#!/bin/bash
set -euo pipefail #strict mode

# Arch Linux setup script for the XFCE desktop
# Frank ENDRES, (first at last dot fr) - 2024-02
# Licence: [CeCILL](https://cecill.info/licences/Licence_CeCILL_V2.1-en.txt)
# Version: 2026.04.11


echo -e "\nCheck prerequisites…"
if [ $(id -u) != 0 ]; then
	echo "error: $(basename $0) must be run as root"
	exit 1
fi
sysroot=${1:-"system"}; sysroot=${sysroot%/} #remove trailing slash
if [ -z "$sysroot" ]; then
	echo "error: destination can't be '/'"
	exit 2
fi
missing=false
for command in wget; do
	if [ -z "$(which $command 2>/dev/null)" ]; then
		echo "error: missing command $command"
		missing=true
	fi
done
if $missing; then exit 3; fi


echo -e "\nConfiguration:"
HOSTNAME=${HOSTNAME:-linomad}
USERNAME=${USERNAME:-linomad}
PASSWORD=${PASSWORD:-linomad}

#LC (locale), FF (firefox), TB (thunderbird), LO (libreoffice), HS (hunspell) and TA (tesseract)
LC_I18N=${LC_I18N:-"fr_FR de_DE es_ES it_IT pt_PT en_US"} #for locale-gen (ar_EG bn_BD hi_IN ja_JP ru_RU zh_CN)
#FF_I18N=${FF_I18N:-"fr de es-es it pt-pt"}   #FireFox (ar bn hi-in ja ru zh-cn)
#TB_I18N=${TB_I18N:-"fr de es-es it pt-pt"}   #ThunderBird (ar ja ru zh-cn)
#LO_I18N=${LO_I18N:-"fr de es it pt"} #LibreOffice (ar bn hi ja ru zh-cn)
#HS_I18N=${HS_I18N:-"fr de en_us es_any it"}   #HunSpell (ru) - required by LibreOffice / Thunderbird
#TA_I18N=${TA_I18N:-"fra deu eng spa ita por"} #TesserAct ( ara ben hin jpn rus chi_sim)
LANG=${LANG:-fr}
#KEYMAP=$(localectl status | grep "VC Keymap" | cut -c16- | cut -f1 -d' ') #requires SystemD
#KEYMAP=$(localectl status | grep "X11 Layout" | cut -c16- | cut -f1 -d' ') #requires SystemD
KEYMAP=${KEYMAP:-${LANG:0:2}}
TIMEZONE=${TIMEZONE:-$(readlink /etc/localtime | cut -f5- -d/)}
echo -e "\tHOSTNAME = $HOSTNAME\n\tUSERNAME = $USERNAME\n\tPASSWORD = $PASSWORD" \
		"\n\tLOCALES = $LC_I18N\n\tLANGUAGE = $LANG\n\tKEYMAP = $KEYMAP\n\tTIMEZONE = $TIMEZONE"


echo -e "\nSource and destination:"
MIRROR=${MIRROR:-'https://geo.mirror.pkgbuild.com'}
VERSION=${VERSION:-'2026.04.01'}
LINOMAD=${LINOMAD:-"packages"}; LINOMAD=${LINOMAD%/} #remove trailing slash
echo -e "\tVERSION = $VERSION\n\tMIRROR = $MIRROR"
echo -e "\tLINOMAD = $LINOMAD/"
if [ -z "$sysroot" ]; then echo -e "\n\tdestination = /"; else echo -e "\n\tdestination = $sysroot/"; fi

echo -en "\nContinue [y/N]? "; read resp
if [ "$resp" != "Y" ] && [ "$resp" != "y" ]; then echo -e "\nAborting installation."; exit; fi


if [ ! -d $LINOMAD/ ]; then
	echo -e "\nSync LiNomad packages…"
	wget -nv -r -np -nH --cut-dirs=3 --reject "index.html*" -P $LINOMAD/ https://fox-echo.info/linomad/res/pkg/archlinux/ \
		2>&1 | grep ".zst\"" | sed -e 's/^.* -> "\([^"]*\)".*$/\1/' -e s@$LINOMAD/archlinux@$LINOMAD@
	mv $LINOMAD/archlinux/* $LINOMAD/; rmdir $LINOMAD/archlinux
	echo ""
fi


if [ ! -f archlinux-bootstrap-$VERSION-x86_64.tar.zst ]; then
	echo -e "\nDownload bootstrap image…"
	wget $MIRROR/iso/$VERSION/archlinux-bootstrap-$VERSION-x86_64.tar.zst
fi

echo -e "\nExtracting bootstrap image…"
tar xf archlinux-bootstrap-$VERSION-x86_64.tar.zst --numeric-owner 2>/dev/null
mkdir -p $sysroot
mv root.x86_64/* $sysroot/; rm -f version pkglist.x86_64.txt; rmdir root.x86_64

