package app

import "embed"

// EN: Centralized runtime configuration constants and embedded seed assets used
// EN: across the API server, route updater, VPN helpers, and background workers.
// RU: Централизованные runtime-константы и встроенные seed-ресурсы,
// RU: используемые API-сервером, апдейтером маршрутов, VPN-хелперами и воркерами.

// ---------------------------------------------------------------------
// runtime constants
// ---------------------------------------------------------------------

const (
	stateDir            = "/var/lib/selective-vpn"
	statusFilePath      = stateDir + "/status.json"
	dnsModePath         = stateDir + "/dns-mode.json"
	trafficModePath     = stateDir + "/traffic-mode.json"
	trafficAppMarksPath = stateDir + "/traffic-appmarks.json"

	traceLogPath     = stateDir + "/trace.log"
	smartdnsLogPath  = stateDir + "/smartdns.log"
	lastIPsPath      = stateDir + "/last-ips.txt"
	lastIPsMapPath   = stateDir + "/last-ips-map.txt"
	lastIPsDirect    = stateDir + "/last-ips-direct.txt"
	lastIPsDyn       = stateDir + "/last-ips-dyn.txt"
	lastIPsMapDirect = stateDir + "/last-ips-map-direct.txt"
	lastIPsMapDyn    = stateDir + "/last-ips-map-wildcard.txt"
	routesCacheMeta  = stateDir + "/routes-clear-cache.json"
	routesCacheIPs   = stateDir + "/routes-clear-cache-ips.txt"
	routesCacheDyn   = stateDir + "/routes-clear-cache-ips-dyn.txt"
	routesCacheMap   = stateDir + "/routes-clear-cache-ips-map.txt"
	routesCacheRT    = stateDir + "/routes-clear-cache-routes.txt"

	autoloopLogPath  = stateDir + "/adguard-autoloop.log"
	loginStatePath   = stateDir + "/adguard-login.json"
	dnsUpstreamsPath = stateDir + "/dns-upstreams.json"
	smartdnsWLPath   = stateDir + "/smartdns-wildcards.json"
	smartdnsRTPath   = stateDir + "/smartdns-runtime.json"
	desiredLocation  = stateDir + "/adguard-location.txt"

	adgvpnCLI = "/usr/local/bin/adguardvpn-cli-root"

	// маршруты v2
	routesServiceTemplate = "selective-vpn2@%s.service"
	routesTimerTemplate   = "selective-vpn2@%s.timer"
	routesServiceEnv      = "SELECTIVE_VPN_ROUTES_UNIT"
	routesTimerEnv        = "SELECTIVE_VPN_ROUTES_TIMER"

	// юнит автоконнекта AdGuard VPN
	adgvpnUnit = "adguardvpn-autoconnect.service"

	// доменные файлы / пути
	domainDir           = "/etc/selective-vpn/domains"
	dnsUpstreamsConf    = "/etc/selective-vpn/dns-upstreams.conf"
	smartdnsDomainsFile = "/etc/selective-vpn/smartdns.conf"
	smartdnsMainConfig  = "/opt/stack/adguardapp/smartdns.conf"
	staticIPsFile       = "/etc/selective-vpn/static-ips.txt"
	heartbeatFile       = stateDir + "/heartbeat"
	lockFile            = "/run/lock/selective-vpn.lock"
	MARK                = "0x66"
	// EN: Extra marks reserved for per-app routing (systemd scope / cgroup-based).
	// RU: Дополнительные метки для per-app маршрутизации (systemd scope / cgroup).
	MARK_DIRECT  = "0x67" // force direct (bypass VPN table even in full tunnel)
	MARK_APP     = "0x68" // force VPN for app-scoped traffic (works even in traffic-mode=direct)
	defaultDNS1  = "94.140.14.14"
	defaultDNS2  = "94.140.15.15"
	defaultMeta1 = "46.243.231.30"
	defaultMeta2 = "46.243.231.41"

	smartDNSDefaultAddr = "127.0.0.1#6053"
	smartDNSAddrEnv     = "SVPN_SMARTDNS_ADDR"
	smartDNSForceEnv    = "SVPN_SMARTDNS_FORCE"

	policyRouteMTU      = "1380"
	defaultTraceTailMax = 800

	defaultEventsCapacity   = 512
	defaultPollStatusMs     = 2000
	defaultPollLoginMs      = 2500
	defaultPollAutoloopMs   = 2500
	defaultPollSystemdMs    = 3000
	defaultPollTraceMs      = 1500
	defaultPollAppMarksMs   = 15000
	defaultHeartbeatSeconds = 15
)

// ---------------------------------------------------------------------
// domain expansion lists
// ---------------------------------------------------------------------

// EN: Domain expansion lists used by routes update to build selective targets.
// RU: Списки доменов для расширения селективных целей при обновлении маршрутов.
var googleLikeDomains = []string{
	"google.com", "googleapis.com", "gstatic.com", "googleusercontent.com",
	"1e100.net", "gvt1.com", "gvt2.com", "gvt3.com",
}

// EN: Extra Twitter subdomains that should be forced through selective routing.
// RU: Дополнительные поддомены Twitter, которые принудительно идут через селективный маршрут.
var twitterSpecial = []string{
	"ton", "pay", "caps", "sms", "cert", "tdweb", "p", "ma-0.twimg", "si0.twimg",
	"syndication", "tweetdeck", "stream", "userstream", "sitestream", "betastream",
	"music", "ms1", "ms3", "urls-real.api", "music-partner", "partner-stream",
}

// ---------------------------------------------------------------------
// embedded assets
// ---------------------------------------------------------------------

// EN: Embedded default domain files used as seed content when runtime files are absent.
// RU: Встроенные файлы доменов по умолчанию для первичного seed, если runtime-файлы отсутствуют.
//
//go:embed assets/domains/*
var embeddedDomains embed.FS