#!/bin/bash

## Copyright (C) 2012 - 2025 ENCRYPTED SUPPORT LLC <adrelanos@whonix.org>
## Copyright (C) 2018 Algernon
## See the file COPYING for copying conditions.

set -x
set -e

true "INFO: Currently running script: $BASH_SOURCE $@"

MYDIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"

source "$MYDIR/pre"
source "$MYDIR/colors"
source "$MYDIR/variables"

main() {
   ## DEB_INSTALL_FOLDER Example:
   ## /mnt/initialdeb

   ## dist_sources_list_temp_build_folder Example:
   ## /var/lib/whonix/sources_temp_list.d

   ## EMPTY_DIR Example:
   ## "/tmp/empty"

   ## dist_apt_repository_folder Examples:
   ## /home/user/derivative-binary/aptrepo_local/kicksecure
   ## /home/user/derivative-binary/aptrepo_local/whonix

   $SUDO_TO_ROOT rm -f -- "$dist_sources_list_temp_initial_deb_sources_list"

   true "derivative_name_list: $derivative_name_list"

   for derivative_name_item in $derivative_name_list ; do
      derivative_repository_name="$derivative_name_item"
      ## Not required:
      #export derivative_repository_name

      ## sets: dist_apt_repository_folder
      set_dist_build_reprepro_folder_options

      $SUDO_TO_ROOT mkdir --parents -- "$CHROOT_FOLDER/$DEB_INSTALL_FOLDER/$derivative_name_item"
      $SUDO_TO_ROOT mkdir --parents -- "$CHROOT_FOLDER/$EMPTY_DIR"
      $SUDO_TO_ROOT mkdir --parents -- "$CHROOT_FOLDER/$dist_sources_list_temp_build_folder"

      true "dist_sources_list_temp_initial_deb_sources_list: $dist_sources_list_temp_initial_deb_sources_list"
      true "sources_list_target_build_remote_derivative: $sources_list_target_build_remote_derivative"
      true "build_remote_derivative_pkgs: $build_remote_derivative_pkgs"

      if [ "$build_remote_derivative_pkgs" = "true" ]; then
         $SUDO_TO_ROOT cp -- "$source_code_folder_dist/packages/kicksecure/usability-misc/usr/bin/repo-add-dist" "$CHROOT_FOLDER/$DEB_INSTALL_FOLDER/repo-add-dist"

         true "INFO: running repo-add-dist... It is supposed to create $dist_sources_list_temp_initial_deb_sources_list ..."
         ## Variable 'codename' is irrelevant because setting variable 'sources_list_build_remote_derivative'.
         chroot_run \
            env \
               codename="$dist_build_apt_codename" \
               sources_list_target_folder_build_remote_derivative="$dist_sources_list_temp_build_folder" \
               sources_list_target_build_remote_derivative="$dist_sources_list_temp_build_file" \
               sources_list_build_remote_derivative="$sources_list_build_remote_derivative" \
               apt_target_key_derivative="$apt_target_key_derivative" \
               apt_source_key_temp_folder_derivative="$dist_sources_list_temp_apt_key_folder" \
               apt_source_key_derivative="$dist_sources_list_temp_apt_key_folder/derivative-temp-by-create-local-temp-apt-repo.asc" \
               bash -x -- "/$DEB_INSTALL_FOLDER/repo-add-dist"
         true "INFO: done with repo-add-dist."
      else
         ## Sanity test.
         test -d "$dist_apt_repository_folder"
         ## If $dist_apt_repository_folder is owned by user and host umask is 027 (others ("o") cannot read),
         ## then the unprivileged APT downloaded cannot access this folder.
         chmod --recursive o+r -- "$dist_apt_repository_folder"
         find "$dist_apt_repository_folder" -type d -exec chmod o+rx -- {} +

         ## Mount our local apt repository inside the image (or machine).
         $SUDO_TO_ROOT mount --bind -- "$dist_apt_repository_folder" "$CHROOT_FOLDER/$DEB_INSTALL_FOLDER/$derivative_name_item"

         ## Create a sources file for our local apt repository.
         ## Do NOT remove the blank line at the beginning, it is needed to
         ## keep multiple stanzas separate.
         echo "
Types: deb
URIs: file:/$DEB_INSTALL_FOLDER/$derivative_name_item
Suites: $dist_build_apt_codename
Components: main contrib non-free
Enabled: yes
Trusted: yes" | $SUDO_TO_ROOT tee --append -- "$dist_sources_list_temp_initial_deb_sources_list" >/dev/null
         $SUDO_TO_ROOT chmod o+r -- "$dist_sources_list_temp_initial_deb_sources_list"
      fi
   done

   ## Copy which (frozen) sources file will be used for building Kicksecure / Whonix into the image (or machine).
   $SUDO_TO_ROOT cp -- "$dist_build_sources_list_primary" "$CHROOT_FOLDER/$dist_sources_list_temp_build_folder/build_sources.sources"
   $SUDO_TO_ROOT chmod o+r -- "$CHROOT_FOLDER/$dist_sources_list_temp_build_folder/build_sources.sources"

   ## For debugging / Info.
   ls -la -- "$CHROOT_FOLDER/$DEB_INSTALL_FOLDER"
   ls -la -- "$CHROOT_FOLDER/$dist_sources_list_temp_build_folder"

   ## For debugging / Info.
   true "(1/2) ${cyan}$CHROOT_FOLDER/$dist_sources_list_temp_build_folder/build_sources.sources${reset}:"
   cat -- "$CHROOT_FOLDER/$dist_sources_list_temp_build_folder/build_sources.sources"

   ## For debugging / Info.
   true "(2/2) ${cyan}dist_sources_list_temp_initial_deb_sources_list${reset}: $dist_sources_list_temp_initial_deb_sources_list"
   cat -- "$dist_sources_list_temp_initial_deb_sources_list"
}

main "$@"
