#!/usr/bin/env bash
# vim:et:ts=2:sts=2:sw=2

# Get absolute repository root (especially when symlinked)
ROOT="$(realpath "$(dirname "$(dirname "$(readlink -f "${BASH_SOURCE[0]}")")")")"

# Load accompanying bash library
source "$ROOT/lib/lib.bash"

BTRFS="${1:-"/var/btrfs"}" # Path to system BTRFS root

if [ -n "$HELP" ] || [ "$1" = "-h" ] || [ "$1" = "--help" ]; then
  say "
  USAGE:
    $(g "${BASH_SOURCE##*/}")  [$(c btrfs-path)]  [$(c version)]

  DESCRIPTION:
    $(g "${BASH_SOURCE##*/}") scrubs a TechLit system
    hosted in BTRFS volume at $(c btrfs-path) (default: $(c /var/btrfs))

  NOTE:
    This is run automatically before $(c tl-img-save)
  "
  exit 1
fi

# Exit now unless run as root
assert-is-root

say "$(c @root) and $(c @guest) sizes before anonymization:"
run du -sh "$BTRFS/@root"
run du -sh "$BTRFS/@guest"

say "Removing network state"
{
  run rm -rf "$BTRFS/@root/etc/NetworkManager/system-connections/"*
  run rm -f "$BTRFS/@root/var/lib/NetworkManager/"*.lease
  run rm -rf "$BTRFS/@root/var/lib/iwd/"* || :
}

#say "Removing SSH identities"; {
#run mv "$BTRFS/@root/home/admin/"{".ssh/config",".ssh-config"}
#run rm -f "$BTRFS/@root/home/admin/.ssh/"*
#run mv "$BTRFS/@root/home/admin/"{".ssh-config",".ssh/config"}

#run rm -f "$BTRFS/@root/etc/ssh/"*_key*
#}

say "Cleaning pacman state"
{
  PREFIX="$BTRFS/@root"
  run rm -rf "$PREFIX"/var/cache/pacman/pkg/download-*
  run root-chroot "yes | pacman -Scc"
}

say "Removing admin state"
{
  run rm -rf "$BTRFS/@root/home/admin/.yay"
  run rm -rf "$BTRFS/@root/home/admin/.npm"
  run rm -rf "$BTRFS/@root/home/admin/.cache"
  rm rm -rf "$BTRFS/@root/home/admin/.ssh/known_hosts"
  run rm -rf "$BTRFS/@root/home/admin/.local/state/nvim/shada/main.shada" || :
  run rm -rf "$BTRFS/@root/home/admin/go" || :
  run rm -rf "$BTRFS/@root/home/admin/.config/go" || :
  run rm -rf "$BTRFS/@root/home/admin/.config/pulse" || :

  run mkdir -p "$BTRFS/@root/home/admin/.config/pulse"
  run write "$BTRFS/@root/home/admin/.config/pulse/client.conf" "autospawn = no"
  run chown 1000:1000 -R "$BTRFS/@root/home/admin/.config/pulse"
}

say "Purging locales"
{
  run root-chroot localepurge-config
  run root-chroot localepurge
}

say "Truncating logfiles"
{
  run find "$BTRFS/@root/var/log/" -type f -exec truncate -s0 {} \;
}

say "Setting hostname"
run root-write "$BTRFS/@root/etc/hostname" "client"
run root-write "$BTRFS/@root/etc/upstream" "server"
run root-write "$BTRFS/@root/etc/hosts" "
127.0.0.1 localhost
::1 localhost
192.168.1.1 server
192.168.1.1 server.local
"

say "Configuring client services"
{
  svcs_to_enable=(
    dbus udevd
    desktop preload NetworkManager
    sshd lighttpd nftables
    agetty-tty2
    ctld tl-cmd
  )
  svcs_to_disable=(tl-tunnel ngircd dhcpd4 iwd)

  say "Enabling services"
  for svc in "${svcs_to_enable[@]}"; do
    if [[ -d "/etc/runit/sv/$svc" ]]; then
      run ln -sf "/etc/runit/sv/$svc" "$BTRFS/@root/etc/runit/runsvdir/default"
    else
      say "$(r WARNING) $(c "/etc/runit/sv/$svc") missing?!"
    fi
  done

  say "Disabling services"
  for svc in "${svcs_to_disable[@]}"; do
    run rm -f "$BTRFS/@root/etc/runit/runsvdir/default/$svc"
  done
}

say "Anonymizing guest programs"
{
  run sed -i -e "s/^I=.*/I=guest/" "$BTRFS/@guest/.config/hexchat/servlist.conf"
  run sed -i -e "s/^irc_user_name = .*/irc_user_name = guest/" "$BTRFS/@guest/.config/hexchat/hexchat.conf"
  run sed -i -e "s/^irc_nick1 = .*/irc_nick1 = guest/" "$BTRFS/@guest/.config/hexchat/hexchat.conf"
  run sed -i -e "s/^irc_nick2 = .*/irc_nick2 = guest-original/" "$BTRFS/@guest/.config/hexchat/hexchat.conf"
  run sed -i -e "s/^irc_nick3 = .*/irc_nick3 = guest-impostor/" "$BTRFS/@guest/.config/hexchat/hexchat.conf"
  run rm -f "$BTRFS/@guest/.config/hexchat/log/"*

