Untitled

#!/bin/sh
# note: default alpine shell is ash.

ARCH=x86_64

ONLN_REPO="http://nl.alpinelinux.org/alpine/latest-stable/main/"
OFLN_REPO="/media/repository/"

ONLN_HOST="nl.alpinelinux.org"
CIFS_HOST="vmhst"

CDFS_MSRC="/media/cdrom/repository/"
CIFS_MSRC="share/alpine-mirror/latest-stable/main/"

CIFS_OPTS="username=share,password=none,domain=NIL"
MIRROR="/00-systems/linux-x64/00-alpine/00-mirror/"

VMHST=10.20.20.242
VMGST=10.20.20.240

# TODO: explain/document the 3 NIC settings.

main () {
  # note:
  # up to setup-disk in init_hd, configuration will be propagated
  # to installed system except apk repository and db, this include
  # previously installed packages.

  local pset pdoc
  init_inst () {
    pset="$1" ; shift
    case "$1" in
      with-doc) pdoc=true ;;
      '') pdoc=false ;;
      *) uerrx moipx ;;
    esac
    shift
    pkgset "$pset" lsdoc > /dev/null || uerrx moipx
    oncdx; init_kbd; init_net;
  }

  local gotl
  init_net () {
    init_dyn_net;
    init_stt_net && gotl=true || gotl=false
    init_vht_net && gotl=true
    # wihtout dns, assume there is no lan other than guest <-> host.
    $gotl && ! getent hosts vmhst > /dev/null 2>&1 && CIFS_HOST="$VMHST"
    true
  }

  local repo
  set_ofln_repo () { mkdir "$OFLN_REPO" && repo="$OFLN_REPO" ; }
  set_onln_repo () { host_test "$ONLN_HOST" && repo="$ONLN_REPO" ; }

  local mode="$1" ; shift
  case "$mode" in
    onln) init_inst "$@"; set_onln_repo ;;
    ofln) init_inst "$@"; set_ofln_repo ;;
    cifs) init_inst "$@"; set_ofln_repo ;;
    cimt) oncdx; init_kbd; init_net; set_ofln_repo ;;
    init) oncdx; init_kbd; init_net; exit ;;
    psls) pkgset ls doc; exit ;;
    dkey) pubkey; exit ;;
    help) usage; exit ;;
    pfls) bashx && pkfiles "$@"; echo; exit ;;
    srls) bashx && pset2repofiles "$@"; exit ;;
    mkrp) bashx && makerepo "$@"; exit ;;
    mkim) bashx && makeiso "$@"; exit ;;
    test) bashx && do_test "$@"; exit ;;
       *) errx usagx ;;
  esac
  [ "$repo" ] || errx repox

  # mount repository and prepare fstab data for ofln/cifs repo.
  local mfst
  case "$mode" in
    ofln)
      mntfx --rbind "$CDFS_MSRC" "$repo"
      mfst="$CDFS_MSRC $repo none rbind,ro,noauto 0 0" ;;
    cifs|cimt)
      $gotl || errx cflnx
      mfst="//${CIFS_HOST}/${CIFS_MSRC}"
      mntfx -t cifs -o "$CIFS_OPTS" "$mfst" "$repo"
      mfst="$mfst $repo cifs ${CIFS_OPTS},ro,noauto 0 0" ;;
  esac
  inrpx "$repo"
  [ "$mode" == "cimt" ] && exit

  init_hd # setup-disk done, configuration propagation ended.

  # propagate repository setup and set fstab entry for ofln/cifs repo.
  [ -d "$repo" ] && {
    mkdir "/mnt/${repo/#\//}" || errx
    printf "${mfst}\n" >> /mnt/etc/fstab || errx
  }

  # initialize system.
  system_setup "$HOSTNAME" "$pset" "$pdoc" || errx
}

init_kbd () {
  setup-keymap fr fr-latin9
}

init_dyn_net () {
  cat <<- EOF > /etc/network/interfaces

	auto lo
	iface lo inet loopback

	EOF
  ifconfig eth0 up
  if udhcpc -i eth0 -R -n -q -t 3 ; then
    cat <<- EOF >> /etc/network/interfaces
	auto eth0
	iface eth0 inet dhcp

