<?php
declare(strict_types=1);

$nginxFiles = [
    '/etc/nginx/nginx.conf',
    '/etc/nginx/sites-enabled',
    '/etc/nginx/conf.d',
    '/usr/syno/share/nginx',
];

$denyHosts = [
    '_' => true,
    'localhost' => true,
];

$denyRootHosts = [
    'seo.chaegeon.com' => true,
];

function collectFiles(array $paths): array
{
    $files = [];

    foreach ($paths as $path) {
        if (is_file($path)) {
            $files[] = $path;
            continue;
        }

        if (!is_dir($path)) {
            continue;
        }

        $it = new RecursiveIteratorIterator(
            new RecursiveDirectoryIterator($path, FilesystemIterator::SKIP_DOTS)
        );

        foreach ($it as $file) {
            if (!$file->isFile()) {
                continue;
            }

            $name = $file->getFilename();

            if (
                str_ends_with($name, '.conf') ||
                str_contains($name, 'ReverseProxy') ||
                str_contains($name, 'nginx') ||
                str_contains($file->getPathname(), 'sites-enabled')
            ) {
                $files[] = $file->getPathname();
            }
        }
    }

    return array_values(array_unique($files));
}

function extractServerBlocks(string $text): array
{
    $blocks = [];
    $len = strlen($text);
    $pos = 0;

    while (($serverPos = strpos($text, 'server', $pos)) !== false) {
        $before = $serverPos > 0 ? $text[$serverPos - 1] : ' ';
        $after = $text[$serverPos + 6] ?? ' ';

        if (preg_match('/[a-zA-Z0-9_\-]/', $before) || preg_match('/[a-zA-Z0-9_\-]/', $after)) {
            $pos = $serverPos + 6;
            continue;
        }

        $brace = strpos($text, '{', $serverPos);
        if ($brace === false) {
            break;
        }

        $depth = 0;
        for ($i = $brace; $i < $len; $i++) {
            if ($text[$i] === '{') {
                $depth++;
            } elseif ($text[$i] === '}') {
                $depth--;
                if ($depth === 0) {
                    $blocks[] = substr($text, $serverPos, $i - $serverPos + 1);
                    $pos = $i + 1;
                    break;
                }
            }
        }

        if ($pos <= $serverPos) {
            break;
        }
    }

    return $blocks;
}

function cleanNginxText(string $text): string
{
    $text = preg_replace('/#.*$/m', '', $text);
    return $text ?? '';
}

function extractServerNames(string $block): array
{
    preg_match_all('/server_name\s+([^;]+);/i', $block, $matches);

    $names = [];

    foreach ($matches[1] ?? [] as $line) {
        foreach (preg_split('/\s+/', trim($line)) as $host) {
            $host = trim($host);

            if ($host === '' || $host === '_' || str_contains($host, '$')) {
                continue;
            }

            if (str_starts_with($host, '~')) {
                continue;
            }

            $host = trim($host, '.');

            if (filter_var($host, FILTER_VALIDATE_IP)) {
                continue;
            }

            if (preg_match('/^[a-zA-Z0-9.-]+$/', $host)) {
                $names[] = strtolower($host);
            }
        }
    }

    return array_values(array_unique($names));
}

function detectScheme(string $block): string
{
    if (preg_match('/listen\s+[^;]*443[^;]*ssl/i', $block)) {
        return 'https';
    }

    if (preg_match('/ssl_certificate\s+/i', $block)) {
        return 'https';
    }

    return 'http';
}

function isBlockedServer(string $block): bool
{
    if (preg_match('/return\s+444\s*;/i', $block)) {
        return true;
    }

    if (preg_match('/deny\s+all\s*;/i', $block) && !preg_match('/proxy_pass|fastcgi_pass|root\s+/i', $block)) {
        return true;
    }

    return false;
}

function extractLocations(string $block): array
{
    return ['/'];
}

function extractDocumentRoot(string $block): ?string
{
    if (!preg_match('/^\s*root\s+([^;]+);/mi', $block, $matches)) {
        return null;
    }

    $root = trim($matches[1], " \t\n\r\0\x0B\"'");

    if ($root === '' || str_contains($root, '$') || !is_dir($root)) {
        return null;
    }

    $root = rtrim($root, '/');

    if ($root === '') {
        return null;
    }

    return $root;
}

function discoverPhpEntryPaths(?string $root): array
{
    if ($root === null) {
        return [];
    }

    $paths = [];
    $allowedFiles = [
        'index.php' => true,
        'monitor.php' => true,
    ];

    $it = new RecursiveIteratorIterator(
        new RecursiveDirectoryIterator($root, FilesystemIterator::SKIP_DOTS)
    );

    foreach ($it as $file) {
        if (!$file->isFile()) {
            continue;
        }

        $filename = $file->getFilename();
        if (!isset($allowedFiles[$filename])) {
            continue;
        }

        $relative = substr($file->getPathname(), strlen($root));
        if ($relative === false || $relative === '') {
            continue;
        }

        $relative = str_replace(DIRECTORY_SEPARATOR, '/', $relative);
        if ($relative === '/index.php') {
            continue;
        }

        $depth = substr_count(trim($relative, '/'), '/');

        if ($depth > 1) {
            continue;
        }

        $paths[] = $relative;
    }

    sort($paths, SORT_NATURAL);

    return array_values(array_unique($paths));
}

$items = [];
$files = collectFiles($nginxFiles);

foreach ($files as $file) {
    $raw = @file_get_contents($file);
    if ($raw === false) {
        continue;
    }

