#!/bin/bash
set +e

if [ -x /usr/lib/raspberrypi-sys-mods/get_fw_loc ]; then
  FW_LOC=$(/usr/lib/raspberrypi-sys-mods/get_fw_loc)
else
  FW_LOC=/boot
fi

raspi-config nonint do_hostname "{{ host_name }}"
echo "{{ host_name }}" > /etc/hostname
raspi-config nonint do_change_locale "{{ raspios_locale }}"
raspi-config nonint do_change_timezone "{{ raspios_timezone }}"
raspi-config nonint do_configure_keyboard "{{ raspios_keyboard_layout }}"

{# 0 -> predictable interface names, 1 -> legacy (eth0...) #}
raspi-config nonint do_net_names 1

{% if raspios_codename == 'bullseye' %}
{%   if not (install_dhcp | default(false)) %}
cat <<EOF >> /etc/dhcpcd.conf

#
interface {{ network.primary.name }}
static ip_address={{ network.primary.address }}
static routers={{ network.primary.gateway }}
static domain_name_servers={{ network.nameservers | join(' ') }}
EOF
systemctl restart dhcpcd.service
{%   endif %}
systemctl disable hciuart.service
{%   if 'wifi' in network.primary %}
raspi-config nonint do_wifi_ssid_passphrase "{{ network.primary.wifi.ssid }}" "{{ network.primary.wifi.key }}"
raspi-config nonint do_wifi_country "AT"
{%   else %}
systemctl disable wpa_supplicant.service
{%   endif %}
{% else %}
cat <<EOF >> /etc/network/interfaces

# The loopback network interface
auto lo
iface lo inet loopback

# The primary network interface
auto {{ network.primary.name }}
{%   if (install_dhcp | default(false)) %}
iface {{ network.primary.name }} inet dhcp
{%   else %}
iface {{ network.primary.name }} inet static
  up echo 0 > /proc/sys/net/ipv6/conf/$IFACE/accept_ra
  up echo 0 > /proc/sys/net/ipv6/conf/$IFACE/autoconf
  address {{ network.primary.address | ansible.utils.ipaddr('address') }}
  netmask {{ network.primary.address | ansible.utils.ipaddr('netmask') }}
  gateway {{ network.primary.gateway }}
{%   endif %}
{%   if 'wifi' in network.primary %}
  wpa-ssid {{ network.primary.wifi.ssid }}
  wpa-psk {{ network.primary.wifi.key }}
{%   endif %}
EOF
{%   if not (install_dhcp | default(false)) %}
cat <<EOF > /etc/resolv.conf
# Generated by ansible
search {{ network.domain }}
{%     for nameserver in network.nameservers %}
nameserver {{ nameserver }}
{%     endfor %}
EOF
{%   endif %}
systemctl disable wpa_supplicant.service
rfkill unblock wlan
ifup {{ network.primary.name }}
{% endif %}

{% if ansible_port != 22 %}
sed -e 's/^\s*#*\s*Port\s\s*[0-9][0-9]*$/Port {{ ansible_port }}/' -i /etc/ssh/sshd_config
{% endif %}
install -m 0700 -d /root/.ssh
install -m 0644 "$FW_LOC/firstrun.authorized_keys" /root/.ssh/authorized_keys
{# 0 -> enable ssh, 1 -> disable ssh #}
raspi-config nonint do_ssh 0

export DEBIAN_FRONTEND=noninteractive
export SUDO_FORCE_REMOVE=yes
apt-get purge -q -y userconf-pi avahi-daemon triggerhappy dpkg-dev patch gdb make strace ssh-import-id network-manager udisks2 p7zip p7zip-full sudo dphys-swapfile
apt-get autoremove -q -y
dpkg -l | grep "^rc" | awk "{ print(\$2) }" | xargs -r dpkg -P

sed 's#systemd.run=/boot/firstrun.sh systemd.run_success_action=reboot systemd.run_failure_action=none systemd.unit=kernel-command-line.target##' -i /boot/cmdline.txt
sed 's#\s*$##' -i /boot/cmdline.txt
rm "$FW_LOC/firstrun.authorized_keys"
rm "$FW_LOC/firstrun.sh"
rm -f /etc/sudoers.d/010_pi-nopasswd
rm -f /etc/apt/sources.list.d/vscode.list
rm -f /etc/apt/trusted.gpg.d/microsoft.gpg

apt-get update -q
apt-get dist-upgrade -y -q

{# B1 -> Console, B2 -> console autologin, B3 -> desktop, B4 -> desktop autologin #}
raspi-config nonint do_boot_behaviour B1
systemctl --quiet enable getty@tty1