#!/usr/bin/env bash
# tools/cmd/railiance-restore-s2 — S2 Kubernetes Runtime restore guide
# Lists available backups and prints restore instructions.
# Actual restore of etcd requires cluster downtime — see instructions below.
set -euo pipefail

BACKUP_DIR="/opt/backup/railiance/cluster"
AGE_KEY="${HOME}/.config/sops/age/keys.txt"

echo ""
echo "railiance-cluster (S2) — Available Backups"
echo "============================================"
echo ""

if [[ ! -d "${BACKUP_DIR}" ]]; then
  echo "  No backup directory found at ${BACKUP_DIR}"
  echo "  Run: sudo make backup"
  exit 1
fi

LAST=""
[[ -f "${BACKUP_DIR}/.last-backup" ]] && LAST="$(cat "${BACKUP_DIR}/.last-backup")"
[[ -n "${LAST}" ]] && echo "  Last backup: ${LAST}" || echo "  Last backup: unknown"
echo ""

list_type() {
  local label="$1" pattern="$2"
  echo "  ${label}:"
  local files
  files="$(find "${BACKUP_DIR}" -name "${pattern}" 2>/dev/null | sort -r)"
  if [[ -z "${files}" ]]; then
    echo "    (none)"
  else
    echo "${files}" | while read -r f; do
      echo "    $(basename "${f}")  [$(du -sh "${f}" | cut -f1)]"
    done
  fi
  echo ""
}

list_type "etcd snapshots" "etcd-*.snap.age"
list_type "Helm values"    "helm-values-*.tar.gz.age"
list_type "kubeconfig"     "kubeconfig-*.yaml.age"

echo "============================================"
echo ""
echo "Decrypt any file:"
echo "  age -d -i ${AGE_KEY} <file>"
echo ""
echo "Restore kubeconfig:"
echo "  age -d -i ${AGE_KEY} ${BACKUP_DIR}/kubeconfig-<ts>.yaml.age > ~/.kube/config-hosteurope"
echo ""
echo "Restore etcd snapshot (WARNING: destroys current cluster state):"
echo "  # 1. Decrypt the snapshot"
echo "  age -d -i ${AGE_KEY} ${BACKUP_DIR}/etcd-<ts>.snap.age > /tmp/etcd-restore.snap"
echo "  # 2. Copy to k3s snapshot directory"
echo "  sudo cp /tmp/etcd-restore.snap /var/lib/rancher/k3s/server/db/snapshots/"
echo "  # 3. Stop k3s and restore"
echo "  sudo systemctl stop k3s"
echo "  sudo k3s server --cluster-reset --cluster-reset-restore-path=/var/lib/rancher/k3s/server/db/snapshots/etcd-restore.snap"
echo "  sudo systemctl start k3s"
echo ""
echo "Restore Helm values (for re-running helm upgrade after cluster restore):"
echo "  age -d -i ${AGE_KEY} ${BACKUP_DIR}/helm-values-<ts>.tar.gz.age | tar -xz -C /tmp/helm-restore/"
echo ""
