lxc-bash-completion.bash

_lxc_containers_completion(){
    local cur
    local -a toks
    cur="${COMP_WORDS[COMP_CWORD]}"
    toks=( $(  lxc-ls | cut -d ' ' -f 1 | \grep "$cur" ))
    COMPREPLY=( "${toks[@]}" )
    return 0
}

_lxc_stopped_containers_completion(){
    local cur
    local -a toks
    cur="${COMP_WORDS[COMP_CWORD]}"
    toks=( $(  lxc-ls | grep STOPPED | cut -d ' ' -f 1 | \grep "$cur" ))
    COMPREPLY=( "${toks[@]}" )
    return 0
}

_lxc_running_containers_completion(){
    local cur
    local -a toks
    cur="${COMP_WORDS[COMP_CWORD]}"
    toks=( $(  lxc-ls | grep RUNNING | cut -d ' ' -f 1 | \grep "$cur" ))
    COMPREPLY=( "${toks[@]}" )
    return 0
}

_lxc_frozen_containers_completion(){
    local cur
    local -a toks
    cur="${COMP_WORDS[COMP_CWORD]}"
    toks=( $(  lxc-ls | grep FROZEN | cut -d ' ' -f 1 | \grep "$cur" ))
    COMPREPLY=( "${toks[@]}" )
    return 0
}

 _lxc_shutdown(){
    local containerName=$1
    local containerInfo="$(_lxc_validate_containerName $containerName)"
    if [[ "" != "$(echo $containerInfo | grep STOPPED)" ]]
    then
        echo "container $containerName is already stopped"
        echo "$containerInfo"
        exit 1
    fi
    sudo lxc-attach -n $containerName -- poweroff
}

_lxc_get_ip(){
    local containerName=$1
    local result=$(sudo lxc-attach -n $containerName -- ip -4 -o route get 8.8.8.8 | sed 's#.*src \([^ ]*\).*#\1#')
    echo $result
}

 _lxc_validate_containerName(){
        local containerName=$1
        if [[ "" == "$containerName" ]]
        then
            echo "Please pass a container name.."
            _lxc_list_containers
            return 1
        fi
        local containerInfo=$(lxc-ls | \grep $containerName)
        if [[ "" == "$containerInfo" ]]
        then
            echo "Invalid container name: $containerName"
            _lxc_list_containers
            return 1
        fi
        echo $containerInfo
    }

# Helper to prompt user and restart a systemd service with failure diagnosis
_lxc_interactive_service_restart(){
    local serviceName=$1
    local reason=$2

    if [[ ! -t 0 ]]; then
        echo "Non-interactive mode: cannot prompt for service restart"
        echo "Please manually run: sudo systemctl restart $serviceName"
        return 1
    fi

    echo ""
    echo "$reason"
    echo -n "Would you like to restart '$serviceName'? [Y/n] "
    read -r response
    if [[ "$response" =~ ^[Nn]$ ]]; then
        echo "Skipped."
        return 1
    fi

    echo "Restarting $serviceName..."
    local tmpOutput
    tmpOutput=$(mktemp)

    set +e
    sudo systemctl restart "$serviceName" &>"$tmpOutput"
    local exitCode=$?
    set -e

    if (( exitCode == 0 )); then
        echo "[OK] $serviceName restarted successfully"
        rm -f "$tmpOutput"
        return 0
    fi

    echo "[FAIL] $serviceName failed to restart"
    echo ""
    echo "--- Error output ---"
    cat "$tmpOutput"
    echo "--------------------"
    rm -f "$tmpOutput"

    echo ""
    echo "Fetching service status and logs..."
    echo ""
    echo "--- systemctl status $serviceName ---"
    sudo systemctl status "$serviceName" --no-pager 2>&1 || true
    echo ""
    echo "--- journalctl (last 20 lines) ---"
    sudo journalctl -xeu "$serviceName" --no-pager -n 20 2>&1 || true
    echo "-----------------------------------"

    return 1
}

# Wrapper for lxc-start that auto-triggers debug on failure (interactive mode)
_lxc_start(){
    local containerName=$1

    # Validate container name
    local containerInfo="$(_lxc_validate_containerName "$containerName")"
    if [[ "" == "$containerInfo" ]]; then
        return 1
    fi

