import { withPayload } from '@payloadcms/next/withPayload'
import redirects from './redirects.js'

const NEXT_PUBLIC_SERVER_URL = process.env.VERCEL_PROJECT_PRODUCTION_URL
  ? `https://${process.env.VERCEL_PROJECT_PRODUCTION_URL}`
  : undefined || process.env.__NEXT_PRIVATE_ORIGIN || 'http://localhost:3000'

const ContentSecurityPolicy = `
  default-src 'self';
  script-src 'self' 'unsafe-inline'
    https://layerandmesh.lime-forms.com
    https://matomo.layermesh.se
    https://maps.googleapis.com
    https://maps.gstatic.com;
  style-src 'self' 'unsafe-inline'
    https://layerandmesh.lime-forms.com;
  img-src 'self' data: blob:
    https://matomo.layermesh.se
    https://img.youtube.com
    https://*.vimeocdn.com
    https://maps.googleapis.com
    https://maps.gstatic.com;
  font-src 'self';
  connect-src 'self'
    https://matomo.layermesh.se
    https://layerandmesh.lime-forms.com
    https://maps.googleapis.com
    https://*.googleapis.com;
  frame-src 'self'
    https://www.youtube.com
    https://www.youtube-nocookie.com
    https://player.vimeo.com
    https://www.google.com
    https://maps.google.com;
  worker-src 'self';
  media-src 'self' https://player.vimeo.com;
  object-src 'none';
  base-uri 'self';
  form-action 'self' https://layerandmesh.lime-forms.com;
  frame-ancestors 'self';
  upgrade-insecure-requests;
`

const securityHeaders = [
  {
    key: 'Content-Security-Policy',
    value: ContentSecurityPolicy.replace(/\s{2,}/g, ' ').trim(),
  },
  {
    key: 'Strict-Transport-Security',
    value: 'max-age=63072000; includeSubDomains',
  },
  {
    key: 'X-Frame-Options',
    value: 'SAMEORIGIN',
  },
  {
    key: 'X-Content-Type-Options',
    value: 'nosniff',
  },
  {
    key: 'Referrer-Policy',
    value: 'strict-origin-when-cross-origin',
  },
  {
    key: 'Permissions-Policy',
    value: 'camera=(), microphone=(), geolocation=(), payment=(), usb=(), accelerometer=(), gyroscope=()',
  },
]

/** @type {import('next').NextConfig} */
const nextConfig = {
  experimental: {
    workerThreads: false,
    cpus: 1,
  },
  images: {
    remotePatterns: [
      ...[NEXT_PUBLIC_SERVER_URL].map((item) => {
        const url = new URL(item)
        return {
          hostname: url.hostname,
          protocol: url.protocol.replace(':', ''),
        }
      }),
    ],
  },
  webpack: (webpackConfig) => {
    webpackConfig.resolve.extensionAlias = {
      '.cjs': ['.cts', '.cjs'],
      '.js': ['.ts', '.tsx', '.js', '.jsx'],
      '.mjs': ['.mts', '.mjs'],
    }
    return webpackConfig
  },
  reactStrictMode: true,
  redirects,
  async headers() {
    return [
      {
        source: '/((?!admin|api).*)',
        headers: securityHeaders,
      },
    ]
  },
}

export default withPayload(nextConfig, { devBundleServerPackages: false })