#!/bin/bash

PSW=1
TMP=$(mktemp -d $(readlink -e $0).XXX)
RPM=https://mirror.yandex.ru/almalinux/9/BaseOS/x86_64/os/

#
# OSTree building
#
source /etc/os-release
dnf --installroot $TMP \
    --assumeyes \
    --nodocs \
    --noplugins \
    --nogpgcheck \
    --setopt install_weak_deps=false \
    --releasever $VERSION_ID \
    --setopt=module_platform_id=$PLATFORM_ID \
    --setopt reposdir=/dev/null \
    --repofrompath $(basename $0),$RPM \
    install kernel-core microdnf NetworkManager e2fsprogs xfsprogs \
            openssh-server

ln -sfvT usr/lib/systemd/systemd $TMP/init

#
# OSTree tuning
#
rm -rfv \
    $TMP/boot \
    $TMP/dev/* \
    $TMP/etc/issue* \
    $TMP/etc/pki \
    $TMP/etc/services \
    $TMP/etc/ssh/sshd_config.d/* \
    $TMP/etc/systemd/system/* \
    $TMP/etc/systemd/user/* \
    $TMP/etc/yum.repos.d \
    $TMP/run/* \
    $TMP/usr/lib/dracut \
    $TMP/usr/lib/firmware \
    $TMP/usr/lib/kbd \
    $TMP/usr/lib/locale \
    $TMP/usr/lib64/gconv \
    $TMP/usr/share/bash-completion \
    $TMP/usr/share/cracklib \
    $TMP/usr/share/crypto-policies \
    $TMP/usr/share/gnupg \
    $TMP/usr/share/hwdata \
    $TMP/usr/share/licenses \
    $TMP/usr/share/locale \
    $TMP/usr/share/misc \
    $TMP/usr/share/pki \
    $TMP/usr/share/python* \
    $TMP/usr/share/zoneinfo \
    $TMP/var/cache/dnf \
    $TMP/var/lib/dnf \
    $TMP/var/lib/rpm \
    $TMP/var/log/*.log \
    $TMP/var/log/journal

echo "root:$PSW" | chpasswd --root $TMP
echo "PermitRootLogin yes" > $TMP/etc/ssh/sshd_config.d/99-PermitRootLogin.conf

cat > $TMP/root/.bash_profile << EOF
IP=\$(nmcli --mode multiline --fields DHCP4 device show | grep -w "next_server" | awk '{print \$4}')
while ! curl --output /setup --fail http://\$IP/$(basename $0):setup; do sleep 5; done
source /setup
EOF

mkdir -pv $TMP/etc/systemd/system/getty@.service.d
cat   >   $TMP/etc/systemd/system/getty@.service.d/override.conf << EOF
[Service]
ExecStartPre=-/usr/bin/dmesg --console-off
ExecStart=
ExecStart=-/sbin/agetty --autologin root %I \$TERM
EOF

systemctl --root=$TMP enable dbus-broker dbus.socket getty@ NetworkManager sshd
systemctl --root=$TMP set-default multi-user.target

#
# vmlinuz
#
find $TMP/usr/lib/modules -name vmlinuz -exec mv -fv {} $TMP/.. \;

########
# exit #
########

#
# initrd
#
cd $TMP
find . | cpio -cov | gzip --best > ../initrd.img
cd ..

chmod -v 0644 vmlinuz initrd.img
du    -h      vmlinuz initrd.img

#
# The End
#
rm -rf $TMP
echo "OK"