#!/bin/sh

# container-tools - Manage systemd-nspawn containers
# Copyright (C) 2014-2017 Daniel Baumann <daniel.baumann@open-infrastructure.net>
#
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program.  If not, see <http://www.gnu.org/licenses/>.

set -e

SCRIPT="${0}"

HOOKS="/etc/container-tools/hooks"
MACHINES="/var/lib/machines"

Parameters ()
{
	GETOPT_LONGOPTIONS="bind:,bind-ro:,script:,name:,architecture:,distribution:,mirror:,password:"
	GETOPT_OPTIONS="b:,s:,n:,a:,d:,m:,p:"

	PARAMETERS="$(getopt --longoptions ${GETOPT_LONGOPTIONS} --name=${SCRIPT} --options ${GETOPT_OPTIONS} --shell sh -- ${@})"

	if [ "${?}" != "0" ]
	then
		echo "'${SCRIPT}': getopt exit" >&2
		exit 1
	fi

	eval set -- "${PARAMETERS}"

	while true
	do
		case "${1}" in
			-b|--bind)
				# ignore
				shift 2
				;;

			--bind-ro)
				# ignore
				shift 2
				;;

			--cnt.container-server)
				# ignore
				shift 2
				;;

			-s|--script)
				# ignore
				shift 2
				;;

			-n|--name)
				NAME="${2}"
				shift 2
				;;

			-a|--architecture)
				ARCHITECTURE="${2}"
				shift 2
				;;

			-d|--distribution)
				DISTRIBUTION="${2}"
				shift 2
				;;

			-m|--mirror)
				MIRROR="${2}"
				shift 2
				;;

			-p|--password)
				PASSWORD="${2}"
				shift 2
				;;

			--)
				shift 1
				break
				;;

			*)
				echo "'${SCRIPT}': getopt error" >&2
				exit 1
				;;
		esac
	done
}

Usage ()
{
	echo "Usage: container create -n|--name NAME -s|--script ${SCRIPT} -- [-a|--architecture ARCHITECTURE] [-d|--distribution DISTRIBUTION] [-m|--mirror MIRROR] [-p|--password PASSWORD}" >&2
	exit 1
}

Parameters "${@}"

if [ -z "${NAME}" ]
then
	Usage
fi

if [ -e "${MACHINES}/${NAME}" ]
then
	echo "'${NAME}': container already exists" >&2
	exit 1
fi

if [ ! -x /usr/sbin/debootstrap ]
then
	echo "'${NAME}': /usr/sbin/debootstrap - no such file." >&2
	exit 1
fi

if [ "$(id -u)" -ne 0 ]
then
	echo "'${NAME}': need root privileges" >&2
	exit 1
fi

ARCHITECTURE="${ARCHITECTURE:-$(dpkg --print-architecture)}"
DISTRIBUTION="${DISTRIBUTION:-stretch}"
MIRROR="${MIRROR:-https://deb.debian.org/debian}"
PASSWORD="${PASSWORD:-$(dd if=/dev/urandom bs=12 count=1 2> /dev/null | base64)}"

INCLUDE="dbus"

case "${MIRROR}" in
	https*)
		INCLUDE="${INCLUDE},apt-transport-https,ca-certificates"
		;;
esac

# Pre hooks
for FILE in "${HOOKS}/pre-${SCRIPT}".* "${HOOKS}/${NAME}.pre-${SCRIPT}"
do
	if [ -x "${FILE}" ]
	then
		"${FILE}"
	fi
done

mkdir -p "${MACHINES}"

debootstrap --arch=${ARCHITECTURE} --include=${INCLUDE} ${DISTRIBUTION} ${MACHINES}/${NAME} ${MIRROR}
chroot "${MACHINES}/${NAME}" apt-get clean

# Setting hostname
echo "${NAME}" > "${MACHINES}/${NAME}/etc/hostname"

# Setting root password
echo root:${PASSWORD} | chroot "${MACHINES}/${NAME}" chpasswd
echo "${NAME}: root password set to '${PASSWORD}'."

# Post hooks
for FILE in "${HOOKS}/post-${SCRIPT}".* "${HOOKS}/${NAME}.post-${SCRIPT}"
do
	if [ -x "${FILE}" ]
	then
		"${FILE}"
	fi
done