#!/bin/bash

# Copyright (C) 2012 by Debian Edu project, http://wiki.debian.org/DebianEdu
#       Mike Gabriel <mike.gabriel@das-netzwerkteam.de>

# Internet Kiosk is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2 of the License, or
# (at your option) any later version.
#
# Internet Kiosk is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the
# Free Software Foundation, Inc.,
# 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA.

set -e

if echo $0 | egrep "^./bin/.*$" >/dev/null; then
    ETCDIR="etc/"
    SHAREDIR="share/"
elif echo $0 | egrep "^./ik_.*$" >/dev/null; then
    ETCDIR="../etc"
    SHAREDIR="../share/"
else
    ETCDIR=/etc/internet-kiosk
    SHAREDIR="/usr/share/internet-kiosk/"
fi

source $ETCDIR/ik_settings

IK_BASE="${IK_BASE:-/opt/internet-kiosk}"
IK_CHROOT="${IK_CHROOT:-$IK_BASE/chroot}"
IK_CONFIG="${IK_CONFIG:-$IK_BASE/etc}"
IK_PRETTY_NAME="${IK_PRETTY_NAME:-Internet Kiosk}"
IK_DISTRO_CODENAME="${IK_DISTRO_CODENAME:-wheezy}"
IK_DEBMIRROR_URL="${IK_DEBMIRROR_URL:-'http://ftp.debian.org/debian'}"
IK_EXTRA_DEBURL="${IK_EXTRA_DEBURL:-'deb http://packages.it-zukunft-schule.de $IK_DISTRO_CODENAME main'}"
IK_MODULE_BLACKLIST="${IK_MODULE_BLACKLIST:-'pcspkr'}"

test -e "$IK_CHROOT" && { 
    echo "ERROR: Internet Kiosk Terminal chroot already exists at $IK_CHROOT."
    echo "Clear $IK_BASE/ and then run $(basename $0) again..."
    exit -1
}

[ "x$USER" == "xroot" ] || { 
    echo "ERROR: Internet Kiosk Diskless Terminal management scripts have to run"
    echo "as super-user root."
    exit -2
}

echo "Hit <RETURN> to continue with the Internet Kiosk Terminal's chroot creation"
echo "using the above parameters..."
echo
echo "Alternatively, hit STRG-C to cancel the operation now!!!"
read

export LANG=C

mkdir -p $IK_CONFIG
test -f $IK_CONFIG/ik_init || cp $SHAREDIR/ik_init $IK_CONFIG
test -f $IK_CONFIG/ik_start || cp $SHAREDIR/ik_start $IK_CONFIG

apt-get install debootstrap
mkdir -p $IK_CHROOT

# use a proxy server for APT (if any is configured)
export http_proxy="$IK_HTTP_PROXY"
export https_proxy="$IK_HTTPS_PROXY"
export ftp_proxy="$IK_FTP_PROXY"

debootstrap --arch i386 $IK_DISTRO_CODENAME $IK_CHROOT/ $IK_DEBMIRROR_URL
cp /etc/resolv.conf $IK_CHROOT/etc/resolv.conf
if [ "$IK_DISTRO_CODENAME" = "squeeze" ]; then
	echo "auto lo" >>   $IK_CHROOT/etc/network/interfaces
	echo "iface lo inet loopback" >>   $IK_CHROOT/etc/network/interfaces
fi
echo "localhost" > $IK_CHROOT/etc/hostname
echo "127.0.0.1 localhost" >> $IK_CHROOT/etc/hosts
cat > $IK_CHROOT/etc/fstab <<EOF
proc	/proc			proc	defaults,noauto		0	0
none	/dev/pts		devpts	gid=5,mode=620,noauto	0	0
none	/tmp			tmpfs	size=50M,mode=1777	0	0
none	/root			tmpfs	size=100M,mode=700	0	0
none	/etc/udev/rules.d	tmpfs	size=50M		0	0
none	/var/log		tmpfs	size=50M		0	0
none	/home			tmpfs	size=50M		0	0
none	/media			tmpfs	size=50M		0	0
none	/var/lib/nfs		tmpfs	size=50M		0	0
none	/var/lib/xkb		tmpfs	size=50M		0	0
none	/var/lib/dbus		tmpfs	size=50M		0	0
none	/var/lib/alsa		tmpfs	size=50M		0	0
EOF

# differences between Debian versions
if [ "$IK_DISTRO_CODENAME" = "squeeze" ]; then
  cat >> $IK_CHROOT/etc/fstab <<EOF
none	/var/run		tmpfs	size=50M		0	0
none	/var/lock		tmpfs	size=50M		0	0
EOF
elif [ "$IK_DISTRO_CODENAME" = "wheezy" ]; then
  cat >> $IK_CHROOT/etc/fstab <<EOF
none	/run			tmpfs	size=50M		0	0
EOF
fi

cat > $IK_CHROOT/ik_dte_install.sh <<EOF
#!/bin/bash

export LANG=C
export HOME=/root
export http_proxy=$IK_HTTP_PROXY
export https_proxy=$IK_HTTPS_PROXY
export ftp_proxy=$IK_FTP_PROXY

mkdir -p /tmp/user/0
mkdir -p /var/lib/xkb
mkdir -p /var/lib/nfs
mkdir -p /var/lib/dbus
mkdir -p /etc/network
ln -sf /dev/shm /etc/network/run 

