variable "livekit" {
  type = object({
    app_name  = optional(string, "livekit")
    api_key   = string
    image     = string
    version   = string
    http_port = optional(number, 7880)
    tcp_port  = optional(number, 7881)
    udp_port  = optional(number, 7882)
    subdomain = optional(string, "livekit")
  })
}

resource "random_password" "livekit_api_secret" {
  length  = 44
  special = false
}

resource "kubernetes_config_map_v1" "livekit" {
  metadata {
    name      = var.livekit.app_name
    namespace = kubernetes_namespace_v1.stoat.metadata[0].name
  }

  data = {
    "livekit.yml" = templatefile("${path.module}/templates/livekit.yml.tftpl",
      {
        domain = var.domain
        voice_ingress_url = "http://${var.stoat.voice_ingress.name}:8500/worldwide"
        livekit = {
          http_port  = var.livekit.http_port
          tcp_port   = var.livekit.tcp_port
          api_key    = var.livekit.api_key
          api_secret = random_password.livekit_api_secret.result
          subdomain  = var.livekit.subdomain
        }
        redis = {
          host = "${var.redis.app_name}"
          port = 6379
        }
    })
  }
}

resource "kubernetes_service_v1" "livekit" {
  metadata {
    name      = "${var.livekit.app_name}-service"
    namespace = kubernetes_namespace_v1.stoat.metadata[0].name
  }

  spec {
    selector = {
      app = var.livekit.app_name
    }

    type = "NodePort"
    port {
      name        = "http"
      port        = var.livekit.http_port
      target_port = var.livekit.http_port
    }
    port {
      name        = "tcp"
      port        = var.livekit.tcp_port
      target_port = var.livekit.tcp_port
    }
    port {
      name        = "udp"
      port        = var.livekit.udp_port
      target_port = var.livekit.udp_port
    }
  }
}

resource "kubernetes_ingress_v1" "livekit" {
  metadata {
    name      = "${var.livekit.app_name}-service"
    namespace = kubernetes_namespace_v1.stoat.metadata[0].name

    annotations = {
      "cert-manager.io/cluster-issuer" = "letsencrypt"
    }
  }

  spec {
    tls {
      hosts = [
        "${var.livekit.subdomain}.${var.domain}"
      ]
      secret_name = "livekit-tls"
    }

    rule {
      host = "${var.livekit.subdomain}.${var.domain}"
      http {
        path {
          path      = "/"
          path_type = "Prefix"
          backend {
            service {
              name = kubernetes_service_v1.livekit.metadata[0].name
              port {
                number = var.livekit.http_port
              }
            }
          }
        }
      }
    }
  }
}

resource "kubernetes_deployment_v1" "livekit" {
  metadata {
    name      = var.livekit.app_name
    namespace = kubernetes_namespace_v1.stoat.metadata[0].name
  }

  spec {
    replicas = 1
    selector {
      match_labels = {
        app = var.livekit.app_name
      }
    }

    template {
      metadata {
        labels = {
          "app" = var.livekit.app_name
        }
      }

      spec {
        host_network = true
        dns_policy   = "ClusterFirstWithHostNet"
        container {
          name  = var.livekit.app_name
          image = "${var.livekit.image}:${var.livekit.version}"
          # command = [ "/bin/sh", "-c", "--", "while true; do sleep 5; done;"]
          args = ["--config", "/etc/livekit.yml"]
          volume_mount {
            name       = "livekit-config"
            mount_path = "/etc/livekit.yml"
            sub_path   = "livekit.yml"
          }
        }

        volume {
          name = "livekit-config"
          config_map {
            name = kubernetes_config_map_v1.livekit.metadata[0].name
          }
        }
      }
    }
  }
}