#!/bin/sh
# vim: set sw=4 ts=4 sts=4 et :

set -e

. "${CONFIGDIR:=${PWD}}"/config

O="${1}"

mkdir -p /mnt/gentoo/etc/portage
ln -snf \
    /var/db/repos/gentoo/profiles/${profile} \
    /mnt/gentoo/etc/portage/make.profile

USE=build \
emerge \
    --root=/mnt/gentoo \
    --config-root="${O}"/portage \
    -kvnjU \
    sys-apps/baselayout

cat \
    install.packages \
    "${CONFIGDIR}"/install.packages \
    | xargs -rt \
${target}-emerge \
    --root=/mnt/gentoo \
    --config-root="${O}"/portage \
    -KvnuUDj \
    --rebuilt-binaries=y

if [ -f "${CONFIGDIR}"/installonly.packages ]; then
    < "${CONFIGDIR}"/installonly.packages xargs -rt \
    ${target}-emerge \
        --root=/mnt/gentoo \
        --config-root="${O}"/portage \
        -vnuUDj
fi

ROOT=/mnt/gentoo \
locale-gen

mkdir -p \
    /mnt/gentoo/boot/efi \
    /mnt/gentoo/dev \
    /mnt/gentoo/home \
    /mnt/gentoo/proc \
    /mnt/gentoo/sys \
    || exit

: > /mnt/gentoo/etc/machine-id

cat \
    "${CONFIGDIR}"/busybox.symlinks \
    busybox.symlinks \
| while read name; do
    if [ ! -h /mnt/gentoo/bin/"${name}" ]; then
        printf "'/bin/%s' -> 'busybox'\n" "${name}"
        ln -snf busybox /mnt/gentoo/bin/"${name}" \
            || printf 'Failed to create busybox symlink for %s\n' "${name}"
    fi
done

rsync -rltpDO overlay/ /mnt/gentoo/
if [ -d "${CONFIGDIR}"/overlay ]; then
    rsync -rltpDO "${CONFIGDIR}"/overlay/ /mnt/gentoo/
fi

cp -uv /usr/${target}/usr/bin/grub-editenv /mnt/gentoo/usr/bin/

if [ -d /mnt/gentoo/usr/${target} ]; then
    rsync -aO /mnt/gentoo/usr/${target}/ /mnt/gentoo/
fi

if [ -f /mnt/gentoo/etc/udev/hwdb.bin ]; then
    mv /mnt/gentoo/etc/udev/hwdb.bin /mnt/gentoo/usr/lib/udev/
fi

ldconfig -r /mnt/gentoo

rm -f /mnt/gentoo/lib/tmpfiles.d/provision.conf
systemd-tmpfiles --root=/mnt/gentoo -E --exclude-prefix=/var --create

systemctl preset-all --root=/mnt/gentoo
rm -f /mnt/gentoo/lib/systemd/system/sysinit.target.wants/ldconfig.service

systemd-sysusers --root=/mnt/gentoo
if grep -q '^root:.*/bin/bash$' /mnt/gentoo/etc/passwd; then
    sed -ri 's@(root:.*):/bin/bash@\1:/bin/sh@' /mnt/gentoo/etc/passwd
fi

if ! grep -q Include /mnt/gentoo/etc/ssh/sshd_config; then
    echo 'Include /etc/ssh/sshd_config.d/*.conf' \
        >> /mnt/gentoo/etc/ssh/sshd_config
fi

case ${profile} in *selinux*)
# Although `semanage` accepts a `--store` argument that supposedly
# instructs it to operate on an alternate SELinux policy store, it
# doesn't actually work.  As such, we have to run `semanage` in an
# alternate mount namespace with the target policy store bind-mounted
# at the default location so `semanage` can operate on it.
unshare -m sh -e <<EOF
mount -o bind /mnt/gentoo/var/lib/selinux /var/lib/selinux
mount -o bind /mnt/gentoo/etc/selinux /etc/selinux
semanage import -N -f "${O}"/semanage.mods
EOF

setfiles \
    -p \
    -F \
    -m \
    -r /mnt/gentoo \
    -c /mnt/gentoo/etc/selinux/mcs/policy/policy.* \
    -e /mnt/gentoo/var/db/pkg \
    -e /mnt/gentoo/etc/portage \
    /mnt/gentoo/etc/selinux/mcs/contexts/files/file_contexts \
    /mnt/gentoo
;;
esac

touch /mnt/gentoo/usr