#Requires -RunAsAdministrator

param(
    [Parameter(Mandatory=$false)]
    [string]$ComputerName
)

$ErrorActionPreference = "Stop"

# Verify running as Administrator
$identity = [Security.Principal.WindowsIdentity]::GetCurrent()
$principal = [Security.Principal.WindowsPrincipal]$identity
if (-not $principal.IsInRole([Security.Principal.WindowsBuiltInRole]::Administrator)) {
    Write-Error "This script must be run as a machine Administrator."
    exit 1
}

$ScriptDir = Split-Path -Parent $MyInvocation.MyCommand.Definition

# --- Read deployment config ---

$configFile = Join-Path $ScriptDir "bootstrap.json"
if (-not (Test-Path $configFile)) {
    Write-Error "Missing bootstrap.json in $ScriptDir. This file should be provided by the domain administrator."
    exit 1
}

try {
    $config = Get-Content $configFile -Raw | ConvertFrom-Json
} catch {
    Write-Error "Failed to parse bootstrap.json: $_"
    exit 1
}

if (-not $config.DnsServer) {
    Write-Error "bootstrap.json is missing required field: DnsServer"
    exit 1
}
if (-not $config.Domain) {
    Write-Error "bootstrap.json is missing required field: Domain"
    exit 1
}

$DnsServer = $config.DnsServer
$Domain = $config.Domain

# --- Step 1: Install Nebula ---

Write-Host ""
Write-Host "=== Step 1/3: Installing Nebula ==="
& "$ScriptDir\install-nebula.ps1" -DnsServer $DnsServer -Domain $Domain
if ($LASTEXITCODE -ne 0) { exit 1 }

# --- Step 2: Set DNS ---

Write-Host ""
Write-Host "=== Step 2/3: Configuring DNS ==="
& "$ScriptDir\set-dns.ps1" -DnsServer $DnsServer
if ($LASTEXITCODE -ne 0) { exit 1 }

# --- Step 3: Join Domain ---

Write-Host ""
Write-Host "=== Step 3/3: Joining Domain ==="
$joinArgs = @{ Domain = $Domain }
if ($ComputerName) { $joinArgs.ComputerName = $ComputerName }
& "$ScriptDir\join-domain.ps1" @joinArgs
if ($LASTEXITCODE -ne 0) { exit 1 }