arkdep/arkanium-deploy

#!/usr/bin/env bash

#    This program is free software: you can redistribute it and/or modify
#    it under the terms of the GNU General Public License as published by
#    the Free Software Foundation, either version 3 of the License, or
#    (at your option) any later version.

# Print manual if no parameters provided or invalid amount of parameters is provided
if [[ ! -n $1 || -n $2 ]]; then
	cat <<- END
	Usage: arkanium-deploy <action> [target]
	Actions:
	  update		Check for updates, optionally provide a target, if no target provided it defaults to primary
	  deploy		Deploy a new or update an existing deployment
	  init			Initialize Arkanium on a new system
	  teardown		Remove all Arkanium-deploy related files and folders
	  get-available		List available packages in repo
	END
	exit 0
fi

## Set common variables
#
declare -r arkanium_dir='/arkanium/'
declare -r arkanium_deployment_dir="$arkanium_dir/deployments"

## Common functions
#
# Cleanup and quit if error
cleanup_and_quit () {

	# If any paramters are passed we will assume it to be an error
	[[ -n $1 ]] && printf "\e[1;31m<#>\e[0m $*\e[0m\n" >&2

	# Remove temporary btrfs volumes
	# ONLY IF CUSTOM DEFINED?
	#[[ ! -n $arkanium_NO_CLEANUP || ! -n $subvol_created ]] &&
	#	btrfs subvolume delete $workdir 2> /dev/null

	# Quit program if argument provided to function
	[[ -n $1 ]] && exit 1

	# Otherwise just quit, there is no error
	exit 0

}

## Error checking
#
# Quit if not root
[[ ! $EUID -eq 0 ]] &&
	printf '\e[1;31m<#>\e[0m\e[1m This program has to be run as root\n\e[0m' &&
	exit 1

# Check if all dependencies are installed, quit if not
for prog in btrfs wget; do
	if ! command -v $prog > /dev/null; then
		printf "\e[1;31m<#>\e[0m\e[1m Failed to locate $prog, ensure it is installed\e[0m\n"
		exit 1
	fi
done

## Core functions
#
# Initialize the system for arkanium
init () {

	# Ensure systemd-boot is installed before continuing, for it is the only thing we support
	bootctl is-installed || cleanup_and_quit 'systemd-boot seems to not be installed'

	printf '\e[1;34m-->\e[0m\e[1m Initializing arkanium\e[0m\n'

	[[ -d $arkanium_dir ]] && cleanup_and_quit "$arkanium_dir already exists"

	# Create the /arkanium subvolume
	printf "\e[1;34m-->\e[0m\e[1m Creating $(readlink -m $arkanium_dir) subvolume\e[0m\n"
	btrfs subvolume create $arkanium_dir || cleanup_and_quit "Failed to create btrfs subvolume"

	# Create directory structure
	printf "\e[1;34m-->\e[0m\e[1m Creating directory structure\e[0m\n"
	mkdir -pv $(readlink -m $arkanium_dir/deployments) \
		$(readlink -m $arkanium_dir/deployments) \
		$(readlink -m $arkanium_dir/cache) \
		$(readlink -m $arkanium_dir/templates) \
		$(readlink -m $arkanium_dir/overlay) \
		$(readlink -m $arkanium_dir/shared) ||
		cleanup_and_quit "Failed to create /arkanium and related directories"

	# Add home shared subvolume and make writable
	btrfs subvolume create $(readlink -m $arkanium_dir/shared/home) || cleanup_and_quit "Failed to create home subvolume"
	btrfs property set -f -ts $(readlink -m  $arkanium_dir/shared/home) ro false

	# Write default config file
	printf "\e[1;34m-->\e[0m\e[1m Adding default config file\e[0m\n"
	cat <<- END > $arkanium_dir/config
	# Primary filesystem operating system
	primary_os='${repo_default_image}'