  # STK
  run sed -i -e 's/player name=".*" guest=/player name="guest" guest=/' "$BTRFS/@guest/.config/supertuxkart/config-0.10/players.xml"
  run sed -i -e 's/current player=".*"/current player="guest"/' "$BTRFS/@guest/.config/supertuxkart/config-0.10/players.xml"

  # XMoto
  #   WARN: I think this destroys the state
  # run sed -i -e 's;^.*DefaultProfile.*$;<var name="DefaultProfile" value="guest"/>;' "$BTRFS/@guest/.config/xmoto/config.dat"

  # MineTest
  run sed -i -e "s/^name = .*/name = guest/" "$BTRFS/@guest/.minetest/minetest.conf"
}

say "Cleaning up guest states"
{
  run rm -rf "$BTRFS/@guest/.config/cinnamon-session/saved-session"/* || :
  run rm -rf "$BTRFS/@guest/.dbus/session-bus" || :
  run rm -f "$BTRFS/@guest/.local/share/applications/blender3_3d_suite" || :

  run cp "$ROOT/roles/guest/lockscreen.py" "$BTRFS/@guest/.lockscreen.py"
  run chown 2000:2000 "$BTRFS/@guest/.lockscreen.py"
}

say "Restore admin state"
{
  run cp -r "$ROOT/roles/desktop/admin/bashrc" "$BTRFS/@root/home/admin/.bashrc"
  run cp -r "$ROOT/roles/global/bash_profile" "$BTRFS/@root/home/admin/.bash_profile"
  run chown 1000:1000 "$BTRFS"/@root/home/admin/.{bashrc,bash_profile}
}

say "Anonymizing drivers selection"
{
  # Network
  say "Restoring networking defaults"
  conf="$BTRFS/@root/lib/modprobe.d/broadcom-wl-dkms.conf.bak" b43_conf="$BTRFS/@root/etc/modprobe.d/b43.conf"
  nvidia_conf="$BTRFS/@root/lib/modprobe.d/nvidia-470xx-utils.conf"
  run [ -f "$conf" ] && run mv "$conf" "${conf%.bak}"
  run [ -f "$b43_conf" ] && run rm "$b43_conf"
  run [ -f "$nvidia_conf" ] && run rm "$nvidia_conf"

  say "Restore blacklist.conf and autoload to default"
  run root-write "$BTRFS/@root/etc/modules-load.d/autoload.conf" "# i915"
  run rm "$BTRFS/@root/etc/modprobe.d/blacklist-wl.conf" || :

  run tl-alt-pacman -Rcs iwd || :
  run cp "$ROOT"/roles/desktop/net/NetworkManager.conf "$BTRFS/@root/etc/NetworkManager/"

  # Graphics
  run tl-alt-pacman -Rs nvidia-470xx-dkms || :
  run root-write "$BTRFS/@root/etc/modprobe.d/blacklist.conf" "# blacklist wacom
# blacklist radeon
# blacklist admgpu"

  say "Restoring Drivers selection to defaults"
  run tl-alt-pacman -U "/usr/local/src/mesa-current.pkg.tar.zst"
  run tl-alt-pacman -Rcs xf86-video-intel || :
  run tl-alt-pacman -Rcs nvidia-470xx-dkms || :
  run write "$BTRFS/@root/etc/modprobe.d/i915.conf" "# options i915 enable_psr=1"

  say "Removing games"
  run tl-alt-pacman -Rns supertuxkart xmoto extremetuxracer || :

  run sudo cp "$ROOT/roles/t2/mkinitcpio.conf" "$BTRFS/@root/etc/mkinitcpio.conf"
  run sudo cp "$ROOT/roles/t2/linux-t2.preset" "$BTRFS/@root/etc/mkinitcpio.d"

  say "Removing blender36"
  run tl-alt-pacman -Rs blender-3.6-bin || :
  run rm "$BTRFS/@guest/.local/share/applications/blender3_3d_suite.desktop " || :
}

say "$(c @root) and $(c @guest) sizes after anonymization:"
run du -sh "$BTRFS/@root"
run du -sh "$BTRFS/@guest"

say "Done."
