#!/usr/bin/env bash
set -e

# Insert SSH keys here
sshkeys=''

# Fill in iso output directory
isopath=

# Exit if run without sudo
if [ ${EUID} -ne 0 ]
then
    echo "Please run as root"
    exit 1
fi

# Exit if directory doesn't exist
if ! [ -d ${isopath}/ ]
then
    echo "ISO output path isn't specified"
    exit 1
fi

# Create work directory
workdir=$(mktemp -d)
cd ${workdir}/

clear

# Download latest releng profile
echo "$(tput setaf 4)$(tput bold):: Downloading necessary files$(tput sgr0)"
curl --fail -s https://git.myvelabs.com/mirrors/archiso/archive/master.tar.gz | tar xz -C .
rsync -a ./archiso/configs/releng ./ --exclude '*reflector*'
rm -r ./archiso/

# Tweak releng profile
# Create directories
mkdir -p ./releng/airootfs/var/lib/iwd
mkdir -p ./releng/airootfs/etc/wireguard

# Download essential arch scripts
curl --fail -s -L https://git.myvelabs.app/lab/archlinux/raw/branch/master/installer.sh >./releng/airootfs/usr/local/bin/installer
curl --fail -s -L https://git.myvelabs.app/lab/archlinux/raw/branch/master/recover.sh >./releng/airootfs/usr/local/bin/recover

# IWD connector
curl --fail -s -L https://git.myvelabs.app/lab/archiso/raw/branch/master/iwd-connect >./releng/airootfs/usr/local/bin/iwd-connect

# ~/.zshrc
curl --fail -s -L https://git.myvelabs.app/lab/archiso/raw/branch/master/zshrc >./releng/airootfs/root/.zshrc

# Copy mirrorlist
cp /etc/pacman.d/mirrorlist ./releng/airootfs/etc/pacman.d/

# Custom pacman.conf
sed -i \
  -e '/Color/c\Color' \
  -e '/ParallelDownloads/c\ParallelDownloads = 10' \
  ./releng/pacman.conf

# SSH
echo 'PasswordAuthentication no
AuthenticationMethods publickey' >./releng/airootfs/etc/ssh/sshd_config.d/zz-archiso.conf
mkdir -p ./releng/airootfs/root/.ssh
echo "${sshkeys}" >./releng/airootfs/root/.ssh/authorized_keys

# Remove livecd
find ./releng/ -type f -iname "*livecd*" -exec rm -r -f {} \;

# Modify packages.x86_64
echo 'bash-completion
yubikey-personalization
yubikey-full-disk-encryption
wireguard-tools' >>./releng/packages.x86_64
sed -i 's/^livecd-sounds/#&/' ./releng/packages.x86_64

# # permissions for profiledef.sh
sed -i '/livecd-sound/d' ./releng/profiledef.sh
sed -i 's#^)$#  ["/usr/local/bin/recover"]="0:0:755"\
  ["/usr/local/bin/installer"]="0:0:755"\
  ["/usr/local/bin/iwd-connect"]="0:0:755"\
  ["/var/lib/iwd"]="0:0:0700"\
  ["/etc/wireguard/"]="0:0:0700"\
&#' ./releng/profiledef.sh

# Tweak /etc/motd
sed -i 's/iwctl/iwd-connect/' ./releng/airootfs/etc/motd

# Show IP address at login
sed -i 's#\[Service\]#&\
ExecStartPre=/bin/sh -c '\''sed -i 1q /etc/issue; echo >> /etc/issue; if ping -q -c 1 -W 3 1.1.1.1 >/dev/null; then sed -i "/Arch Linux/a Local IP: $(ip r | awk "{print \\$(NF-2);exit}")" /etc/issue; fi'\''#' ./releng/airootfs/etc/systemd/system/getty@tty1.service.d/autologin.conf

# Bootloader modifications
# Systemd-boot
sed -i 's/beep on/#&/' ./releng/efiboot/loader/loader.conf
sed -i 's/timeout 15/timeout 5/' ./releng/efiboot/loader/loader.conf
mv ./releng/efiboot/loader/entries/02-archiso-x86_64-speech-linux.conf ./releng/efiboot/loader/entries/02-archiso-x86_64-ram-linux.conf
sed -i 's/) with speech/, Copy to RAM)/' ./releng/efiboot/loader/entries/02-archiso-x86_64-ram-linux.conf
sed -i 's/accessibility=on/copytoram/' ./releng/efiboot/loader/entries/02-archiso-x86_64-ram-linux.conf

# Grub
sed -i 's/timeout=15/timeout=5/' ./releng/grub/grub.cfg
sed -i 's/play 600 988 1 1319 4/#&/' ./releng/grub/grub.cfg
sed -i 's/with speakup screen reader/Copy to RAM/' ./releng/grub/grub.cfg
sed -i 's/timeout=15/timeout=5/' ./releng/grub/loopback.cfg
sed -i 's/with speakup screen reader/Copy to RAM/' ./releng/grub/loopback.cfg
sed -i 's/archlinux-accessibility/archlinux-copy-to-ram/' ./releng/grub/grub.cfg
sed -i 's/accessibility=on/copytoram/' ./releng/grub/grub.cfg

# Syslinux
sed -i 's/TIMEOUT 150/TIMEOUT 50/' ./releng/syslinux/archiso_sys.cfg
sed -i 's/# Accessibility/# Copy to RAM/' ./releng/syslinux/archiso_sys-linux.cfg
sed -i 's/arch64speech/arch64ram/' ./releng/syslinux/archiso_sys-linux.cfg
sed -i 's/speakup screen reader/Copy to RAM option/' ./releng/syslinux/archiso_sys-linux.cfg
sed -i 's/ with speech feedback//' ./releng/syslinux/archiso_sys-linux.cfg
sed -i 's/) with ^speech/, Copy to RAM)/' ./releng/syslinux/archiso_sys-linux.cfg
sed -i 's/accessibility=on/copytoram/' ./releng/syslinux/archiso_sys-linux.cfg

# vconsole.conf
echo 'KEYMAP=us
FONT=ter-224n' >./releng/airootfs/etc/vconsole.conf

# Install ZFS
case ${1} in
    zfs)
        cat >>./releng/pacman.conf <<'zfs'

[archzfs]
Server = https://archzfs.com/$repo/$arch
zfs
        mkdir -p ./releng/airootfs/usr/share/pacman/keyrings
        curl --fail -s -L https://git.myvelabs.app/lab/archiso/raw/branch/master/zfs/archzfs-trusted >./releng/airootfs/usr/share/pacman/keyrings/archzfs-trusted
        curl --fail -s -L https://git.myvelabs.app/lab/archiso/raw/branch/master/zfs/archzfs.gpg >./releng/airootfs/usr/share/pacman/keyrings/archzfs.gpg
        echo 'archzfs-linux' >>./releng/packages.x86_64
        ;;
esac

# Custom pacman.conf
sed -e '/^#\|^$\|IgnorePkg/d' \
    -e "/^\[core\]$\|^\[extra\]$\|^\[archzfs\]$/a\\
CacheServer = https://pacman.myvelabs.com" \
    /etc/pacman.conf >./releng/airootfs/etc/pacman.conf

# Begin mkarchiso
if mkarchiso -v -w ./workdir -o ./output ./releng -r
then
    case ${1} in
        zfs)
            rename -- "archlinux" "archzfs" ./output/*
            ;;
        *)
            rename -- ".iso" "${version}.iso" ./output/*
            ;;
    esac

    mv ./output/*.iso ${isopath}/
    cd ~
    rm -r -f /tmp/tmp.*/
fi