	# Write /arkanium/overlay overlay to root or etc
	enable_overlay=0

	# Do not install additional packages defined customize
	custom_packages=0

	# URL to image repository, do not add trailing slash
	repo_url='https://repo.arkanelinux.org/arkanium'

	# Default image pulled from repo if nothing defined
	repo_default_image='arkanelinux'
	END

	# Add default bootloader config file
	cat <<- END > $arkanium_dir/templates/systemd-boot
	title Arkane GNU/Linux - Primary A
	linux /vmlinuz-linux
	initrd /amd-ucode.img
	initrd /intel-ucode.img
	initrd /initramfs-linux.img
	options root="LABEL=arkane_root" rootflags=subvol=$arkanium_dir/${data} rw
	END

	exit 0

}

teardown () {

	cat <<- END
	WARNING: Removing arkanium may leave your system in an unbootable state and you
	may have to manually reconfigure your bootloader etc.. Only proceed if you know
	what you are doing!

	The following changes will be made to your system;
	- All subvolumes under $arkanium_dir will be deleted

	END

	read -p 'Type "I KNOW WHAT I AM GOING" in uppercase to confirm that you know what you are doing: ' input_confirm


	if [[ $input_confirm == 'I KNOW WHAT I AM DOING' ]]; then

		printf '\e[1;34m-->\e[0m\e[1m Tearing down arkanium\e[0m\n'

		# Quit with error if $arkanium_dir does not exist
		if [[ ! -d $arkanium_dir ]]; then
			printf "\e[1;31m<#>\e[0m $(readlink -m $arkanium_dir) does not exist, there is nothing to tear down"
			exit 1
		fi

		# Remove all nested subvolumes in $arkanium_dir
		for volume in $(btrfs subvolume list $arkanium_dir | grep -oE '[^ ]+$'); do
			btrfs property set -f -ts $(readlink -m $arkanium_dir/$volume) ro false
			btrfs subvolume delete $(readlink -m $arkanium_dir/$volume)
		done

		# Remove $arkanium_dir itself
		btrfs property set -f -ts $(readlink -m $arkanium_dir) ro false
		btrfs subvolume delete $(readlink -m $arkanium_dir)

	else
		printf '\e[1;34m-->\e[0m\e[1m Teardown canceled, no changes made to system\e[0m\n'
	fi

	exit 0

}

# List all available packages defined in the repo's list file
get_available () {

	printf "\e[1;34m-->\e[0m\e[1m Downloading list file from $repo_url\e[0m\n"
	curl -sf "${repo_url}/list" || cleanup_and_quit 'Failed to download repo file'

}

# Deploy a new or update an existing deployment
deploy () {

	# Load defaults from config file
	source $arkanium_dir/config

	# target and version are optional, if not defined default to primary latest
	[[ -n $2 ]] && declare -r deploy_target=$2 || declare -r deploy_target="$primary_os"
	[[ -n $3 ]] && declare -r deploy_version=$3 || declare -r deploy_version='latest'

	printf "\e[1;34m-->\e[0m\e[1m Deploying $deploy_target $deploy_version\e[0m\n"

	# If latest is requested grab latest file
	[[ $deploy_version == 'latest' ]] &&
		declare latest_data=$(curl -sf "${repo_url}/${deploy_target}/${deploy_version}") &&
		# Split latest_version at the delimiter, creating an array with data.1=package ver, data.2=compression method, data.3=sha1 hash
		readarray -d : -t data <<< "$latest_data"
		# A carriage feed is inserted for some reason, lets remove it
		data[2]=${data[2]//[$'\t\r\n']}

	# Check if requested version is already downloaded
	if [[ -e $(readlink -m $arkanium_dir/cache/${data[0]}.tar.${data[1]}) ]]; then

		printf "\e[1;34m-->\e[0m\e[1m ${data[0]} already in cache, skipping download\e[0m\n"

	else

		# Download the tarball
		wget -P $(readlink -m $arkanium_dir/cache/) "$repo_url/$repo_default_image/${data[0]}.tar.${data[1]}" ||
			(printf "\e[1;31m<#>\e[0m Failed to download tarball\e[0m\n"; exit 1)

	fi

	printf "\e[1;34m-->\e[0m\e[1m Validating integrity\e[0m\n"
	sha1sum "$(readlink -m $arkanium_dir/cache/${data[0]}.tar.${data[1]})" |
		grep "${data[3]}" ||
		cleanup_and_quit "Checksum does not match repo file, got $chksum\e[0m\n"

