{% extends 'base/layout.html' %}
{% load form_helpers %}
{% load i18n %}

{% block title %}{% trans "Proxbox Settings" %}{% endblock %}

{% block content %}
<div class="row">
    <div class="col col-md-12">
        <h4 class="mb-3">{% trans "Plugin Settings" %}</h4>
        <form method="post">
            {% csrf_token %}
            {# Sync Settings Card #}
            <div class="card mb-3">
                <h5 class="card-header">
                    <i class="mdi mdi-sync"></i>
                    {% trans "Sync Settings" %}
                </h5>
                <div class="card-body">
                    <p class="text-muted">
                        {% blocktrans trimmed %}
                        Configure runtime behavior for Proxbox synchronization.
                        {% endblocktrans %}
                    </p>
                    {% render_field form.use_guest_agent_interface_name %}
                    {% render_field form.proxbox_fetch_max_concurrency %}
                    {% render_field form.ignore_ipv6_link_local_addresses %}
                    {% render_field form.primary_ip_preference %}
                    {% render_field form.backend_log_file_path %}
                </div>
            </div>
            {# NetBox Integration Card #}
            <div class="card mb-3">
                <h5 class="card-header">
                    <i class="mdi mdi-database"></i>
                    {% trans "NetBox Integration" %}
                </h5>
                <div class="card-body">
                    <p class="text-muted">
                        {% blocktrans trimmed %}
                        Configure NetBox API connection behavior, caching, and bulk operation parameters.
                        {% endblocktrans %}
                    </p>
                    {% render_field form.netbox_max_concurrent %}
                    {% render_field form.netbox_max_retries %}
                    {% render_field form.netbox_retry_delay %}
                    {% render_field form.netbox_get_cache_ttl %}
                    {% render_field form.bulk_batch_size %}
                    {% render_field form.bulk_batch_delay_ms %}
                    {% render_field form.vm_sync_max_concurrency %}
                    {% render_field form.custom_fields_request_delay %}
                </div>
            </div>
            {# Proxmox API Card #}
            <div class="card mb-3">
                <h5 class="card-header">
                    <i class="mdi mdi-server"></i>
                    {% trans "Proxmox API" %}
                </h5>
                <div class="card-body">
                    <p class="text-muted">
                        {% blocktrans trimmed %}
                        Configure default timeout and retry behavior for Proxmox API requests.
                        Individual endpoints can override these values.
                        {% endblocktrans %}
                    </p>
                    {% render_field form.proxmox_timeout %}
                    {% render_field form.proxmox_max_retries %}
                    {% render_field form.proxmox_retry_backoff %}
                </div>
            </div>
            {# SSRF Protection Card #}
            <div class="card mb-3">
                <h5 class="card-header">
                    <i class="mdi mdi-shield-check"></i>
                    {% trans "SSRF Protection" %}
                </h5>
                <div class="card-body">
                    <p class="text-muted">
                        {% blocktrans trimmed %}
                        Configure Server-Side Request Forgery (SSRF) protection for endpoint validation.
                        Endpoints registered in the database are automatically allowed.
                        {% endblocktrans %}
                    </p>
                    {% render_field form.ssrf_protection_enabled %}
                    {% render_field form.allow_private_ips %}
                    {% render_field form.additional_allowed_ip_ranges %}
                    {% render_field form.explicitly_blocked_ip_ranges %}
                </div>
            </div>
            {# Encryption Card #}
            <div class="card mb-3">
                <h5 class="card-header">
                    <i class="mdi mdi-lock"></i>
                    {% trans "Encryption" %}
                </h5>
                <div class="card-body">
                    <p class="text-muted">
                        {% blocktrans trimmed %}
                        Configure credential encryption for proxbox-api. When enabled, sensitive
                        credentials are encrypted at rest using the key below. The encryption key
                        can also be set via the PROXBOX_ENCRYPTION_KEY environment variable on the
                        proxbox-api host.
                        {% endblocktrans %}
                    </p>
                    {% render_field form.encryption_enabled %}
                    {% render_field form.encryption_key %}
                </div>
            </div>
            <div class="mb-3">
                <button type="submit" class="btn btn-primary">
                    <i class="mdi mdi-content-save"></i>
                    {% trans "Save Settings" %}
                </button>
            </div>
        </form>
    </div>
</div>
{% endblock %}