#!/bin/sh

# Prerequisites
# setup-interfaces
# ifup eth0

# Set up repositories  
cat <<EOF >/etc/apk/repositories
http://dl-cdn.alpinelinux.org/alpine/v3.7/main
http://dl-cdn.alpinelinux.org/alpine/v3.7/community
#http://dl-cdn.alpinelinux.org/alpine/edge/main
#http://dl-cdn.alpinelinux.org/alpine/edge/community
#http://dl-cdn.alpinelinux.org/alpine/edge/testing
EOF

# Install disk management tools  
apk --no-cache add lvm2 cryptsetup e2fsprogs syslinux

# Create disk partitions
cat <<EOF | fdisk /dev/sda
n
p
1

+100m
a
1
n
p
2


t
2
8e
w
EOF

# Set up partition encryption
echo -n 'password' | cryptsetup -q luksFormat /dev/sda2
echo -n 'password' | cryptsetup open --type luks /dev/sda2 system

# Set up LVM
pvcreate /dev/mapper/system
vgcreate vg0 /dev/mapper/system
lvcreate -L 4G vg0 -n swap
lvcreate -l 100%FREE vg0 -n root

# Format
mkfs.ext4 -m0 /dev/sda1
mkfs.ext4 -m1 /dev/vg0/root
mkswap /dev/vg0/swap

# Mount
mount -t ext4 /dev/vg0/root /mnt
mkdir /mnt/boot
mount -t ext4 /dev/sda1 /mnt/boot

# Install Alpine linux
setup-disk -m sys /mnt

# Update boot-time volume information
BOOT_UUID=$(blkid /dev/sda1 | awk '{print $2}' | tr -d '"')
cat <<EOF >/mnt/etc/fstab
/dev/vg0/root                               /       ext4    rw,noatime,data=ordered   0   1
${BOOT_UUID}   /boot   ext4    rw,noatime,data=ordered   0   2
/dev/vg0/swap                               swap    swap    defaults                  0   0
EOF
echo "system /dev/sda2 none luks" >/mnt/etc/crypttab

# Rebuild initfs
sed -i 's/lvm/lvm cryptsetup/' /mnt/etc/mkinitfs/mkinitfs.conf
mkinitfs -c /mnt/etc/mkinitfs/mkinitfs.conf -b /mnt $(ls /mnt/lib/modules)

# Update extlinux
sed -i 's/rootfstype=ext4/rootfstype=ext4 cryptroot=\/dev\/sda2 cryptdm=system/' /mnt/etc/update-extlinux.conf
chroot /mnt update-extlinux

# Set time zone
chroot /mnt setup-timezone -z Europe/Prague

# Set hostname
echo 'vm' >/mnt/etc/hostname
sed -i 's/localhost/vm/' /mnt/etc/network/interfaces
sed -i 's/localhost /vm localhost /' /mnt/etc/hosts

# Enable services on boot
ln -s /etc/init.d/networking /mnt/etc/runlevels/boot
ln -s /etc/init.d/urandom /mnt/etc/runlevels/boot

# Install bootloader to MBR
dd bs=440 count=1 conv=notrunc if=/mnt/usr/share/syslinux/mbr.bin of=/dev/sda

# Unmount and shut down
umount /mnt/boot
umount /mnt
swapoff -a
vgchange -a n
cryptsetup luksClose system
poweroff