package main

import (
	"log"
	"net/http"

	"github.com/darkit/goproxy"
	"github.com/darkit/goproxy/pkg/dns"
)

// CustomDNSHTTPSDelegate 自定义 DNS HTTPS 代理委托
type CustomDNSHTTPSDelegate struct {
	goproxy.DefaultDelegate
	dnsResolver *dns.CustomResolver
}

// ResolveBackend 解析后端服务器
func (d *CustomDNSHTTPSDelegate) ResolveBackend(req *http.Request) (string, error) {
	return d.dnsResolver.Resolve(req.URL.Host)
}

func main() {
	// 创建证书缓存
	certCache := &goproxy.MemCertCache{}

	// 创建自定义 DNS 解析器
	resolver := dns.NewResolver(dns.WithFallback(true))

	// 添加 DNS 记录
	resolver.LoadFromMap(map[string]string{
		"example.com": "http://backend1.example.com",
		"test.com":    "http://backend2.test.com",
	})

	// 创建自定义 DNS HTTPS 代理委托
	delegate := &CustomDNSHTTPSDelegate{
		dnsResolver: resolver,
	}

	// 创建代理实例
	proxy := goproxy.NewProxy(
		goproxy.WithDelegate(delegate),
		goproxy.WithDecryptHTTPS(certCache),
		goproxy.WithCACertAndKey("ca.crt", "ca.key"),
		goproxy.WithEnableECDSA(true),
	)

	// 启动代理服务器
	log.Println("自定义 DNS HTTPS 代理服务器启动在 :8443")
	log.Println("配置说明:")
	log.Printf("- 支持 HTTPS 解密\n")
	log.Printf("- 使用 ECDSA 证书\n")
	log.Println("DNS 配置:")
	log.Printf("- example.com -> backend1.example.com\n")
	log.Printf("- test.com -> backend2.test.com\n")
	if err := http.ListenAndServeTLS(":8443", "server.crt", "server.key", proxy); err != nil {
		log.Fatalf("代理服务器启动失败: %v", err)
	}
}