#!/usr/bin/env bash
# tools/cmd/railiance-restore-s2 — S2 Kubernetes Runtime restore guide
# Lists available backups and prints restore instructions.
# Actual restore of etcd requires cluster downtime — see instructions below.
set -euo pipefail

BACKUP_DIR="/opt/backup/railiance/cluster"
AGE_KEY="${HOME}/.config/sops/age/keys.txt"

echo ""
echo "railiance-cluster (S2) — Available Backups"
echo "============================================"
echo ""

if [[ ! -d "${BACKUP_DIR}" ]]; then
  echo "  No backup directory found at ${BACKUP_DIR}"
  echo "  Run: sudo make backup"
  exit 1
fi

LAST=""
[[ -f "${BACKUP_DIR}/.last-backup" ]] && LAST="$(cat "${BACKUP_DIR}/.last-backup")"
[[ -n "${LAST}" ]] && echo "  Last backup: ${LAST}" || echo "  Last backup: unknown"
echo ""

list_type() {
  local label="$1" pattern="$2"
  echo "  ${label}:"
  local files
  files="$(find "${BACKUP_DIR}" -name "${pattern}" 2>/dev/null | sort -r)"
  if [[ -z "${files}" ]]; then
    echo "    (none)"
  else
    echo "${files}" | while read -r f; do
      echo "    $(basename "${f}")  [$(du -sh "${f}" | cut -f1)]"
    done
  fi
  echo ""
}

list_type "k3s state (SQLite)" "k3s-state-*.db.age"
list_type "Helm values"        "helm-values-*.tar.gz.age"
list_type "kubeconfig"         "kubeconfig-*.yaml.age"

echo "============================================"
echo ""
echo "Decrypt any file:"
echo "  age -d -i ${AGE_KEY} <file>"
echo ""
echo "Restore kubeconfig:"
echo "  age -d -i ${AGE_KEY} ${BACKUP_DIR}/kubeconfig-<ts>.yaml.age > ~/.kube/config-hosteurope"
echo ""
echo "Restore k3s state (SQLite) — WARNING: destroys current cluster state:"
echo "  # 1. Decrypt the state db"
echo "  age -d -i ${AGE_KEY} ${BACKUP_DIR}/k3s-state-<ts>.db.age > /tmp/k3s-restore.db"
echo "  # 2. Stop k3s"
echo "  sudo systemctl stop k3s"
echo "  # 3. Replace the state db"
echo "  sudo cp /var/lib/rancher/k3s/server/db/state.db /var/lib/rancher/k3s/server/db/state.db.bak"
echo "  sudo cp /tmp/k3s-restore.db /var/lib/rancher/k3s/server/db/state.db"
echo "  sudo rm -f /var/lib/rancher/k3s/server/db/state.db-shm /var/lib/rancher/k3s/server/db/state.db-wal"
echo "  # 4. Start k3s"
echo "  sudo systemctl start k3s"
echo ""
echo "Restore Helm values (for re-running helm upgrade after cluster restore):"
echo "  age -d -i ${AGE_KEY} ${BACKUP_DIR}/helm-values-<ts>.tar.gz.age | tar -xz -C /tmp/helm-restore/"
echo ""
