#!/bin/sh /etc/rc.common

#
# SecuBox Core Service
# Provides core orchestration and health monitoring
#

START=99
STOP=10

USE_PROCD=1
PROG=/usr/sbin/secubox-core

start_service() {
	local enabled
	config_load secubox
	config_get enabled main enabled 0

	[ "$enabled" -eq 1 ] || {
		echo "SecuBox core is disabled in /etc/config/secubox"
		return 1
	}

	# Ensure directories exist
	mkdir -p /var/run/secubox
	mkdir -p /var/log/secubox
	mkdir -p /tmp/secubox

	procd_open_instance secubox_core
	procd_set_param command $PROG daemon
	procd_set_param respawn ${respawn_threshold:-3600} ${respawn_timeout:-5} ${respawn_retry:-5}
	procd_set_param stdout 1
	procd_set_param stderr 1
	procd_set_param user root
	procd_append_param env SECUBOX_MODE=production
	procd_close_instance

	# Start LED pulse daemon (tri-color status + SPUNK alert)
	procd_open_instance secubox_led
	procd_set_param command /usr/sbin/secubox-led-pulse
	procd_set_param respawn ${respawn_threshold:-3600} ${respawn_timeout:-5} ${respawn_retry:-5}
	procd_set_param stderr 1
	procd_set_param user root
	procd_close_instance

	logger -t secubox-core "SecuBox Core service started (with LED pulse)"
}

stop_service() {
	logger -t secubox-core "SecuBox Core service stopped"
}

reload_service() {
	logger -t secubox-core "SecuBox Core service reloading"
	ubus call luci.secubox reload 2>/dev/null || true
}

service_triggers() {
	procd_add_reload_trigger "secubox"
}

boot() {
	# Delay start on boot to allow network to initialize
	( sleep 10; start "$@"; ) &

	# Regenerate landing pages after network is up
	( sleep 30; /usr/sbin/secubox-landing regenerate >/dev/null 2>&1; ) &
}
