#!/bin/bash
# Fix "Cannot assign requested address" when public IP is not on the machine (NAT/VPS).
# Run on the Ubuntu server where coturn runs: sudo ./fix_coturn_bind.sh

set -e

if [ "$EUID" -ne 0 ]; then
    echo "Run as root: sudo ./fix_coturn_bind.sh"
    exit 1
fi

PUBLIC_IP=$(curl -s ifconfig.me 2>/dev/null || true)
PRIVATE_IP=$(hostname -I 2>/dev/null | awk '{print $1}')
if [ -z "$PRIVATE_IP" ]; then
    PRIVATE_IP=$(ip route get 8.8.8.8 2>/dev/null | awk '{for(i=1;i<=NF;i++) if($i=="src") print $(i+1); exit}' || echo "0.0.0.0")
fi

echo "Public IP:  $PUBLIC_IP"
echo "Private IP: $PRIVATE_IP"

if [ ! -f /etc/turnserver.conf ]; then
    echo "No /etc/turnserver.conf found. Run setup_coturn.sh first."
    exit 1
fi

# Backup
cp /etc/turnserver.conf /etc/turnserver.conf.bak.$(date +%Y%m%d%H%M%S)

# Replace lines that set external-ip and relay-ip to PUBLIC_IP only.
# Use: listen on 0.0.0.0, advertise public IP via external-ip internal/external.
sed -i "s/^external-ip=.*/external-ip=$PRIVATE_IP\/$PUBLIC_IP/" /etc/turnserver.conf
sed -i "s/^relay-ip=.*/relay-ip=$PRIVATE_IP/" /etc/turnserver.conf

# Ensure we listen on all interfaces (so bind works)
if ! grep -q '^listening-ip=0.0.0.0' /etc/turnserver.conf; then
    # Insert after listening-port line
    sed -i '/^listening-port=3478/a listening-ip=0.0.0.0' /etc/turnserver.conf
fi

echo "Updated /etc/turnserver.conf (external-ip=$PRIVATE_IP/$PUBLIC_IP, relay-ip=$PRIVATE_IP, listening-ip=0.0.0.0)"
systemctl restart coturn
sleep 2
if systemctl is-active --quiet coturn; then
    echo "Coturn restarted successfully."
else
    echo "Coturn failed. Check: sudo journalctl -u coturn -n 30"
    exit 1
fi