import os
from pydantic_settings import BaseSettings
from dotenv import load_dotenv
import ipaddress

load_dotenv()


def _parse_trusted_proxies(raw: str):
    # raw: comma-separated list of IPs or CIDR ranges
    items = [p.strip() for p in (raw or "").split(",") if p.strip()]
    nets = []
    for p in items:
        try:
            if "/" in p:
                nets.append(ipaddress.ip_network(p, strict=False))
            else:
                # treat single IP as /32 or /128 network
                ip = ipaddress.ip_address(p)
                nets.append(
                    ipaddress.ip_network(
                        ip.exploded + ("/32" if ip.version == 4 else "/128")
                    )
                )
        except Exception:
            # ignoruj błędne wpisy
            continue
    return nets


class Settings(BaseSettings):
    geo_provider: str = os.getenv("GEO_PROVIDER", "maxmind")

    # MaxMind
    maxmind_account_id: str | None = os.getenv("MAXMIND_ACCOUNT_ID")
    maxmind_license_key: str | None = os.getenv("MAXMIND_LICENSE_KEY")
    maxmind_db_name: str = os.getenv("MAXMIND_DB_NAME", "GeoLite2-City")
    maxmind_db_path: str = os.getenv("MAXMIND_DB_PATH", "/data/GeoLite2-City.mmdb")
    maxmind_download_url_template: str | None = os.getenv(
        "MAXMIND_DOWNLOAD_URL_TEMPLATE",
        "https://download.maxmind.com/app/geoip_download?edition_id={DBNAME}&license_key={LICENSE_KEY}&suffix=tar.gz",
    )
    maxmind_direct_db_url: str | None = os.getenv("MAXMIND_DIRECT_DB_URL")
    maxmind_github_repo: str | None = os.getenv("MAXMIND_GITHUB_REPO")
    github_token: str | None = os.getenv("GITHUB_TOKEN")

    # IP2Location
    ip2location_download_url: str | None = os.getenv("IP2LOCATION_DOWNLOAD_URL")
    ip2location_db_path: str = os.getenv("IP2LOCATION_DB_PATH", "/data/IP2LOCATION.BIN")

    update_interval_seconds: int = int(os.getenv("UPDATE_INTERVAL_SECONDS", "86400"))

    host: str = os.getenv("HOST", "0.0.0.0")
    port: int = int(os.getenv("PORT", "8000"))
    log_level: str = os.getenv("LOG_LEVEL", "info")

    admin_user: str | None = os.getenv("ADMIN_USER")
    admin_pass: str | None = os.getenv("ADMIN_PASS")
    cache_maxsize: int = int(os.getenv("CACHE_MAXSIZE", "4096"))

    # Nowe: lista zaufanych proxy (CIDR lub IP), oddzielone przecinkami
    # Przykład: "127.0.0.1,10.0.0.0/8,192.168.1.5"
    _trusted_proxies_raw: str | None = os.getenv("TRUSTED_PROXIES", "")

    @property
    def trusted_proxies(self):
        return _parse_trusted_proxies(self._trusted_proxies_raw)


settings = Settings()