#!/bin/bash
set -euf -o pipefail

OS_DISTRO=$(. /etc/os-release; echo $ID)
OS_MAJOR_VERSION=$(. /etc/os-release; echo $VERSION_ID | cut -d . -f 1)

export DEBIAN_FRONTEND=noninteractive
export SUDO_FORCE_REMOVE=yes
dpkg --purge sudo
apt-get update -q
apt-get full-upgrade -y -q

{% if cloud_provider == 'hcloud' %}
if [ "$OS_DISTRO" == "ubuntu" ]; then
  apt-get install -y -q --no-install-recommends linux-image-virtual
  apt-get purge -y -q linux-image-generic intel-microcode amd64-microcode iucode-tool linux-firmware
elif [ "$OS_DISTRO" == "debian" ]; then
  apt-get purge -y -q intel-microcode amd64-microcode iucode-tool firmware-bnx2x firmware-realtek firmware-linux firmware-linux-free firmware-linux-nonfree
fi
{% endif %}
apt-get install -y -q --no-install-recommends openssh-server "{{ python_basename }}" "{{ python_basename }}-apt"

passwd -d root && passwd -l root
{% if install_distro == "debian" %}
sed -e 's/^allow-hotplug/auto/' -i /etc/network/interfaces
{% endif %}
{% set system_lvm_volumes = install.system_lvm.volumes | default(hetzner_system_lvm_volumes_default) %}
{% for volume in system_lvm_volumes %}
{%   if 'mount_options' in volume %}
sed -r 's#(\s+{{ volume.mountpoint }}\s+{{ volume.filesystem }}\s+)defaults#\1{{ volume.mount_options | join(",") }}#g' -i /etc/fstab
{%   endif %}
{% endfor %}

mkdir -p -m 0700 /target/root/.ssh
cat <<EOK > /root/.ssh/authorized_keys
{{ ssh_keys_root | join('\n') }}
EOK
{% if ansible_port is defined %}
sed -e 's/^\s*#*\s*Port\s\s*[0-9][0-9]*$/Port {{ ansible_port }}/' -i /etc/ssh/sshd_config
{% endif %}

{# this is actually only needed on ubuntu bionic and beyond but should not hurt on other installations either #}
swapoff -a
sed -e '/^\/swapfile/d' -i /etc/fstab
rm -f /swapfile

{% set system_lvm_size = install.system_lvm.size | default('all') %}
{% if system_lvm_size != "all" %}
sed -e '/\/dummy/d' -i /etc/fstab

cat > /post-install-finalize <<EOF
#!/bin/bash

raid_devices=\$(mdadm -Q -Y --detail /dev/md2 2> /dev/null | awk -F = '/MD_DEVICE_.*_DEV=/ { print(\$2) }')
if [ -n "\$raid_devices" ]; then
  mdadm --stop /dev/md2 2> /dev/null
  for dev in \$raid_devices; do
    wipefs -a "\$dev"
  done
  sed -e '/^ARRAY \/dev\/md\/2 /d' -i /etc/mdadm/mdadm.conf
  update-initramfs -u
fi

rm -rf /dummy
EOF

chmod +x /post-install-finalize
{% endif %}

{% if install_distro == "debian" %}
update-grub
{% endif %}

echo "postinst.sh finished successfully"