	# TODO: Just for loop this?
	# TODO: Add a bunch of control flow to check if stuff already exists and if a or b needs to be targeted
	#
	# Extract the root image if not yet extracted
	printf "\e[1;34m-->\e[0m\e[1m Writing root\e[0m\n"
	[[ ! -e $(readlink -m $arkanium_dir/cache/${data[0]}.img) ]] &&
	tar -xf $(readlink -m $arkanium_dir/cache/${data[0]}.tar.${data[1]}) -C $(readlink -m $arkanium_dir/cache/) "${data[0]}.img" ||
		cleanup_and_quit 'Failed to extract root'

	# Write the root image
	btrfs receive -f $(readlink -m $arkanium_dir/cache/${data[0]}.img) $(readlink -m $arkanium_dir/deployments/primary_a/) ||
		cleanup_and_quit 'Failed to receive root'

	# Cleanup root image
	rm $(readlink -m $arkanium_dir/cache/${data[0]}.img)

	# Ensure /var exists for mounting
	mkdir $(readlink -m $arkanium_dir/)

	# Extract the etc image if not yet extracted
	printf "\e[1;34m-->\e[0m\e[1m Writing etc\e[0m\n"
	[[ ! -e $(readlink -m $arkanium_dir/cache/${data[0]}-etc.img) ]] &&
	tar -xf $(readlink -m $arkanium_dir/cache/${data[0]}.tar.${data[1]}) -C $(readlink -m $arkanium_dir/cache/) "${data[0]}-etc.img" ||
		cleanup_and_quit 'failed to extract etc'

	# Write the etc image, we have to unlock rootfs temporarily to do this
	btrfs property set -f -ts $(readlink -m $arkanium_dir/deployments/primary_a/rootfs) ro false ||
		cleanup_and_quit 'Failed to unlock root to write etc'
	btrfs receive -f $(readlink -m $arkanium_dir/cache/${data[0]}-etc.img) $(readlink -m $arkanium_dir/deployments/primary_a/rootfs/) ||
		cleanup_and_quit 'Failed to receive etc'
	btrfs property set -f -ts $(readlink -m $arkanium_dir/deployments/primary_a/rootfs) ro true ||
		cleanup_and_quit 'Failed to lock root'

	# Cleanup etc image
	rm $(readlink -m $arkanium_dir/cache/${data[0]}-etc.img)

	# Overlay customizations to etc
	# TODO: overlay here if enabled in config file

	# Extract the var image if not yet extracted
	printf "\e[1;34m-->\e[0m\e[1m Writing var\e[0m\n"
	[[ ! -e $(readlink -m $arkanium_dir/cache/${data[0]}-var.img) ]] &&
	tar -xf $(readlink -m $arkanium_dir/cache/${data[0]}.tar.${data[1]}) -C $(readlink -m $arkanium_dir/cache/) "${data[0]}-var.img" ||
		cleanup_and_quit 'failed to extract etc'

	# Write the var image
	btrfs receive -f $(readlink -m $arkanium_dir/cache/${data[0]}-var.img) $(readlink -m $arkanium_dir/shared/) ||
		cleanup_and_quit 'Failed to receive var'

	# Make var writable
	btrfs property set -f -ts $(readlink -m $arkanium_dir/shared/var) ro false ||
		cleanup_and_quit 'Failed to unlock var'

}

# If $1 is init run init
[[ $1 == 'init' ]] && init
[[ $1 == 'teardown' ]] && teardown
[[ $1 == 'update' ]] && check_for_updates
[[ $1 == 'get-available' ]] && get_available
[[ $1 == 'deploy' ]] && deploy