    # Check if already running
    if [[ "" != "$(echo "$containerInfo" | grep RUNNING)" ]]; then
        echo "Container '$containerName' is already running"
        echo "$containerInfo"
        return 0
    fi

    # Try normal start first
    set +e
    sudo lxc-start -n "$containerName"
    local exitCode=$?
    set -e

    if (( exitCode == 0 )); then
        # Verify it's actually running
        sleep 1
        local newStatus
        newStatus=$(lxc-ls 2>/dev/null | \grep "$containerName")
        if [[ "" != "$(echo "$newStatus" | grep RUNNING)" ]]; then
            echo "Container '$containerName' started successfully"
            return 0
        fi
    fi

    # Start failed - offer to debug (interactive only)
    if [[ -t 0 ]]; then
        echo ""
        echo "Container '$containerName' failed to start."
        echo -n "Run debug mode to diagnose? [Y/n] "
        read -r response
        if [[ ! "$response" =~ ^[Nn]$ ]]; then
            _lxc_start_debug "$containerName"
        fi
    else
        echo "Container '$containerName' failed to start. Run 'lxc-start-debug $containerName' for details."
    fi

    return 1
}

 _lxc_attach_start_if_not_running_and_attach_as(){
    local containerName=$1
    local containerUser=${2:-$(whoami)}
    local containerInfo="$(_lxc_validate_containerName $containerName)"
    if [[ "" == "$containerInfo" ]]
    then
        exit 1
    fi
    if [[ "" == "$(echo $containerInfo | grep -v STOPPED)" ]]
    then
        echo "Starting container: $containerName"
        sudo lxc-start -n $containerName
    fi
    # this has been carefully crafted to work after many iterations. be warned
    sudo lxc-attach -n $containerName  -- /bin/su $containerUser -l -s /bin/bash
}

complete -F _lxc_running_containers_completion -o nospace lxc-stop
alias lxc-stop="sudo lxc-stop -n "

complete -F _lxc_running_containers_completion -o nospace lxc-shutdown
alias lxc-shutdown="_lxc_shutdown "

complete -F _lxc_containers_completion -o nospace lxc-info
alias lxc-info="sudo lxc-info -n "

complete -F _lxc_stopped_containers_completion -o nospace lxc-start
# lxc-start now uses wrapper that auto-triggers debug on failure (interactive only)
alias lxc-start="_lxc_start "

alias lxc-ls="sudo lxc-ls -f"

complete -F _lxc_containers_completion -o nospace lxc-ip
alias lxc-ip="_lxc-get-ip"

complete -F _lxc_containers_completion -o nospace lxc-attach
alias lxc-attach="_lxc_attach_start_if_not_running_and_attach_as"

complete -F _lxc_running_containers_completion -o nospace lxc-freeze
alias lxc-freeze="sudo lxc-freeze -n "

complete -F _lxc_frozen_containers_completion -o nospace lxc-unfreeze
alias lxc-unfreeze="sudo lxc-unfreeze -n "

# lxc-start-debug: Debug container startup failures
# Runs container in foreground mode to capture actual error messages
# and provides actionable suggestions based on error patterns
_lxc_start_debug(){
    local containerName=$1
    local logFile="${2:-}"

    # Validate container name
    local containerInfo="$(_lxc_validate_containerName "$containerName")"
    if [[ "" == "$containerInfo" ]]; then
        return 1
    fi

    # Check if container is already running
    if [[ "" != "$(echo "$containerInfo" | grep RUNNING)" ]]; then
        echo "Container '$containerName' is already running"
        echo "$containerInfo"
        return 0
    fi

    # Check if container is frozen
    if [[ "" != "$(echo "$containerInfo" | grep FROZEN)" ]]; then
        echo "Container '$containerName' is frozen. Use lxc-unfreeze first."
        return 1
    fi

    echo "=== Pre-flight checks for '$containerName' ==="
    local preflightFailed=0
    local bridgeMissing=0
    local ipv6Misconfigured=0
    # Config location varies by distro: /etc/sysconfig/lxc-net (Fedora/RHEL) or /etc/default/lxc-net (Debian/Ubuntu)
    local lxcNetConfig=""
    if [[ -f "/etc/sysconfig/lxc-net" ]]; then
        lxcNetConfig="/etc/sysconfig/lxc-net"
    elif [[ -f "/etc/default/lxc-net" ]]; then
        lxcNetConfig="/etc/default/lxc-net"
    fi
    local configPath="/var/lib/lxc/$containerName/config"
    local rootfsPath="/var/lib/lxc/$containerName/rootfs"

