#!/sbin/openrc-run
# Copyright 1999-2026 Gentoo Authors
# Distributed under the terms of the GNU General Public License v2

description="Set up userdata"

depend() {
	use modules
	before checkfs fsck
	after dev-settle
	provide root
}

# Get splash helpers if available.
if [ -e /sbin/splash-functions.sh ] ; then
	. /sbin/splash-functions.sh
fi

# Perform a factory reset if triggered on previous boot or by UKI profile
factory_reset() {
	EFIVAR="$(dd if=/sys/firmware/efi/efivars/GardenhouseFactoryReset-2ea70e97-bfe7-4507-86e9-2cbd2ae70641 bs=1 skip=4 2>/dev/null || echo "empty")"
	MACHINE_ID="$(cat /user/etc/machine-id 2>/dev/null)"
	if [[ "${EFIVAR}" == "${MACHINE_ID}" ]]; then
		echo
	elif grep -qw "garden.factoryreset" /proc/cmdline; then
		echo
	else
		return 0
	fi

	echo "!!! Factory Reset Triggered. Press any key to cancel (waiting 5 Seconds). !!!"
	if read -t 5 -n 1 key; then
	    echo
	    echo "Factory Reset cancelled by user."
	    return 0
	fi

	REALDISK="$(realpath ${1})"
	FSTYPE="$(lsblk -no FSTYPE ${REALDISK})"

	umount /user
	wipefs -a ${REALDISK}
	mkfs -t "${FSTYPE}" -L "USERDATA" ${REALDISK}

	efivar-set -e GardenhouseFactoryReset "invalid" # machine-id should've changed, let's unset just to be sure though
	echo "!!! Factory Reset Completed. Rebooting in 3 seconds. !!!"
	sleep 3

	reboot -f
}

# Setup mappings for an individual target/swap
# Note: This relies on variables localized in the main body below.
crypt_userdata() {
	local dev ret mode foo source_dev

	if [ -z "${source}" ] || [ ! -e "${source}" ] ; then
		ewarn "USERDATA missing. Unable to boot."
		return 1
	fi


	mount -t tmpfs tmpfs /tmp
	clevis luks unlock -d /dev/disk/by-label/USERDATA -n userdata || cryptsetup open /dev/disk/by-label/USERDATA userdata
	umount /tmp
	return
}

# Lookup optional bootparams
get_bootparam_val() {
	# We're given something like:
	#    foo=bar=cow
	# Return the "bar=cow" part.
	case $1 in
	*=*)
		echo "${1#*=}"
		;;
	esac
}

start() {
	# Set up default values.
	: ${dmcrypt_key_timeout:=1}
	: ${dmcrypt_max_timeout:=300}
	: ${dmcrypt_retries:=5}
	: ${wait:=5}

	local x
	for x in $(cat /proc/cmdline) ; do
		case "${x}" in
		key_timeout=*)
			dmcrypt_key_timeout=$(get_bootparam_val "${x}")
			;;
		esac
	done

	i=0
	while [ ${i} -lt ${wait} ]; do
		if source_dev="$(blkid -l -t LABEL=USERDATA -o device)"; then
			source="${source_dev}"
			break
		fi
		: $((i += 1))
		einfo "waiting for USERDATA to appear..."
		sleep 1
	done


	if cryptsetup isLuks /dev/disk/by-label/USERDATA; then
	   crypt_userdata
	   dmsetup mknodes
	   mount /dev/mapper/userdata /user
	   USERPART="/dev/mapper/userdata"
	else
	   mount -L USERDATA /user
	   USERPART="/dev/disk/by-label/USERDATA"
	fi

	factory_reset ${USERPART}

	mkdir -p /user/{var,home,etc,work,mnt}
	mount -t tmpfs tmpfs /media
	mount --bind /user/mnt /mnt
	mount --bind /user/var /var
	mount --bind /user/home /home
	mount -t overlay overlay -o lowerdir=/etc,upperdir=/user/etc,workdir=/user/work /etc
}

stop() {
      umount /etc
      umount /var
      umount /home
      umount /mnt
      umount /media
      umount /user
      return 0
}