from pathlib import Path
from decnet.services.base import BaseService

TEMPLATES_DIR = Path(__file__).parent.parent / "templates" / "rdp"


class RDPService(BaseService):
    name = "rdp"
    ports = [3389]
    default_image = "build"

    def compose_fragment(self, decky_name: str, log_target: str | None = None, service_cfg: dict | None = None) -> dict:
        fragment: dict = {
            "build": {"context": str(TEMPLATES_DIR)},
            "container_name": f"{decky_name}-rdp",
            "restart": "unless-stopped",
            "environment": {
                "NODE_NAME": decky_name,
            },
        }
        if log_target:
            fragment["environment"]["LOG_TARGET"] = log_target
        # Opt into the CredSSP / NLA capture path. Off by default — basic
        # X.224 cookie capture is sufficient for most attacker traffic and
        # avoids the openssl cert-gen overhead at container start.
        if service_cfg and service_cfg.get("nla"):
            fragment["environment"]["RDP_ENABLE_NLA"] = "true"
        return fragment

    def dockerfile_context(self) -> Path | None:
        return TEMPLATES_DIR