loc_az_hci/scripts/deploy/complete-all-deployments.sh

#!/bin/bash
source ~/.bashrc
# Complete All Deployments: Gitea, Observability, Cloudflare, GitOps, Security

set -euo pipefail

SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
PROJECT_ROOT="$(cd "$SCRIPT_DIR/../.." && pwd)"

# Load environment variables
if [ -f "$PROJECT_ROOT/.env" ]; then
    set -a
    source <(grep -v '^#' "$PROJECT_ROOT/.env" | grep -v '^$' | sed 's/#.*$//' | grep '=')
    set +a
fi

# Colors
RED='\033[0;31m'
GREEN='\033[0;32m'
YELLOW='\033[1;33m'
BLUE='\033[0;34m'
NC='\033[0m'

log_info() {
    echo -e "${GREEN}[INFO]${NC} $1"
}

log_warn() {
    echo -e "${YELLOW}[WARN]${NC} $1"
}

log_error() {
    echo -e "${RED}[ERROR]${NC} $1"
}

log_section() {
    echo ""
    echo -e "${BLUE}========================================${NC}"
    echo -e "${BLUE}$1${NC}"
    echo -e "${BLUE}========================================${NC}"
    echo ""
}

main() {
    log_section "Complete Deployment - All Services"
    
    local errors=0
    
    # 1. Deploy Gitea
    log_section "1. Deploying Gitea on VM 102"
    if bash "$SCRIPT_DIR/deploy-gitea.sh"; then
        log_info "✓ Gitea deployment completed"
    else
        log_error "✗ Gitea deployment failed"
        errors=$((errors + 1))
    fi
    sleep 2
    
    # 2. Deploy Observability Stack
    log_section "2. Deploying Observability Stack on VM 103"
    if bash "$SCRIPT_DIR/deploy-observability.sh"; then
        log_info "✓ Observability deployment completed"
    else
        log_error "✗ Observability deployment failed"
        errors=$((errors + 1))
    fi
    sleep 2
    
    # 3. Configure Cloudflare Tunnel
    log_section "3. Configuring Cloudflare Tunnel on VM 100"
    log_warn "Note: This requires interactive browser authentication"
    if bash "$SCRIPT_DIR/configure-cloudflare-tunnel.sh"; then
        log_info "✓ Cloudflare Tunnel configuration completed"
    else
        log_error "✗ Cloudflare Tunnel configuration failed"
        errors=$((errors + 1))
    fi
    sleep 2
    
    # 4. Configure GitOps Workflows
    log_section "4. Configuring GitOps Workflows on VM 101"
    if bash "$SCRIPT_DIR/configure-gitops-workflows.sh"; then
        log_info "✓ GitOps workflows configuration completed"
    else
        log_error "✗ GitOps workflows configuration failed"
        errors=$((errors + 1))
    fi
    sleep 2
    
    # 5. Security Hardening - RBAC
    log_section "5. Setting up Proxmox RBAC"
    if bash "$PROJECT_ROOT/scripts/security/setup-proxmox-rbac.sh"; then
        log_info "✓ RBAC setup completed"
    else
        log_error "✗ RBAC setup failed"
        errors=$((errors + 1))
    fi
    sleep 2
    
    # 6. Security Hardening - Firewall
    log_section "6. Configuring Firewall Rules"
    if bash "$PROJECT_ROOT/scripts/security/configure-firewall-rules.sh"; then
        log_info "✓ Firewall configuration completed"
    else
        log_error "✗ Firewall configuration failed"
        errors=$((errors + 1))
    fi
    
    # Summary
    log_section "Deployment Summary"
    if [ $errors -eq 0 ]; then
        log_info "✓ All deployments completed successfully!"
        echo ""
        log_info "Service URLs:"
        log_info "  Gitea:      http://192.168.1.121:3000"
        log_info "  Prometheus: http://192.168.1.82:9090"
        log_info "  Grafana:    http://192.168.1.82:3000 (admin/admin)"
        echo ""
        log_info "Next steps:"
        log_info "1. Complete Gitea first-time setup at http://192.168.1.121:3000"
        log_info "2. Change Grafana password at http://192.168.1.82:3000"
        log_info "3. Configure Cloudflare DNS records (see Cloudflare Tunnel output)"
        log_info "4. Configure Zero Trust policies in Cloudflare Dashboard"
        log_info "5. Create GitOps repository and push manifests"
    else
        log_error "✗ Some deployments failed ($errors errors)"
        log_info "Review the output above for details"
        exit 1
    fi
}

main "$@"