#!/bin/bash
service=$1
ip=$(curl -s --max-time 10 https://api.ipify.org || hostname -I | awk '{print $1}')
ip=$(echo $ip | tr -d '[:space:]')
os="$(neofetch os)"; os="${os##*: }"
distro="$(neofetch distro)"; distro="${distro##*: }"
cpu="$(neofetch cpu --cpu_speed on --cpu_cores off)"; cpu="${cpu##*: }"
memory="$(neofetch memory)"; memory="${memory##*: }"
disk="$(neofetch disk)"; disk="${disk##*: }"
uptime="$(neofetch uptime)"; uptime="${uptime##*: }"
bandwidth=$(vnstat --oneline | cut -d ";" -f 15)

if [[ $service == "ssh" ]];
then
sshd=$(systemctl is-active sshd)
dropbear=$(systemctl is-active dropbear)
squid=$(systemctl is-active squid)
ssl=$(systemctl is-active stunnel4)
socket=$((echo >/dev/tcp/localhost/80) &>/dev/null && echo "active" || echo "inactive")
total_sshd=$(netstat -natp | awk "/$ip:22/ && /ESTABLISHED/ && /sshd/" | wc -l)
total_dropbear=$(netstat -natp | awk "/$ip:441/ && /ESTABLISHED/ && /dropbear/" | wc -l)
total_sshssl=$(netstat -natp | awk "/$ip:443/ && /ESTABLISHED/ && /stunnel4/" | wc -l)
totalssh=$((total_sshd + total_dropbear + total_sshssl))
. /root/.ports
. /etc/.db-base

mysql --skip-ssl -u $USER -p$PASS -D $DB -h $HOST -e "UPDATE server_list SET cpu_model='$cpu', distro='$distro', memory='$memory', uptime='$uptime', disk='$disk', bandwidth='$bandwidth', os='$os', proto='$service', ssh_online='$totalssh', ssh_status='$sshd', dropbear_status='$dropbear', ssl_status='$ssl', squid_status='$squid', socket_status='$socket', ssh_port='$ssh_port', dropbear_port='$dropbear_port', squid='$squid_port', socket='$socket_port' WHERE server_ip='$ip' "

elif [[ $service == "hysteria" ]];
then
udphysteria=$(systemctl is-active hysteria-server.service)
squid=$(systemctl is-active squid)
total_hysteria=$(netstat -natp | awk "/$ip:53/ && /ESTABLISHED/ && /hysteria/" | wc -l)
. /root/.ports
. /root/.db-base

output=$(cat <<EOF
{
 "service": "openvpn protocol",
 "ip": "$ip",
 "users": "$totalovpn",
 "bandwidth": "$bandwidth",
 "os": "$os",
 "distro": "$distro",
 "cpu": "$cpu",
 "memory": "$memory",
 "disk": "$disk",
 "uptime": "$uptime",
 "udp_hysteria": "$hysteria_port - $udphysteria",
 "squid_port": "$squid_port - $squid"
}
EOF
)

mysql --skip-ssl -u $DB_USER -p$DB_PASS -D $DB_NAME -h $DB_HOST -e "UPDATE server_list SET cpu_model='$cpu', distro='$distro', memory='$memory', uptime='$uptime', disk='$disk', bandwidth='$bandwidth', os='$os', proto='$service', hysteria_status='$udphysteria', squid_status='$squid', hysteria_port='$hysteria_port', squid='$squid_port', hysteria_online='$total_hysteria' WHERE server_ip='$ip' "

elif [[ $service == "socksip" ]];
then
udpSERVER=$(systemctl is-active UDPserver)
squid=$(systemctl is-active squid)

. /root/.ports
. /root/.db-base

mysql --skip-ssl -u $DB_USER -p$DB_PASS -D $DB_NAME -h $DB_HOST -e "UPDATE server_list SET cpu_model='$cpu', distro='$distro', memory='$memory', uptime='$uptime', disk='$disk', bandwidth='$bandwidth', os='$os', proto='$service', socksip_status='$udpSERVER', socksip_port='$socksip_port' WHERE server_ip='$ip' "

elif [[ $service == "xray" ]];
then
    xray_status=$(systemctl is-active xray.service)

    # 1. Load verified credentials
    [ -f /etc/xray/.db-base ] && . /etc/xray/.db-base
    ip=$(curl -s https://api.ipify.org)

    # 2. THE ACCURATE PROXY COUNTER (Total Number)
    total_xray=$(netstat -natp | grep xray | grep ":10001" | grep ESTABLISHED | awk '{print $4}' | cut -d: -f2 | sort -u | wc -l)

    # 3. USER TRACKING (Individual Names for Reseller View)
    # Clear old sessions for this specific server
    mysql -u $DB_USER -p$DB_PASS -D $DB_NAME -h $DB_HOST -e "DELETE FROM xray_online_users WHERE server_ip='$ip'"

