#!/bin/bash
# Cyber-Medi Secure Access — One-Click WARP Installer (macOS)
set -e

TEAM_NAME="cyberellum"
PKG_URL="https://www.cloudflare.com/static/misc/warp/Cloudflare_WARP.pkg"
WARP_CLI="/Applications/Cloudflare WARP.app/Contents/Resources/warp-cli"
PLIST="/Library/Managed Preferences/com.cloudflare.warp.plist"

echo ""
echo "============================================"
echo " Cyber-Medi — Installing Secure Access"
echo "============================================"
echo ""

if [ "$EUID" -ne 0 ]; then
    echo "[!] This script needs admin access."
    echo "    Run with: sudo bash install-cyber-medi.sh"
    exit 1
fi

if [ ! -f "$WARP_CLI" ]; then
    echo "[1/3] Downloading WARP..."
    curl -sL "$PKG_URL" -o /tmp/Cloudflare_WARP.pkg

    echo "[2/3] Installing..."
    installer -pkg /tmp/Cloudflare_WARP.pkg -target / -quiet
    rm -f /tmp/Cloudflare_WARP.pkg
    echo "      Installed."
else
    echo "[OK] WARP already installed."
fi

echo "[3/3] Configuring..."
cat > "$PLIST" << 'EOF'
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
    <key>organization</key>
    <string>cyberellum</string>
    <key>onboarding</key>
    <false/>
    <key>support_url</key>
    <string>https://cyber-medi.us</string>
</dict>
</plist>
EOF

"$WARP_CLI" --accept-tos 2>/dev/null || true
"$WARP_CLI" set-mode warp+doh 2>/dev/null || true
"$WARP_CLI" connect 2>/dev/null || true
sleep 3

echo ""
echo "============================================"
echo " DONE! You're connected."
echo " Go to: https://health.cyber-medi.us"
echo "============================================"
echo ""