#!/bin/bash
# WARNING: this script will destroy data on the selected disk.
# This script does not work out of the box,
# it is run in the custom arch installer built via
# https://git.abstractnonsen.se/arch/mkessler-archiso
#
# For the exact requirements, see the README at the git repository
#


set -uo pipefail
trap 's=$?; echo "$0: Error on line "$LINENO": $BASH_COMMAND"; exit $s' ERR

# test internet connectivity
ping -c 1 -W 2 archlinux.org || (echo "You don't seem to be connected to the internet, aborting." && exit 1)

### Get infomation from user ###
hostname=$(dialog --stdout --inputbox "Enter hostname" 0 0) || exit 1
clear
: ${hostname:?"hostname cannot be empty"}

user=$(dialog --stdout --inputbox "Enter username" 0 0) || exit 1
clear
: ${user:?"user cannot be empty"}

disk_password=$(dialog --stdout --passwordbox "Enter disk encryption password" 0 0) || exit 1
clear
: ${disk_password:?"password cannot be empty"}
disk_password2=$(dialog --stdout --passwordbox "Enter disk encryption password again" 0 0) || exit 1
clear
[[ "$disk_password" == "$disk_password2" ]] || ( echo "Passwords did not match"; exit 1; )

user_password=$(dialog --stdout --passwordbox "Enter user (and root) password" 0 0) || exit 1
clear
: ${user_password:?"password cannot be empty"}
user_password2=$(dialog --stdout --passwordbox "Enter user (and root) password again" 0 0) || exit 1
clear
[[ "$user_password" == "$user_password2" ]] || ( echo "Passwords did not match"; exit 1; )

devicelist=$(lsblk -dplnx size -o name,size | grep -Ev "boot|rpmb|loop" | tac)
device=$(dialog --stdout --menu "Select installation disk" 0 0 0 ${devicelist}) || exit 1
clear


#### Got all user input, start with installation now

# set up all further variables

REPO_URL="https://mkessler-arch.maximilian-kessler.de"

cryptlvm="cryptlvm"
vlgrp="vlgrp"

mapped_device="/dev/mapper/${cryptlvm}"

part_boot="${device}p1"
part_luks="${device}p2"

part_swap="/dev/${vlgrp}/swap"
part_root="/dev/${vlgrp}/root"
part_home="/dev/${vlgrp}/home"


### Set up logging ###
exec 1> >(tee "stdout.log")
exec 2> >(tee "stderr.log")

timedatectl set-ntp true

# Set up custom repo signing key
pacman-key --init
pacman-key --add /opt/mkessler/signing-key/signing_key
pacman-key --lsign-key B419CDA93D7544F8214B3216A23D90C2433DAFBC

### update mirrors
echo "Running reflector to update mirrors"
reflector

### Setup the disk and partitions ###
ram_size=$(free --mebi | awk '/Mem:/ {print $2}')
swap_size=$((ram_size + 1024))M  # 1 Gigabyte more swap space than available ram
root_size=60G

# creates two partitions: one boot partition and another partition, filling the rest of space
echo "Creating partitions on ${device}..."
fdisk "${device}" <<EOF
g
n


+256M
t
EFI System
n



w
EOF


wipefs "${part_boot}"
wipefs "${part_luks}"

echo "Setting up luks on ${part_luks}"
echo "${disk_password}" | cryptsetup luksFormat -q "${part_luks}"
echo "${disk_password}" | cryptsetup open "${part_luks}" "${cryptlvm}"

pvcreate "${mapped_device}"
vgcreate "${vlgrp}" "${mapped_device}"
lvcreate -L "${swap_size}" "${vlgrp}" -n swap
lvcreate -L "${root_size}" "${vlgrp}" -n root
lvcreate -l '99%FREE' "${vlgrp}" -n home

mkfs.fat -F32 "${part_boot}"
mkfs.ext4 "${part_root}"
mkfs.ext4 "${part_home}"
mkswap "${part_swap}"

mount "${part_root}" /mnt
mount "${part_home}" /mnt/home --mkdir
mount "${part_boot}" /mnt/boot --mkdir
swapon "${part_swap}"

echo "Finished setting up luks, lvm and mounted all partitions"

read -p "Continue with installing packages into /mnt? [y/n]? " -n 1 -r
echo   # (optional) move to a new line
if [[ ! $REPLY =~ ^[Yy]$ ]]
then
  exit 1
fi

### Install and configure the basic system ###

echo "Installing packages into /mnt"
pacman -Sy
pacstrap /mnt mkessler-desktop

echo "Configuring mkessler-arch repo in installed system"
### Set up custom repo on installed system as well
cat >>/mnt/etc/pacman.conf <<EOF

[mkessler-arch]
Server = $REPO_URL
EOF

echo "Generating fstab file"
genfstab -U /mnt >> /mnt/etc/fstab

echo "Setting hostname"
echo "${hostname}" > /mnt/etc/hostname


# I have no idea why this is mounted at this point, but for arch-chroot to work
# we have to unmount this
# For now, this is just black magic making this work
umount /mnt/dev

echo "Adding user ${user} in new system"
arch-chroot /mnt useradd --create-home --user-group --shell /usr/bin/zsh --groups wheel,uucp,video,audio,storage,games,input,informant "$user"

arch-chroot /mnt chsh -s /usr/bin/zsh

echo "Activating wheel group"
sed -i 's/^\#\s%wheel\sALL=(ALL:ALL)\sNOPASSWD:\sALL$/%wheel ALL=(ALL:ALL) NOPASSWD: ALL/' /mnt/etc/sudoers

echo "${user}:${user_password}" | chpasswd --root /mnt
echo "root:${user_password}" | chpasswd --root /mnt


echo 'Configuring HOOKS in /etc/mkinitcpio.conf and regenerating initramfs'
sed -i 's/^HOOKS=(base .* fsck)$/HOOKS=(base udev autodetect keyboard keymap consolefont modconf block encrypt lvm2 filesystems resume fsck)/' /mnt/etc/mkinitcpio.conf
arch-chroot /mnt mkinitcpio -P


echo "Installing grub bootloader"
arch-chroot /mnt grub-install --target=x86_64-efi --efi-directory=/boot --bootloader-id=GRUB

# Getting UUIDs of relevant devices
grub_resume="resume=UUID=$(lsblk -dno UUID ${part_swap})"
grub_cryptdevice="cryptdevice=UUID=$(lsblk -dno UUID ${part_luks}):${cryptlvm}"
grub_root="root=UUID=$(lsblk -dno UUID ${part_root})"

# Set boot parameters in grub configfor device mapping and resume hook
sed -i "s/^GRUB_CMDLINE_LINUX=\"\"$/GRUB_CMDLINE_LINUX=\"${grub_cryptdevice} ${grub_root} ${grub_resume}\"/" /mnt/etc/default/grub

echo "Generating main GRUB configuration file"
arch-chroot /mnt grub-mkconfig -o /boot/grub/grub.cfg

cat <<EOF
---------------------
Installed basic packages and setup in /mnt
You should be able to reboot now and enjoy a fresh arch installation.
---------------------
EOF