package grpcserver

import (
	"crypto/tls"
	"database/sql"
	"fmt"
	"net"

	pb "git.wntrmute.dev/kyle/eng-pad-server/gen/engpad/v1"
	"google.golang.org/grpc"
	"google.golang.org/grpc/credentials"
)

type Config struct {
	Addr    string
	TLSCert string
	TLSKey  string
	DB      *sql.DB
	BaseURL string
}

func Start(cfg Config) error {
	cert, err := tls.LoadX509KeyPair(cfg.TLSCert, cfg.TLSKey)
	if err != nil {
		return fmt.Errorf("load TLS cert: %w", err)
	}

	tlsConfig := &tls.Config{
		Certificates: []tls.Certificate{cert},
		MinVersion:   tls.VersionTLS13,
	}

	lis, err := net.Listen("tcp", cfg.Addr)
	if err != nil {
		return fmt.Errorf("listen %s: %w", cfg.Addr, err)
	}

	srv := grpc.NewServer(
		grpc.Creds(credentials.NewTLS(tlsConfig)),
		grpc.UnaryInterceptor(AuthInterceptor(cfg.DB)),
	)

	syncSvc := &SyncService{DB: cfg.DB, BaseURL: cfg.BaseURL}
	pb.RegisterEngPadSyncServer(srv, syncSvc)

	fmt.Printf("gRPC listening on %s\n", cfg.Addr)
	return srv.Serve(lis)
}