echo -e "\nConfiguring package manager…"
if ! mountpoint -q $sysroot; then
	mount --bind $sysroot $sysroot #pacman FIX
	bindmount=true
else
	bindmount=false
fi
$sysroot/usr/bin/arch-chroot $sysroot pacman-key --init
$sysroot/usr/bin/arch-chroot $sysroot pacman-key --populate
sed '/^Server = /d' -i $sysroot/etc/pacman.d/mirrorlist
echo -e "\nServer = $MIRROR/\$repo/os/\$arch" >> $sysroot/etc/pacman.d/mirrorlist

mkdir $sysroot/packages
mount --bind $LINOMAD/ $sysroot/packages/


#base packages:
packages=""
packages="$packages base linux linux-firmware amd-ucode intel-ucode mkinitcpio grub efibootmgr os-prober"
packages="$packages nftables dosfstools exfatprogs fscrypt cryfs f2fs-tools encfs"
packages="$packages man-db less sudo which vis vis-syntax-highlighting lua-lpeg curl wget rsync tree unzip nano inotify-tools"
packages="$packages squashfs-tools xorriso" #live-system / LiNomad (arch-install-scripts)

#driver packages:
packages="$packages power-profiles-daemon" #tlp
packages="$packages wireplumber pipewire-pulse pipewire-alsa pipewire-jack"
packages="$packages iwd broadcom-wl networkmanager networkmanager-openvpn wireguard-tools"
packages="$packages mesa" #hardware video acceleration (mesa-utils, libva-utils)
packages="$packages libva-intel-driver intel-media-driver" #Intel hardware video acceleration (libvpl vpl-gpu-rt)
packages="$packages libvdpau-va-gl libva-nvidia-driver" #hardware video acceleration translations layers (vdpauinfo)
#packages="$packages vulkan-nouveau vulkan-radeon vulkan-intel" #Vulkan drivers (vulkan-tools)
packages="$packages cups cups-pdf sane-airscan nss-mdns" #driverless printing and scanning

#desktop packages:
packages="$packages xorg-server xorg-drivers xorg-xhost xdg-utils xdg-user-dirs xdg-desktop-portal-gtk"
packages="$packages lightdm-gtk-greeter lightdm-gtk-greeter-settings light-locker dconf-editor"
#packages="$packages qt6ct"
packages="$packages xfce4-session labwc xfwm4 xfce4-panel xfdesktop xfce4-notifyd"
packages="$packages xfce4-power-manager xfce4-settings xfce4-screensaver xfce4-screenshooter xfce4-taskmanager"
packages="$packages xfce4-pulseaudio-plugin pavucontrol network-manager-applet blueman system-config-printer"
packages="$packages xfce4-whiskermenu-plugin xfce4-docklike-plugin gucharmap" #touchegg
packages="$packages xfce4-weather-plugin xfce4-clipman-plugin" #xfce4-notes-plugin, xfce4-calculator-plugin
packages="$packages xfce4-terminal thunar thunar-volman tumbler libgsf thunar-archive-plugin"
packages="$packages gvfs gvfs-gphoto2 gvfs-mtp gvfs-smb  samba 7zip zip unrar file-roller gvfs-afc gvfs-goa gvfs-onedrive gvfs-wsdd gvfs-dnssd"
packages="$packages xfce4-appfinder geany geany-plugins geeqie celluloid minidlna" #gspell mousepad ristretto parole
packages="$packages gst-libav gst-plugin-va gst-plugins-base gst-plugins-good gst-plugins-bad gst-plugins-ugly gst-plugin-pipewire"
packages="$packages papers simple-scan qalculate-gtk hunspell" #galculator
packages="$packages polkit-gnome gnome-keyring secrets" #authenticator
packages="$packages ttf-dejavu ttf-liberation ttf-carlito ttf-roboto ttf-roboto-mono" #libreoffice-fresh
packages="$packages syncthing" #(geany requires webkitgtk-4.1) webkitgtk-6.0 epiphany firefox thunderbird claws-mail litehtml libical
packages="$packages gparted mtools gpart"
packages="$packages fuse2 libxml2-legacy" #sdl12-compat (legacy AppImage support)
#packages="$packages base-devel linux-headers cmake dpkg" #to compile linomad packages