    # Extract active users from log
    log_file="/var/log/xray/access.log"
    if [ -f "$log_file" ]; then
        # Capture the authenticated username/email from Xray logs
        active_users=$(tail -n 100 "$log_file" | grep "accepted" | awk '{print $11}' | cut -d: -f1 | sort -u)
        
        for user in $active_users; do
            mysql -u $DB_USER -p$DB_PASS -D $DB_NAME -h $DB_HOST -e "INSERT IGNORE INTO xray_online_users (username, server_ip) VALUES ('$user', '$ip')"
        done
    fi

    # 4. Update the Main Server Dashboard
mysql --skip-ssl -u $DB_USER -p$DB_PASS -D $DB_NAME -h $DB_HOST -e "UPDATE server_list SET xray_status='$xray_status', xray_online='$total_xray' WHERE server_ip='$ip'"


elif [[ $service == "openvpn" ]];
then
tcpovpn=$(systemctl is-active openvpn@server2.service)
udpovpn=$(systemctl is-active openvpn@server.service)
udphysteria=$(systemctl is-active hysteria-server.service)
squid=$(systemctl is-active squid)
ssl=$(systemctl is-active stunnel4)
socket=$((echo >/dev/tcp/localhost/80) &>/dev/null && echo "active" || echo "inactive")
tcpusers=$(sed -n -e '/^ROUTING_TABLE/p' /etc/openvpn/server/tcpclient.log | wc -l)
udpusers=$(sed -n -e '/^ROUTING_TABLE/p' /etc/openvpn/server/udpclient.log | wc -l)
totalovpn=$((tcpusers + udpusers))
total_hysteria=$(netstat -natp | awk "/$ip:5666/ && /ESTABLISHED/ && /hysteria/" | wc -l)
. /root/.ports
. /etc/openvpn/login/config.sh

output=$(cat <<EOF
{
 "service": "openvpn protocol",
 "ip": "$ip",
 "users": "$totalovpn",
 "bandwidth": "$bandwidth",
 "os": "$os",
 "distro": "$distro",
 "cpu": "$cpu",
 "memory": "$memory",
 "disk": "$disk",
 "uptime": "$uptime",
 "udp_hysteria": "$hysteria_port - $udphysteria",
 "tcp_port": "$tcp_port - $tcpovpn",
 "udp_port": "$udp_port - $udpovpn",
 "socket_port": "$socket_port - $socket",
 "squid_port": "$squid_port - $squid",
 "tcp_ssl_port": "$tcp_ssl_port - $ssl",
 "udp_ssl_port": "$udp_ssl_port - $ssl"
}
EOF
)

mysql --skip-ssl -u $USER -p$PASS -D $DB -h $HOST -e "UPDATE server_list SET cpu_model='$cpu', distro='$distro', memory='$memory', uptime='$uptime', disk='$disk', bandwidth='$bandwidth', os='$os', proto='$service', tcpssl='$tcp_ssl_port', udpssl='$udp_ssl_port', tcp_status='$tcpovpn', hysteria_status='$udphysteria', udp_status='$udpovpn', ssl_status='$ssl', squid_status='$squid', socket_status='$socket', tcp='$tcp_port', udp='$udp_port', hysteria_port='$hysteria_port', squid='$squid_port', socket='$socket_port', online='$totalovpn', hysteria_online='$total_hysteria' WHERE server_ip='$ip' "

elif [[ $service == "aio" ]];
then
# 1. Load Port and DB Credentials
. /root/.ports
. /etc/openvpn/login/config.sh

# 2. Service Status Checks
tcpovpn=$(systemctl is-active openvpn@server2.service)
udpovpn=$(systemctl is-active openvpn@server.service)
# FIXED: Using -H (numeric) and a word-boundary check (\b) to catch both IPv4 and IPv6
udphysteria=$(ss -unlH | grep -q ":${hysteria_port}\b" && echo "active" || echo "inactive")
xray=$(systemctl is-active xray.service)
slowdns=$(systemctl is-active server-sldns.service)
sshd=$(systemctl is-active sshd)
dropbear=$(systemctl is-active dropbear)
squid=$(systemctl is-active squid)
ssl=$(systemctl is-active stunnel4)

# 3. Websocket / Socket Check
if timeout 1 bash -c '</dev/tcp/localhost/80' 2>/dev/null; then socket="active"; else socket="inactive"; fi

# 4. User Counting Logic
tcpusers=$(sed -n -e '/^ROUTING_TABLE/p' /etc/openvpn/server/tcpclient.log | wc -l)
udpusers=$(sed -n -e '/^ROUTING_TABLE/p' /etc/openvpn/server/udpclient.log | wc -l)
totalovpn=$((tcpusers + udpusers))

