#!/bin/bash -x
# Copyright (C) 2016 Ian Kelling

# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.

# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.

# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.

x="$(readlink -f "$BASH_SOURCE")"; source "${x%/*}/bash-trace"
cd ${x%/*}

export HOSTNAME="$1"
mirror=$2

(( $# >= 1 )) || { echo "$0: error: need 1 or 2 arguments"; exit 1; }

rm -f /etc/pacman.d/mirrorlist
# https://wiki.archlinux.org/index.php/Mirrors#Sorting_mirrors

if [[ $mirror ]]; then
    echo "Server = $mirror" >> /etc/pacman.d/mirrorlist
fi
curl -s 'https://www.archlinux.org/mirrorlist/?country=US&protocol=https&ip_version=4&ip_version=6&use_mirror_status=on' |
    sed -r 's/^[ #]*(Server *=)/\1/' >> /etc/pacman.d/mirrorlist

. /a/bin/fai/fai-wrapper
export LUKS_DIR=/root/luks
export DISTRO=arch
partition_script=/a/bin/fai/fai/config/hooks/partition.DEFAULT
chmod +x $partition_script

export PARTITION_PROMPT=true

# to be idempotent if we fail after partitioning
already_partitioned=true
mount_out=$(mount)
for dir in /mnt{,/home,/boot,/a}; do
    regex=" on $dir "
    if [[ ! $mount_out =~ $regex ]]; then
        already_partitioned=false
        break
    fi
done

if ! $already_partitioned; then
    /a/bin/fai/fai/config/hooks/partition.DEFAULT
fi

. /tmp/fai/disk_var.sh


# arch doesn't need crypttab entries for initramfs crypt partititions
export rootn=1
export bootn=3
export swapn=2
export BOOT_DEVICE
export ROOT_PARTITIONS
sed -ri --follow-symlinks "/^crypt_dev_\S+$rootn /d" /tmp/fai/crypttab

if ! $already_partitioned; then
    mount -o subvol=root_$DISTRO $ROOT_PARTITION /mnt
    mkdir -p /mnt/boot
    mount -o subvol=boot_$DISTRO $BOOT_PARTITION /mnt/boot
fi

# https://wiki.archlinux.org/index.php/Dm-crypt/Device_encryption#Keyfiles
cp /root/luks/host-$HOSTNAME /mnt/crypto_keyfile.bin
chmod 600 /mnt/crypto_keyfile.bin


if [[ $mirror ]]; then
    echo "$0: 404 errors about core.db etc are normal,
they will succeed using the secodary mirror"
fi
pacstrap /mnt base
cp /tmp/fai/{fstab,crypttab} /mnt/etc
cp /a/bin/fai/encrypt /mnt/usr/lib/initcpio/hooks

cp -r /root/.ssh /mnt/root

bindmount() {
    local mountpoint=$2
    local source=$1
    mkdir -p $mountpoint
    mount -o bind $source $mountpoint
}
bindmount /root/shadow /mnt/q/root/shadow
bindmount /a /mnt/a

mkdir -p /mnt/etc/ssh
cp /etc/ssh/ssh_host_* /mnt/etc/ssh

cp /a/bin/fai/arch-init-chroot /mnt/root
# for manual commands, arch-chroot /mnt bash
arch-chroot /mnt /root/arch-init-chroot

# this gets mounted in chroot so we have to do it outside
rm -f /mnt/etc/resolv.conf
ln -s /run/systemd/resolve/resolv.conf /mnt/etc/resolv.conf

# not necsesary, but makes reboot go fast.
umount -R /mnt; sleep 1

# causes 255 exit code, so doing this from the caller script.
# reboot now