# disable service restarts
test -e /sbin/start-stop-daemon.real || mv /sbin/start-stop-daemon /sbin/start-stop-daemon.real
echo '#!/bin/sh'                                                                       > /sbin/start-stop-daemon
echo '#'                                                                               >> /sbin/start-stop-daemon
echo '# Internet Kiosk Wrapper to avoid running daemons while performing maintenance.' >> /sbin/start-stop-daemon
echo '#'                                                                               >> /sbin/start-stop-daemon
echo                                                                                   >> /sbin/start-stop-daemon
echo 'if [ "\$IK_HANDLE_DAEMONS" != "false" ]; then                                    >> /sbin/start-stop-daemon
echo '        /sbin/start-stop-daemon.real "\$@"'                                      >> /sbin/start-stop-daemon
echo 'fi'                                                                              >> /sbin/start-stop-daemon
chmod +x /sbin/start-stop-daemon

export IK_HANDLE_DAEMONS=false

# tweak mtab diversion
[ \$? -eq 0 ] && rm -f /etc/mtab
[ \$? -eq 0 ] && ln -sf /proc/mounts /etc/mtab

[ \$? -eq 0 ] && test -n "$IK_EXTRA_DEBURL" && echo "$IK_EXTRA_DEBURL" > /etc/apt/sources.list.d/itzks.list
[ \$? -eq 0 ] && test -n "$IK_EXTRA_DEBURL" && apt-get update
[ \$? -eq 0 ] && test -n "$IK_EXTRA_DEBURL" && apt-get install itzks-keyring -y --force-yes
[ \$? -eq 0 ] && apt-get update
[ \$? -eq 0 ] && apt-get install $IK_SHELL -y
[ \$? -eq 0 ] && apt-get install syslinux locales -y
[ \$? -eq 0 ] && dpkg-reconfigure locales

[ \$? -eq 0 ] && apt-get install linux-image-486 -y
[ \$? -eq 0 ] && mv /vmlinuz /vmlinuz.486
[ \$? -eq 0 ] && mv /initrd.img /initrd.img.486

[ \$? -eq 0 ] && mv /vmlinuz /vmlinuz.486.tmp
[ \$? -eq 0 ] && LINK_TARGET=\$(readlink /vmlinuz.486.tmp | sed 's@/boot@boot@') && ln -s \$LINK_TARGET /vmlinuz.486 && rm -f /vmlinuz.486.tmp
[ \$? -eq 0 ] && mv /initrd.img /initrd.img.486.tmp
[ \$? -eq 0 ] && LINK_TARGET=\$(readlink /initrd.img.486.tmp | sed 's@/boot@boot@') && ln -s \$LINK_TARGET /initrd.img.486 && rm -f /initrd.img.486.tmp

[ \$? -eq 0 ] && apt-get install internet-kiosk -y

# blacklist kernel modules
[ \$? -eq 0 ] && echo && echo "# modules blacklisted on Internet Kiosk Diskless Terminals..." >> /etc/modprobe.d/blacklist.conf
[ \$? -eq 0 ] && for mod in $IK_MODULE_BLACKLIST; do echo "blacklist \$mod" >> /etc/modprobe.d/blacklist.conf; done

# Pulsaudio must come afterwards
[ \$? -eq 0 ] && apt-get install alsa-base pulseaudio -y
[ \$? -eq 0 ] && sed -e 's/BOOT=local/BOOT=nfs/' -i /etc/initramfs-tools/initramfs.conf
[ \$? -eq 0 ] && rm -f /etc/udev/rules.d/*-persistent-*.rules
[ \$? -eq 0 ] && useradd internet-kiosk
[ \$? -eq 0 ] && adduser internet-kiosk audio
[ \$? -eq 0 ] && adduser internet-kiosk pulse
[ \$? -eq 0 ] && adduser pulse audio
[ \$? -eq 0 ] && update-initramfs -u -v
[ \$? -eq 0 ] && passwd -l root

# tweak plymouth
[ \$? -eq 0 ] && test -e /etc/os-release && sed -e 's/PRETTY_NAME=.*/PRETTY_NAME=$IK_PRETTY_NAME/' -i /etc/os-release || echo "PRETTY_NAME=$IK_PRETTY_NAME" >> /etc/os-release
[ \$? -eq 0 ] && test -e /etc/modprobe.d/i915-kms.conf && sed -s 's/modeset=1/modeset=0/' -i /etc/modprobe.d/i915-kms.conf
[ \$? -eq 0 ] && test -e /etc/modprobe.d/radeon-kms.conf && sed -s 's/modeset=1/modeset=0/' -i /etc/modprobe.d/radeon-kms.conf

EOF

chmod u+x $IK_CHROOT/ik_dte_install.sh

mkdir -p $IK_CHROOT/{proc,dev/pts,sys}
mount -tproc proc $IK_CHROOT/proc || true
mount -tsysfs sys $IK_CHROOT/sys || true
mount -tdevpts devts $IK_CHROOT/dev/pts || true

chroot $IK_CHROOT /ik_dte_install.sh

for mountpoint in proc dev/pts sys; do
        while true; do
                cat /proc/mounts | grep $IK_CHROOT/$mountpoint >/dev/null && umount $IK_CHROOT/$mountpoint || break
        done
done

rm -f $IK_CHROOT/etc/udev/rules.d/*-persistent-*.rules

ik_update

echo "Internet Kiosk Diskless Terminal creation has finished successfully."
echo