#i18n packages:
#for lang in $FF_I18N; do packages="$packages firefox-i18n-$lang"; done
#for lang in $TB_I18N; do packages="$packages thunderbird-i18n-$lang"; done
#for lang in $LO_I18N; do packages="$packages libreoffice-fresh-$lang"; done
#for lang in $HS_I18N; do packages="$packages hunspell-$lang"; done

echo -e "\nInstall ArchLinux…"
$sysroot/usr/bin/arch-chroot $sysroot pacman --noconfirm -Syu $packages


echo -e "\nInstall LiNomad…"
$sysroot/usr/bin/arch-chroot $sysroot pacman --noconfirm -U packages/fox-echo/live-system-*.pkg.tar.zst
$sysroot/usr/bin/arch-chroot $sysroot pacman --noconfirm -U packages/fox-echo/thunar-encryption-plugin-*.pkg.tar.zst
$sysroot/usr/bin/arch-chroot $sysroot pacman --noconfirm -U packages/fox-echo/gsettings-datetime-*.pkg.tar.zst
$sysroot/usr/bin/arch-chroot $sysroot pacman --noconfirm -U packages/fox-echo/gsettings-accounts-*.pkg.tar.zst
$sysroot/usr/bin/arch-chroot $sysroot pacman --noconfirm -U packages/fox-echo/greadymedia-*.pkg.tar.zst


echo -e "\nAdd AppImages integration script…"
wget -O $sysroot/usr/local/bin/appimages.sh https://fox-echo.info/linomad/res/pkg/appimage.sh
chmod +x $sysroot/usr/local/bin/appimages.sh


echo -e "\nRun post-install actions…"
echo "$HOSTNAME" > $sysroot/etc/hostname
ln -sf vis $sysroot/usr/bin/vi
#echo -e '#!/bin/sh\nexport GTK_CSD=1' > $sysroot/etc/profile.d/gtk-csd.sh
echo -e '#!/bin/sh\nexport GTK_CSD=1' > $sysroot/etc/skel/.xsessionrc


echo -e "\nConfigure system boot…"
$sysroot/usr/bin/arch-chroot $sysroot systemctl enable lightdm
$sysroot/usr/bin/arch-chroot $sysroot systemctl enable NetworkManager
$sysroot/usr/bin/arch-chroot $sysroot systemctl enable bluetooth
$sysroot/usr/bin/arch-chroot $sysroot systemctl enable cups
#sed -e 's/^#NTP=.*$/NTP=0.pool.ntp.org 1.pool.ntp.org 2.pool.ntp.org 3.pool.ntp.org/' -e 's/#FallbackNTP=/FallbackNTP=/' -i $sysroot/etc/systemd/timesyncd.conf
$sysroot/usr/bin/arch-chroot $sysroot systemctl enable systemd-timesyncd
sed 's/resolve/mdns_minimal \[NOTFOUND=return\] resolve/' -i $sysroot/etc/nsswitch.conf #driverless printing & scanning
$sysroot/usr/bin/arch-chroot $sysroot systemctl enable avahi-daemon
sed 's/^#\?Storage=.*$/Storage=volatile/' -i $sysroot/etc/systemd/journald.conf #if this is what You want !
echo -e "tmpfs\t/tmp\t\ttmpfs\tdefaults\t0 0" >> $sysroot/etc/fstab


echo -e "\nLocalize system…"
for lang in $LC_I18N; do sed "s/^#\($lang.UTF-8\)/\1/" -i $sysroot/etc/locale.gen; done
$sysroot/usr/bin/arch-chroot $sysroot locale-gen

if [ ! -z "$LANG" ]; then echo "LANG=$LANG" > $sysroot/etc/locale.conf; fi

if [ ! -z "$KEYMAP" ]; then
	echo "KEYMAP=$KEYMAP" > $sysroot/etc/vconsole.conf
	echo -e "XKBLAYOUT=$KEYMAP" >> $sysroot/etc/vconsole.conf
	cat > $sysroot/etc/X11/xorg.conf.d/00-keyboard.conf << EOF
Section "InputClass"
	Identifier "system-keyboard"
	MatchIsKeyboard "on"
	Option "XkbLayout" "$KEYMAP"
EndSection
EOF
fi

if [ ! -z "$TIMEZONE" ]; then ln -sf /usr/share/zoneinfo/$TIMEZONE $sysroot/etc/localtime; fi


echo -e "\nConfigure users…"
wget -O - https://fox-echo.info/linomad/res/cfg/skel-xfce.tar.gz | tar -xzv -C $sysroot/etc/
$sysroot/usr/bin/arch-chroot $sysroot useradd -m -g users -G wheel,disk,input $USERNAME
echo -e "root:$PASSWORD\n$USERNAME:$PASSWORD" | $sysroot/usr/bin/arch-chroot $sysroot chpasswd
sed 's/# \(%wheel ALL=(ALL:ALL) ALL\)/\1/' -i $sysroot/etc/sudoers
sed -e 's/rwh$/frwh/' -i $sysroot/etc/login.defs #to allow users changing their name