    $text = cleanNginxText($raw);
    $blocks = extractServerBlocks($text);

    foreach ($blocks as $block) {
        if (isBlockedServer($block)) {
            continue;
        }

        $hosts = extractServerNames($block);
        if (!$hosts) {
            continue;
        }

        $scheme = detectScheme($block);

        if ($scheme !== 'https') {
            continue;
        }

        $paths = array_values(array_unique(array_merge(
            extractLocations($block),
            discoverPhpEntryPaths(extractDocumentRoot($block))
        )));

        foreach ($hosts as $host) {
            if (str_contains($host, 'webdav')) {
                continue;
            }

            if (isset($denyHosts[$host])) {
                continue;
            }

            foreach ($paths as $path) {
                if ($path === '/' && isset($denyRootHosts[$host])) {
                    continue;
                }

                $url = $scheme . '://' . $host . $path;

                $items[$url] = [
                    'url' => $url,
                    'host' => $host,
                    'scheme' => $scheme,
                ];
            }
        }
    }
}

ksort($items, SORT_NATURAL);
?>
<!doctype html>
<html lang="ko">
<head>
    <meta charset="utf-8">
    <title>Nginx 바로가기</title>
    <meta name="viewport" content="width=device-width, initial-scale=1, viewport-fit=cover">
    <meta name="theme-color" content="#ffffff">
    <meta name="color-scheme" content="light">
    <meta name="application-name" content="Seoul">
    <meta name="mobile-web-app-capable" content="yes">
    <meta name="apple-mobile-web-app-capable" content="yes">
    <meta name="apple-mobile-web-app-title" content="Seoul">
    <meta name="apple-mobile-web-app-status-bar-style" content="default">
    <link rel="icon" href="assets/favicon.svg" type="image/svg+xml">
    <link rel="icon" href="assets/icon-32.png" type="image/png" sizes="32x32">
    <link rel="icon" href="assets/icon-192.png" type="image/png" sizes="192x192">
    <link rel="apple-touch-icon" href="assets/apple-touch-icon.png">
    <link rel="manifest" href="manifest.webmanifest">
    <script src="https://chaegeon.com/log/bancheck.min.js?_=<?php echo time(); ?>"></script>
    <style>
        * {
            box-sizing: border-box;
        }

        html {
            background: #f2f3f5;
        }

        body {
            margin: 0 auto;
            width: 100%;
            max-width: 430px;
            min-height: 100vh;
            font-family: system-ui, -apple-system, BlinkMacSystemFont, "Segoe UI", sans-serif;
            background: #f7f8fa;
            color: #111;
        }

        header {
            position: sticky;
            top: 0;
            z-index: 10;
            background: rgba(255, 255, 255, 0.92);
            backdrop-filter: blur(14px);
            -webkit-backdrop-filter: blur(14px);
            border-bottom: 1px solid #e5e5e5;
            padding: 16px 16px 12px;
        }

        h1 {
            margin: 0;
            font-size: 21px;
            line-height: 1.25;
            letter-spacing: -0.4px;
        }

        .sub {
            margin-top: 5px;
            color: #777;
            font-size: 13px;
        }

        main {
            padding: 14px 12px 24px;
        }

        .card {
            overflow: hidden;
            background: #fff;
            border: 1px solid #e3e5e8;
            border-radius: 18px;
            box-shadow: 0 8px 24px rgba(0, 0, 0, 0.04);
        }

        .row {
            display: block;
            padding: 15px 16px;
            border-bottom: 1px solid #f0f0f0;
        }

        .row:last-child {
            border-bottom: 0;
        }

        .scheme {
            display: inline-flex;
            align-items: center;
            height: 22px;
            margin-bottom: 7px;
            padding: 0 8px;
            border-radius: 999px;
            background: #eef5ff;
            color: #007aff;
            font-size: 11px;
            font-weight: 800;
            text-transform: uppercase;
        }

        a {
            display: block;
            color: #111;
            font-size: 16px;
            font-weight: 750;
            line-height: 1.35;
            text-decoration: none;
            word-break: break-all;
        }

        a:active {
            opacity: 0.55;
        }

        .meta {
            margin-top: 5px;
            font-size: 12px;
            color: #888;
            word-break: break-all;
        }

        .empty {
            padding: 32px 16px;
            text-align: center;
            color: #777;
            font-size: 14px;
        }

        @media (min-width: 431px) {
            body {
                margin-top: 24px;
                margin-bottom: 24px;
                border: 1px solid #e3e5e8;
                border-radius: 24px;
                overflow: hidden;
                min-height: calc(100vh - 48px);
                box-shadow: 0 18px 45px rgba(0, 0, 0, 0.08);
            }

            header {
                border-radius: 24px 24px 0 0;
            }
        }
    </style>
</head>
<body>

<main>
    <div class="card">
        <?php if (!$items): ?>
            <div class="empty">표시할 URL이 없습니다.</div>
        <?php else: ?>
            <?php foreach ($items as $item): ?>
                <div class="row">
                    <div class="scheme"><?= htmlspecialchars($item['scheme'], ENT_QUOTES, 'UTF-8') ?></div>
                    <a href="<?= htmlspecialchars($item['url'], ENT_QUOTES, 'UTF-8') ?>" target="_blank" rel="noopener">
                        <?= htmlspecialchars($item['url'], ENT_QUOTES, 'UTF-8') ?>
                    </a>
                </div>
            <?php endforeach; ?>
        <?php endif; ?>
    </div>
</main>
<script>
    if ('serviceWorker' in navigator) {
        window.addEventListener('load', () => {
            navigator.serviceWorker.register('sw.js', { scope: './' }).catch(() => undefined);
        });
    }
</script>
</body>
</html>