#! /bin/bash
#
# archstrap
# Build an Arch system in /mnt
# Copyright (C) 2020 Vintage Salt <rehashedsalt@cock.li>
#
# Distributed under terms of the MIT license.
#
set -e

# Read-only set-once variables
declare -r _name="$(basename -- "$0")"
# Options
declare -i _optchroot
declare -i _opthelp
declare -i _optverbose
declare _optdest="/mnt"
# Working variables
declare -a _args
declare _return

# Helper functions
log() {
	# Print a line to the terminal if _optverbose is greater than $2
	# $2 defaults to 0
	# loglevel 0: Daily-use messages
	# loglevel 1: Detailed but not quite debugging
	# loglevel 2: Definitely debugging
	[ -z "$1" ] && return 1
	if (( _optverbose >= ${2:-0} )); then
		printf "%s\\n" "$1"
	fi
}
warn() {
	# Print a yellow line to the terminal, respecting _optverbose
	[ -z "$1" ] && return 1
	if (( _optverbose >= ${2:-0} )); then
		if [ -t 1 ]; then
			printf "\\e[33m%s\\e[0m\\n" "$1"
		else
			printf "WARN: %s\\n" "$1"
		fi
	fi
}
error() {
	# Print a red line to the terminal, exit if $2 is specified
	[ -z "$1" ] && return 1
	if [ -t 2 ]; then
		printf "\\e[31m%s\\e[0m\\n" "$1" 1>&2
	else
		printf "ERROR: %s\\n" "$1" 1>&2
	fi
	[ -z "$2" ] && return
	exit "${2:-1}"
}
has() {
	# Parse out all arguments and try to find them in path
	# If an argument cannot be found, set _return and fail
	for prog in "$@"; do
		if ! command -v "$prog" > /dev/null 2>&1; then
			_return="$prog"
			return 1
		fi
	done
	return 0
}

# Helper functions
cleanup() {
	[ -z "$1" ] && warn "No argument passed to cleanup"
	rm -rf "$1" || warn "failed to remove $1: $?"
}

# Core program functions
printhelp() {
	cat << EOF
Usage: $_name [OPTION]...

  -c [FILE]		Load the given file in place of the usual config file
  -h			Print this help text
  -v			Print more status messages. Stacks

Copyright (c) 2020 rehashedsalt@cock.li
Licensed under the MIT license
EOF
}
arch-build() {
	# Download and unpack our minimal Arch image. Or pacstrap it or whatever
	log "Bootstrapping an Arch installation"
	script="https://raw.githubusercontent.com/tokland/arch-bootstrap/master/arch-bootstrap.sh"
	bootstrap="/tmp/tmp.$USER.$_name.arch-bootstrap.sh"
	for file in "$bootstrap"; do
		touch "$file"
		chmod 0700 "$file"
	done
	if ! [ -e "$_optdest"/dev/null ]; then
		curl "$script" -o "$bootstrap"
		"$bootstrap" "$_optdest"
	fi
}
arch-chroot() {
	# Jump to our new Arch chroot
	log "Pivoting to chroot"
	cp "$0" "$_optdest/archstrap.sh"
	if ! grep -qs "$_optdest/proc " /proc/mounts; then
		log "Mounting proc"
		mount --types proc /proc "$_optdest/proc"
	fi
	for dir in sys dev; do
		log "Mounting $dir"
		if ! grep -qs "$_optdest/$dir " /proc/mounts; then
			mount --rbind /$dir "$_optdest/$dir"
			mount --make-rslave "$_optdest/$dir"
		fi
	done
	chroot "$_optdest" /archstrap.sh -c
}
arch-chroot-configure() {
	# Configure the Arch system from within the chroot
	# Required packages
	pacman -S linux linux-firmware grub
	# Secondary packages
	pacman -S sudo
	cat <<-EOF >> "/etc/sudoers"
	%sudo ALL=(ALL) ALL
	ansible ALL=(ALL) NOPASSWD:ALL
	EOF
	# Create sudo group
	if ! grep -e '^sudo:' /etc/group; then
		groupadd sudo
	fi
	# Configure my user
	if ! id salt > /dev/null 2>&1; then
		useradd salt -m -G sudo -s /bin/bash -u 1000 -U
		passwd salt
	fi
	for group in sudo; do
		usermod -G "$group" -a salt || warn "Failed to add salt to group: $group"
	done
	# Configure Ansible user
	if ! id ansible > /dev/null 2>&1; then
		useradd ansible -m -s /bin/bash -u 1001 -U
	fi
	sudo -u ansible -i mkdir .ssh
	sudo -u ansible -i chmod 0700 .ssh
	sudo -u ansible -i echo "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDfXVgMHeD2wtCAIVoDYQ+R19vKfhmR2FgUTkHhAzE2156fB/+IMB+6Qc4X3aFRIcUp+Ls8Vm8JQ3d0jvbcGQkgbAjRExQa71XGBmhxJCxzlCLBoQzBmTSnryL09LExoMynzVgrso8TQP92vZBGJFI/lLGAaop2l9pu+3cgM3sRaK+A11lcRCrS25C3hqPQhKC44zjzOt7sIoaG6RqG3CQ8jhE35bthQdBySOZVDgDKfjDyPuDzVxiKjsuNm4Ojzm0QW5gq6GkLOg2B8OSQ1TGQgBHQu4b8zsKBOUOdbZb0JLM8NdpH1cMntC0QBofy3DzqR/CFaSaBzUx+dnkBH0/pjBOrhHzzqZGOJayfC1igYki67HqzFV5IjhAVa+c4S9L/zbFk0+YZYdgMoKNlMU2LgzrSEastuXHD7NUy3fMP4BZbqg37SjQzFRXoUp5+ctVs9tCoy/qvvjT3UVGcn312eJrRRfWrYagU2nWKGyqbTOpsuOJ5OLlhopy6eP9+yRM= ansible" > ~ansible/.ssh/authorized_keys
	chown ansible. ~ansible/.ssh/authorized_keys
	sudo -u ansible -i chmod 0600 .ssh/authorized_keys

	cat <<-EOF
	Initial system configuration is comiplete. Just a few tasks remain:
	* Mount the ESP under /boot/efi
	* Verify fstab
	* Install GRUB

	Dumping to a shell now. Have fun!
	EOF
	exec bash
}

# Main
main() {
	# Parse out arguments
	while [ -n "$1" ]; do
		# Parse out flags
		while getopts ":chv" opt; do
			case $opt in
				c)
					_optchroot=1
					;;
				h)
					_opthelp=1
					;;
				v)
					_optverbose+=1
					;;
				:)
					error "Option requires argument: -$OPTARG" 2
					;;
				*)
					error "Invalid option: -$OPTARG" 2
					;;
			esac
		done
		# Store arguments
		shift $((OPTIND - 1))
		if [ -n "$1" ]; then
			_args+=("$1")
			shift
		fi
		unset OPTIND
	done
	# Early hook for help
	[ -n "$_opthelp" ] && printhelp && exit 0
	# Validate critical options
	# TODO: That
	# Validate core program dependencies
	log "Validating dependencies" 2
	if ! has basename curl zstd; then
		error "Failed to find program: $_return" 1
	fi

	# Do the do
	if [ -n "$_optchroot" ]; then
		# We're doing in-chroot configuration
		arch-chroot-configure
	else
		arch-build
		arch-chroot
	fi
	exit 0
}

main "$@"