}" http://127.0.0.1:11436/api/tags || echo "連線失敗"
echo ""

echo "✅ 部署完成！"
echo ""
echo "下一步："
echo "1. 從 K3s node 測試: curl http://192.168.0.110:11435/api/tags"
echo "2. 修改 K8s ConfigMap 指向 110:11435/11436"
echo "3. 重啟 awoooi-api deployment"