    # Collect all issues first (no interactive prompts yet)

    # Check for IPv6 misconfiguration
    local ipv6Disabled=0
    if [[ ! -d /proc/sys/net/ipv6 || "$(cat /proc/sys/net/ipv6/conf/all/disable_ipv6 2>/dev/null)" == "1" ]]; then
        ipv6Disabled=1
    fi

    if (( ipv6Disabled )); then
        # Check if lxc-net has IPv6 enabled (config overrides script defaults)
        local lxcNetScript="/usr/libexec/lxc/lxc-net"
        local ipv6Enabled=-1  # -1 = unknown, 0 = disabled, 1 = enabled

        # Check override config first - this takes precedence
        if [[ -n "$lxcNetConfig" && -f "$lxcNetConfig" ]]; then
            if grep -q 'LXC_IPV6_ENABLE="false"' "$lxcNetConfig" 2>/dev/null; then
                ipv6Enabled=0
            elif grep -q 'LXC_IPV6_ENABLE="true"' "$lxcNetConfig" 2>/dev/null; then
                ipv6Enabled=1
            fi
        fi

        # Check script defaults only if config didn't set it
        if (( ipv6Enabled == -1 )) && [[ -f "$lxcNetScript" ]]; then
            if grep -q 'LXC_IPV6_ENABLE="true"' "$lxcNetScript" 2>/dev/null; then
                ipv6Enabled=1
            else
                ipv6Enabled=0
            fi
        fi

        if (( ipv6Enabled == 1 )); then
            echo "[WARN] IPv6 is disabled on system but lxc-net has IPv6 enabled"
            ipv6Misconfigured=1
            preflightFailed=1
        else
            echo "[OK] IPv6 configuration"
        fi
    else
        echo "[OK] IPv6 configuration"
    fi

    # Check if lxcbr0 bridge exists
    if ! ip link show lxcbr0 &>/dev/null; then
        echo "[WARN] Bridge 'lxcbr0' does not exist"
        bridgeMissing=1
        preflightFailed=1
    else
        echo "[OK] Bridge 'lxcbr0' exists"
    fi

    # Check container config exists
    if [[ ! -f "$configPath" ]]; then
        echo "[FAIL] Container config not found: $configPath"
        preflightFailed=1
    else
        echo "[OK] Container config exists"
    fi

    # Check rootfs exists
    if [[ ! -d "$rootfsPath" ]]; then
        echo "[FAIL] Container rootfs not found: $rootfsPath"
        preflightFailed=1
    else
        echo "[OK] Container rootfs exists"
    fi

    # Now handle issues interactively
    if (( preflightFailed )); then
        echo ""
        echo "=== Issues found ==="

        # IPv6 issue - must be fixed manually first
        if (( ipv6Misconfigured )); then
            local configToEdit="${lxcNetConfig:-/etc/sysconfig/lxc-net}"
            echo ""
            echo "IPv6 is disabled on this system but lxc-net expects it."
            echo "This will prevent lxc-net from starting."
            echo ""
            echo "Fix: Add this line to $configToEdit:"
            echo '  LXC_IPV6_ENABLE="false"'
            echo ""
            echo "Quick fix:"
            echo "  echo 'LXC_IPV6_ENABLE=\"false\"' | sudo tee -a $configToEdit"
            echo ""
            echo "Then restart lxc-net: sudo systemctl restart lxc-net"
            echo ""
            if (( bridgeMissing )); then
                echo "Fix the IPv6 config first, then we can restart lxc-net to create the bridge."
            fi
        fi

        # Bridge missing - offer to restart lxc-net (only if IPv6 is not misconfigured)
        if (( bridgeMissing && !ipv6Misconfigured )); then
            if _lxc_interactive_service_restart "lxc-net" "Bridge 'lxcbr0' is missing."; then
                if ip link show lxcbr0 &>/dev/null; then
                    echo "[OK] Bridge 'lxcbr0' now exists"
                    bridgeMissing=0
                else
                    echo "[WARN] Bridge still missing after restart"
                fi
            fi
        fi

