import os
from pydantic_settings import BaseSettings
from dotenv import load_dotenv
import ipaddress

load_dotenv()

def _parse_trusted_proxies(raw: str):
    # raw: comma-separated list of IPs or CIDR ranges
    items = [p.strip() for p in (raw or "").split(",") if p.strip()]
    nets = []
    for p in items:
        try:
            if "/" in p:
                nets.append(ipaddress.ip_network(p, strict=False))
            else:
                # treat single IP as /32 or /128 network
                ip = ipaddress.ip_address(p)
                nets.append(ipaddress.ip_network(ip.exploded + ("/32" if ip.version == 4 else "/128")))
        except Exception:
            # ignoruj błędne wpisy
            continue
    return nets

class Settings(BaseSettings):
    geo_provider: str = os.getenv('GEO_PROVIDER', 'maxmind')

    # MaxMind
    maxmind_account_id: str | None = os.getenv('MAXMIND_ACCOUNT_ID')
    maxmind_license_key: str | None = os.getenv('MAXMIND_LICENSE_KEY')
    maxmind_db_name: str = os.getenv('MAXMIND_DB_NAME', 'GeoLite2-City')
    maxmind_db_path: str = os.getenv('MAXMIND_DB_PATH', '/data/GeoLite2-City.mmdb')
    maxmind_download_url_template: str | None = os.getenv(
        'MAXMIND_DOWNLOAD_URL_TEMPLATE',
        'https://download.maxmind.com/app/geoip_download?edition_id={DBNAME}&license_key={LICENSE_KEY}&suffix=tar.gz'
    )
    maxmind_direct_db_url: str | None = os.getenv('MAXMIND_DIRECT_DB_URL')
    maxmind_github_repo: str | None = os.getenv('MAXMIND_GITHUB_REPO')
    github_token: str | None = os.getenv('GITHUB_TOKEN')

    # IP2Location
    ip2location_download_url: str | None = os.getenv('IP2LOCATION_DOWNLOAD_URL')
    ip2location_db_path: str = os.getenv('IP2LOCATION_DB_PATH', '/data/IP2LOCATION.BIN')

    update_interval_seconds: int = int(os.getenv('UPDATE_INTERVAL_SECONDS', '86400'))

    host: str = os.getenv('HOST', '0.0.0.0')
    port: int = int(os.getenv('PORT', '8000'))
    log_level: str = os.getenv('LOG_LEVEL', 'info')

    admin_user: str | None = os.getenv('ADMIN_USER')
    admin_pass: str | None = os.getenv('ADMIN_PASS')
    cache_maxsize: int = int(os.getenv('CACHE_MAXSIZE', '4096'))

    # Nowe: lista zaufanych proxy (CIDR lub IP), oddzielone przecinkami
    # Przykład: "127.0.0.1,10.0.0.0/8,192.168.1.5"
    _trusted_proxies_raw: str | None = os.getenv('TRUSTED_PROXIES', '')
    @property
    def trusted_proxies(self):
        return _parse_trusted_proxies(self._trusted_proxies_raw)

settings = Settings()