echo -e "\nTweak applications menu…":
cat > $sysroot/usr/share/applications/syncthing-ui.desktop << EOF
[Desktop Entry]
Name=Syncthing Web UI
GenericName=File synchronization UI
Comment=Opens Syncthing's Web UI in the default browser (Syncthing must already be started).
Exec=syncthing browser
Icon=emblem-synchronizing
Terminal=false
Type=Application
Keywords=synchronization;interface;
Categories=Network;FileTransfer;P2P
EOF

ln -sf /usr/lib/webkit2gtk-4.1/MiniBrowser $sysroot/usr/bin/webkitgtk
cat > $sysroot/usr/share/applications/webkitgtk.desktop << EOF
[Desktop Entry]
Exec=/usr/bin/webkitgtk https://duckduckgo.com
Icon=org.xfce.webbrowser
Type=Application
Categories=Network;WebBrowser;
Name=WebKitGTK Browser
MimeType=text/html;text/xml;application/xhtml+xml;application/vnd.mozilla.xul+xml;text/mml;x-scheme-handler/http;x-scheme-handler/https;
EOF

for app in cups mpv qv4l2 qvidcap org.geeqie.cache-maintenance; do
	if [ -f $sysroot/usr/share/applications/$app.desktop ]; then
		sed /NoDisplay/d -i $sysroot/usr/share/applications/$app.desktop
		echo "NoDisplay=true" >> $sysroot/usr/share/applications/$app.desktop
	fi
done
sed 's/;Education;Science;Math//' -i $sysroot/usr/share/applications/qalculate-gtk.desktop
$sysroot/usr/bin/arch-chroot $sysroot update-desktop-database /usr/share/applications/


echo -e "\nDisable Firefox disk cache…"
mkdir -p $sysroot/usr/lib/firefox/defaults/pref
cat > $sysroot/usr/lib/firefox/defaults/pref/autoconfig.js << EOF
pref("general.config.filename", "firefox.cfg");
pref("general.config.obscure_value", 0);
EOF
echo -e "\ndefaultPref(\"browser.cache.disk.enable\", false);" > $sysroot/usr/lib/firefox/firefox.cfg #better for live-system on USB media


if [ -z "$sysroot" ] || ( mountpoint -q $sysroot && [ "$bindmount" != "true" ] ); then #if installation is done on a partition
	echo -e "\nInstall boot loader…"
	syspart=$(mount | grep " on $sysroot type " | cut -f1 -d' ')
	uuid=$(lsblk -n -o UUID $syspart)
	fs=$(lsblk -n -o FSTYPE $syspart) #fs=$(mount | grep " on $sysroot type " | cut -f5 -d' ')
	echo -e "\n#$syspart\nUUID=$uuid / $fs defaults 1 1" >> $sysroot/etc/fstab
	disk="/dev/"$(ls -d /sys/block/*/$(basename $syspart) | cut -f4 -d'/')
	efipart=$(lsblk -o PATH,PARTTYPE -rn $disk | sed -n '/ c12a7328-f81f-11d2-ba4b-00a0c93ec93b$/p' | cut -f1 -d' ') #auto-detected
	if [ ! -z "$efipart" ]; then #GPT / UEFI
		uuid=$(lsblk -n -o UUID $efipart)
		fs=$(lsblk -n -o FSTYPE $efipart) #fs=vfat
		echo -e "\n#$efipart\nUUID=$uuid /boot/efi $fs defaults 1 1" >> $sysroot/etc/fstab
		mkdir -p $sysroot/boot/efi
		mount $efipart $sysroot/boot/efi
		mount --bind /sys/firmware/efi/efivars $sysroot/sys/firmware/efi/efivars
		chroot $sysroot grub-install --target x86_64-efi
		umount $sysroot/sys/firmware/efi/efivars
		umount $sysroot/boot/efi
	else #MBR / BIOS (legacy) - probably in a virtual machine
		$sysroot/usr/bin/arch-chroot $sysroot grub-install --target i386-pc $disk
	fi
	chroot $sysroot grub-mkconfig -o /boot/grub/grub.cfg
	if mount | grep -q " on $sysroot/home type "; then
		homepart=$(mount | grep " on $sysroot/home type " | cut -f1 -d' ')
		uuid=$(lsblk -n -o UUID $homepart)
		fs=$(lsblk -n -o FSTYPE $homepart)
		echo -e "\n#$homepart\nUUID=$uuid /home $fs defaults 1 1" >> $sysroot/etc/fstab
	fi
fi


if [ ! -z "$sysroot" ]; then
	echo -e "\nCleaning…"
	rm -rf $sysroot/var/cache/pacman/pkg/* #pacman -Scc
	sleep 3
	umount $sysroot/packages/; rmdir $sysroot/packages/ 
	umount $sysroot
fi