#!/usr/bin/env bash
# License: GNU GPLv2
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; version 2 of the License.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.

. "$(librelib common.sh)"
. "$(librelib archroot.sh)"

working_dir=''
files=()
private_network=0
translated_args=()
bind_args=()

usage() {
	echo "Usage: ${0##*/} [options] working-dir [systemd-nspawn arguments]"
	echo "A wrapper around bwrap. Provides support for pacman."
	echo
	echo ' options:'
	echo '    -C <file>     Location of a pacman config file'
	echo '    -M <file>     Location of a makepkg config file'
	echo '    -c <dir>      Set pacman cache'
	echo '    -f <file>     Copy file from the host to the chroot'
	echo '    -s            Do not run setarch'
	echo '    -h            This message'
	exit 1
}

while getopts 'hC:M:c:f:s' arg; do
	case "$arg" in
		C) pac_conf="$OPTARG" ;;
		M) makepkg_conf="$OPTARG" ;;
		c) cache_dir="$OPTARG" ;;
		f) files+=("$OPTARG") ;;
		s) nosetarch=1 ;;
		h|?) usage ;;
		*) error "invalid argument '%s'" "$arg"; usage ;;
	esac
done
shift $((OPTIND - 1))

(( $# < 1 )) && die 'You must specify a directory.'
check_root

working_dir=$(readlink -f "$1")
shift 1

[[ -z $working_dir ]] && die 'Please specify a working directory.'

# Parse systemd-nspawn-like args for bwrap translation
for arg in "$@"; do
	case "$arg" in
		--private-network)
			private_network=1
			;;
		--bind=*|--bind-ro=*)
			key="${arg%%=*}"
			val="${arg#*=}"

			if [[ "$val" != *:* ]]; then
				echo "Error: $key requires argument in form /host/path:/chroot/path" >&2
				exit 1
			fi

			src="${val%%:*}"
			dst="${val#*:}"

			if [[ $key == "--bind" ]]; then
				bind_args+=(--bind "$src" "$dst")
			else
				bind_args+=(--ro-bind "$src" "$dst")
			fi
			;;
		--bind|--bind-ro)
			echo "Error: $arg requires an argument" >&2
			exit 1
			;;
		*)
			translated_args+=("$arg")
			;;
	esac
done

if [[ -z $cache_dir ]]; then
	mapfile -t cache_dirs < <(pacman -v 2>&1 | grep '^Cache Dirs:' | sed 's/Cache Dirs:\s*//g')
else
	cache_dirs=("$cache_dir")
fi

# shellcheck disable=2016
pacconf_cmd=$(command -v pacman-conf || command -v pacconf)
# shellcheck disable=2016
host_mirror=$($pacconf_cmd --repo extra Server 2> /dev/null | head -1 | sed -r 's#(.*/)extra/os/.*#\1$repo/os/$arch#')
[[ $host_mirror == *file://* ]] && host_mirror_path=$(echo "$host_mirror" | sed -r 's#file://(/.*)/\$repo/os/\$arch#\1#g')

# {{{ functions
build_mount_args() {
	declare -g mount_args=()

	if [[ -n $host_mirror_path ]]; then
		mount_args+=("--ro-bind" $host_mirror_path $host_mirror_path)
	fi

	mount_args+=("--bind" ${cache_dirs[0]} ${cache_dirs[0]})

	for cache_dir in "${cache_dirs[@]:1}"; do
		mount_args+=("--ro-bind" $cache_dir $cache_dir)
	done
}

copy_hostconf () {
	cp -a /etc/pacman.d/gnupg "$working_dir/etc/pacman.d"
	echo "Server = $host_mirror" >"$working_dir/etc/pacman.d/mirrorlist"

	[[ -n $pac_conf ]] && cp "$pac_conf" "$working_dir/etc/pacman.conf"
	[[ -n $makepkg_conf ]] && cp "$makepkg_conf" "$working_dir/etc/makepkg.conf"

	local file
	for file in "${files[@]}"; do
		mkdir -p "$(dirname "$working_dir$file")"
		cp -T "$file" "$working_dir$file"
	done

	sed -r "s|^#?\\s*CacheDir.+|CacheDir = ${cache_dirs[*]}|g" -i "$working_dir/etc/pacman.conf"
}
# }}}

umask 0022

# Sanity check
if [[ ! -f "$working_dir/.arch-chroot" ]]; then
	die "'%s' does not appear to be an Arch chroot." "$working_dir"
elif [[ $(cat "$working_dir/.arch-chroot") != "$CHROOT_VERSION" ]]; then
	die "chroot '%s' is not at version %s.  Please rebuild." "$working_dir" "$CHROOT_VERSION"
fi

build_mount_args
cache_dirs+=('/repo/')
copy_hostconf

eval "$(grep -a '^CARCH=' "$working_dir/etc/makepkg.conf")"
case "$CARCH" in
	armv7h) CARCH=armv7l ;;
esac
[[ -z $nosetarch ]] || unset CARCH

# Build bwrap command
bwrap_cmd=(
	${CARCH:+setarch "$CARCH"}
	bwrap
	--bind "$working_dir" /
	--unshare-ipc --unshare-pid --unshare-uts --unshare-cgroup
	--dev /dev
	--proc /proc
	--perms 1777 --tmpfs /tmp
	--setenv PATH /usr/local/sbin:/usr/local/bin:/usr/bin
	--chdir /
	"${mount_args[@]}"
	"${bind_args[@]}"
)

# If not using --private-network, mount resolv.conf
if (( private_network == 0 )); then
	bwrap_cmd+=(--ro-bind /etc/resolv.conf /etc/resolv.conf)
else
	bwrap_cmd+=(--unshare-net)
fi
bwrap_cmd+=("${translated_args[@]}")

exec "${bwrap_cmd[@]}"