# Using a more robust awk pattern for online users
total_sshd=$(netstat -natp | grep -E ":22\b.*ESTABLISHED.*sshd" | wc -l)
total_dropbear=$(netstat -natp | grep -E ":441\b.*ESTABLISHED.*dropbear" | wc -l)
total_socket1=$(netstat -natp | grep -E ":8000\b.*ESTABLISHED.*python" | wc -l)
total_socket2=$(netstat -natp | grep -E ":8001\b.*ESTABLISHED.*python" | wc -l)
total_socket3=$(netstat -natp | grep -E ":8002\b.*ESTABLISHED.*python" | wc -l)
total_sshssl=$(netstat -natp | grep -E ":445\b.*ESTABLISHED.*stunnel4" | wc -l)
totalssh=$((total_sshd + total_dropbear + total_socket1 + total_socket2 + total_socket3 + total_sshssl))

# FIXED: Standardized port check for Hysteria and Xray
total_hysteria=$(netstat -natp | grep -E ":${hysteria_port}\b.*ESTABLISHED" | wc -l)
total_xray=$(netstat -natp | grep -E ":${xray_port}\b.*ESTABLISHED" | wc -l)

# 5. Database Update (Consolidated skip-ssl)
mysql --skip-ssl -u $USER -p$PASS -D $DB -h $HOST -e "UPDATE server_list SET cpu_model='$cpu', distro='$distro', memory='$memory', uptime='$uptime', disk='$disk', bandwidth='$bandwidth', os='$os', proto='$service', tcpssl='$tcp_ssl_port', udpssl='$udp_ssl_port', tcp_status='$tcpovpn', hysteria_status='$udphysteria', xray_status='$xray', ssh_online='$totalssh', slowdns_status='$slowdns', ssh_status='$sshd', dropbear_status='$dropbear', udp_status='$udpovpn', ssl_status='$ssl', squid_status='$squid', socket_status='$socket', tcp='$tcp_port', udp='$udp_port', hysteria_port='$hysteria_port', xray_port='$xray_port', slowdns_port='$slowdns_port', ssh_port='$ssh_port', dropbear_port='$dropbear_port', squid='$squid_port', socket='$socket_port', online='$totalovpn', hysteria_online='$total_hysteria', xray_online='$total_xray' WHERE server_ip='$ip' "
elif [[ $service == "openconnect" ]];
then
ocserv=$(systemctl is-active ocserv)
udphysteria=$(systemctl is-active hysteria-server.service)
squid=$(systemctl is-active squid)
ssl=$(systemctl is-active stunnel4)
socket=$((echo >/dev/tcp/localhost/80) &>/dev/null && echo "active" || echo "inactive")
totalocserv=$(netstat -natp | awk "/$ip:1194/ && /ESTABLISHED/ && /ocserv/" | wc -l)
total_hysteria=$(netstat -natp | awk "/$ip:5666/ && /ESTABLISHED/ && /hysteria/" | wc -l)
. /root/.ports
. /root/.db-base

output=$(cat <<EOF
{
 "service": "openconnect protocol",
 "ip": "$ip",
 "users": "$totalocserv",
 "bandwidth": "$bandwidth",
 "os": "$os",
 "distro": "$distro",
 "cpu": "$cpu",
 "memory": "$memory",
 "disk": "$disk",
 "uptime": "$uptime",
 "udp_hysteria": "$hysteria_port - $udphysteria",
 "tcp_port": "$tcp_port - $ocserv",
 "socket_port": "$socket_port - $socket",
 "squid_port": "$squid_port - $squid",
 "tcp_ssl_port": "$tcp_ssl_port - $ssl",
 "udp_ssl_port": "$udp_ssl_port - $ssl"
}
EOF
)

mysql --skip-ssl -u $DB_USER -p$DB_PASS -D $DB_NAME -h $DB_HOST -e "UPDATE server_list SET cpu_model='$cpu', distro='$distro', memory='$memory', uptime='$uptime', disk='$disk', bandwidth='$bandwidth', os='$os', proto='$service', tcpssl='$tcp_ssl_port', udpssl='$udp_ssl_port', tcp_status='$ocserv', hysteria_status='$udphysteria', udp_status='$ocserv', ssl_status='$ssl', squid_status='$squid', socket_status='$socket', tcp='$tcp_port', udp='$udp_port', hysteria_port='$hysteria_port', squid='$squid_port', socket='$socket_port', online='$totalocserv', hysteria_online='$total_hysteria' WHERE server_ip='$ip' "

elif [[ $service == "pptp" ]];
then
pptpd=$(systemctl is-active pptpd)

output=$(cat <<EOF
{
 "service": "pptp protocol",
 "ip": "$ip",
 "bandwidth": "$bandwidth",
 "pptpd": "$pptpd",
 "os": "$os",
 "distro": "$distro",
 "cpu": "$cpu",
 "memory": "$memory",
 "disk": "$disk",
 "uptime": "$uptime"
}
EOF
)

echo $output

elif [[ $service == "reboot" ]];
then
sudo shutdown -r now
fi