#!/usr/bin/env bash
#
# Basic provisioner example
#
# Copyright (C) 2020 Silvio Rhatto - rhatto at riseup.net
#
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published
# by the Free Software Foundation, either version 3 of the License,
# or any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program.  If not, see <http://www.gnu.org/licenses/>.
#

# Parameters
DIRNAME="`dirname $0`"
BASENAME="`basename $0`"
HOSTNAME="$1"
DOMAIN="$2"
MIRROR="$3"
APT_INSTALL="sudo LC_ALL=C DEBIAN_FRONTEND=noninteractive apt-get install -y"

# Upgrade
if which hydractl &> /dev/null; then
  hydractl upgrade
else
  sudo apt-get update && sudo apt-get upgrade -y && sudo apt-get autoremove -y && sudo apt-get clean || exit 1
fi

# Dependencies
echo "Installing basic dependencies..."
$APT_INSTALL zsh || exit 1
$APT_INSTALL cloud-guest-utils || exit 1

# Set user shell
if [ -x "/bin/zsh" ]; then
  sudo chsh -s /bin/zsh `whoami`
fi

# Provision LSD
$DIRNAME/lsd $HOSTNAME $DOMAIN $MIRROR

# Provision trashman system-wide
#$DIRNAME/trashman $HOSTNAME $DOMAIN $MIRROR

#
# System tuning
#

# Configure some system behavior using trashman
sudo apps/trashman/trashman install swapfile
sudo apps/trashman/trashman install grub-serial-console

# Security
sudo sysctl kernel.unprivileged_bpf_disabled=1
echo "kernel.unprivileged_bpf_disabled=1" | sudo tee /etc/sysctl.d/kernel.unprivileged_bpf_disabled.conf > /dev/null

# Configuring APT
sudo apt-get update
$APT_INSTALL apt-transport-https || exit 1
sudo sed -i -e "s|http://http.debian.net|https://deb.debian.org|g" /etc/apt/sources.list || exit 1
sudo sed -i -e "s|http://deb.debian.org|https://deb.debian.org|g"  /etc/apt/sources.list || exit 1
sudo sed -i -e "s|main$|main contrib non-free|g"                   /etc/apt/sources.list || exit 1

# GRUB timeout
if ! grep -q "GRUB_TIMEOUT=1" /etc/default/grub; then
  sudo sed -i -e 's|GRUB_TIMEOUT=5|GRUB_TIMEOUT=1|' /etc/default/grub
  sudo update-grub
fi

# Fstrim
# See https://pve.proxmox.com/wiki/Shrink_Qcow2_Disk_Files
# See also image_discards kvmxfile option
sudo systemctl enable fstrim.timer
sudo systemctl start  fstrim.timer
sudo fstrim -av
sudo sync