        # Re-check if we still have blocking issues
        if (( ipv6Misconfigured )) || ! ip link show lxcbr0 &>/dev/null || [[ ! -f "$configPath" ]] || [[ ! -d "$rootfsPath" ]]; then
            echo ""
            echo "Cannot proceed - please fix the issues above first."
            return 1
        fi
    fi

    echo ""
    echo "=== Attempting to start '$containerName' in foreground mode ==="
    echo "(This captures detailed error output. Press Ctrl+C to abort)"
    echo ""

    # Capture output from foreground start
    local tmpOutput
    tmpOutput=$(mktemp)

    # Run in foreground with timeout - capture both stdout and stderr
    set +e
    timeout 30 sudo lxc-start -n "$containerName" -F &>"$tmpOutput" &
    local startPid=$!

    # Wait a bit to see if it starts successfully or fails quickly
    sleep 3

    # Check if container is now running
    local newStatus
    newStatus=$(lxc-ls 2>/dev/null | \grep "$containerName")

    if [[ "" != "$(echo "$newStatus" | grep RUNNING)" ]]; then
        echo "[SUCCESS] Container '$containerName' started successfully!"
        kill $startPid 2>/dev/null
        wait $startPid 2>/dev/null
        rm -f "$tmpOutput"
        # Stop the container since this was just a debug run
        echo ""
        echo "Stopping container (this was a debug run)..."
        sudo lxc-stop -n "$containerName"
        echo "[OK] Container '$containerName' has been stopped."
        set -e
        return 0
    fi

    # Wait for the process to finish (it likely failed)
    wait $startPid 2>/dev/null
    local exitCode=$?
    set -e

    echo "=== Container failed to start ==="
    echo ""
    echo "--- Error output ---"
    cat "$tmpOutput"
    echo "--------------------"
    echo ""

    # Save to log file if requested
    if [[ -n "$logFile" ]]; then
        cp "$tmpOutput" "$logFile"
        echo "Log saved to: $logFile"
    fi

    # Analyze errors and suggest fixes
    echo "=== Suggested fixes ==="
    local output
    output=$(cat "$tmpOutput")

    if echo "$output" | grep -q "bridge interface doesn't exist"; then
        echo "* Bridge interface missing (likely lxcbr0)"
        echo "  Fix: sudo systemctl restart lxc-net"
        echo "  Or:  sudo systemctl start lxc-net && sudo systemctl enable lxc-net"
    fi

    if echo "$output" | grep -q "Permission denied"; then
        echo "* Permission denied - check:"
        echo "  - Are you running as root/sudo?"
        echo "  - AppArmor/SELinux policies"
        echo "  Fix: Check 'dmesg | tail' for security denials"
    fi

    if echo "$output" | grep -q "No such file or directory"; then
        echo "* Missing file or directory"
        echo "  - Check container rootfs integrity"
        echo "  - Verify paths in container config"
    fi

    if echo "$output" | grep -q "network"; then
        echo "* Network configuration issue"
        echo "  - Verify bridge exists: ip link show lxcbr0"
        echo "  - Check firewall: sudo iptables -L -n"
        echo "  - Check /etc/lxc/default.conf network settings"
    fi

    if echo "$output" | grep -q "cgroup"; then
        echo "* Cgroup issue"
        echo "  - Check cgroup v1/v2 compatibility"
        echo "  - Verify cgroup controllers are available"
        echo "  Fix: Check /sys/fs/cgroup/ structure"
    fi

    if echo "$output" | grep -q "ABORTING"; then
        echo "* Container aborted during startup"
        echo "  - Check container logs: sudo cat /var/log/lxc/$containerName.log"
        echo "  - Try: sudo lxc-start -n $containerName -F -l DEBUG -o /tmp/lxc-debug.log"
    fi

    rm -f "$tmpOutput"

    # Offer to retry if in interactive mode
    if [[ -t 0 ]]; then
        echo ""
        echo -n "Retry starting container? [y/N] "
        read -r response
        if [[ "$response" =~ ^[Yy]$ ]]; then
            _lxc_start_debug "$containerName" "$logFile"
            return $?
        fi
    fi

    return 1
}

complete -F _lxc_stopped_containers_completion -o nospace lxc-start-debug
alias lxc-start-debug="_lxc_start_debug "