	EOF
  fi
  rc-update add networking default
  openrc
}

init_stt_net () {
  export HOSTNAME=localhost
  local wan_ip="$(ifconfig -a)"
  { grep -q eth1 || return; } <<- EOF
	$wan_ip
	EOF

  wan_ip="$(ifconfig eth0 | sed -n '/inet addr:/s,.*r:\([^ ]*\).*,\1,p')"
  [ "$wan_ip" ] || return

  local hsedexp='s,^[^[:blank:]]*[[:blank:]]*\([^[:blank:]\.]*\).*,\1,p'
  local hname="$(getent hosts "$wan_ip" | sed -n "$hsedexp")"
  [ "$hname" ] || return

  local isedexp='s/\([[:digit:]\.]*\).*/\1/p'
  local lan_ip="$(getent hosts "${hname}-lan" | sed -n "$isedexp")"
  { [ "$lan_ip" ] && [ "$lan_ip" != "$wan_ip" ]; } || return

  hname="$(getent hosts "$lan_ip" | sed -n "$hsedexp")";
  [ "$hname" ] && export HOSTNAME="$hname"

  local tab=$'\t'
  cat <<- EOF >> /etc/network/interfaces
	auto eth1
	iface eth1 inet static
	${tab}address ${lan_ip}
	${tab}netmask 255.255.255.0

	EOF
  /etc/init.d/networking restart
}

init_vht_net () {
  local vnet_ip="$(ifconfig -a)"
  { grep -q eth2 || return; } <<- EOF
	$vnet_ip
	EOF
  vmnet_ip=''
  [ "$HOSTNAME" ] && [ "$HOSTNAME" != "localhost" ] && {
    local isedexp='s/\([[:digit:]\.]*\).*/\1/p'
    vmnet_ip="$(getent hosts ${HOSTNAME}-vmnet | sed -n "$isedexp")"
  }
  [ "$vmnet_ip" ] || vmnet_ip="$VMGST"

  local tab=$'\t'
  cat <<- EOF >> /etc/network/interfaces
	auto eth2
	iface eth2 inet static
	${tab}address ${vmnet_ip}
	${tab}netmask 255.255.255.0

	EOF
  /etc/init.d/networking restart
  ping -W 1 -w 3 -c 3 $VMHST > /dev/null 2>&1
}

init_hd () {
  # printf "*** setting partition table\n"
  pkadx sfdisk
  sfdisk /dev/sda <<- EOF
	label: gpt
	label-id: 28062016-00FF-DDFF-0000-000000000000
	device: /dev/sda
	unit: sectors
	first-lba: 34
	last-lba: 33554398

	/dev/sda2 : start=   2048, size= 1048576,\
	type=0FC63DAF-8483-4772-8E79-3D69D8477DE4,\
	uuid=00000000-0000-0000-0000-0000000000FF,\
	name="Linux filesystem"
	/dev/sda4 : start=1050624, size=32503775,\
	type=0FC63DAF-8483-4772-8E79-3D69D8477DE4,\
	uuid=00000000-0000-0000-0000-0000000000EE,\
	name="Linux filesystem"
	EOF

  # note: attrs setting using dump input fail.
  sfdisk --part-attrs /dev/sda 2 LegacyBIOSBootable
  sync
  mdev -s
  sync
  apk del sfdisk # prevent propagation.

  # printf "*** initializing filesystems\n"
  pkadx e2fsprogs btrfs-progs
  mkfs.ext4 -L boot -U 28062016-00EE-DDFF-00FF-000000000000 /dev/sda2
  mkfs.btrfs -L root -U 28062016-00EE-DDFF-00EE-000000000000 /dev/sda4
  mount -t btrfs /dev/sda4 /mnt
  btrfs su create /mnt/57
  btrfs su create /mnt/default
  btrfs su create /mnt/59
  btrfs su create /mnt/default/usr
  btrfs su create /mnt/61
  btrfs su create /mnt/default/usr/local
  btrfs su create /mnt/63
  btrfs su create /mnt/default/var
  btrfs su create /mnt/default/tmp
  btrfs su create /mnt/default/home
  local i
  for i in 57 59 61 63; do
    btrfs su delete -c /mnt/$i
  done
  btrfs su set-default 258 /mnt
  umount /mnt

  # NOTE: filesystems fsck and detection do require
  # propagation of filesystems tools to installed system.
  # DO NOT remove e2fsprogs or btrfs-progs here.

  # printf "*** mounting filesystems\n"
  mount -t btrfs /dev/sda4 /mnt
  mkdir /mnt/boot
  mount -t ext4 /dev/sda2 /mnt/boot

  printf "*** initializing system (setup-disk)\n"
  setup-disk -s0 -k vanilla /mnt

  # printf "*** initializing mbr\n"
  # note: syslinux pkg is loaded by setup-disk.
  dd if=/usr/share/syslinux/gptmbr.bin of=/dev/sda bs=440 count=1
  sync
}

system_setup () {
  local hostname="$1"; shift
  local pset="$1"; shift
  local pdoc="$1"; shift

  # printf "*** set hostname\n"
  printf "%s\n" "$hostname" > /mnt/etc/hostname

  # printf "*** set repository for new system\n"
  cat /etc/apk/repositories > /mnt/etc/apk/repositories

  # printf "*** add packages from set\n"
  pset="$(pkgset "$pset")" || errx badsx
  for p in $pset; do
    apk -p /mnt add "$p" || errx pkadx -p /mnt add "$p"
  done

  # printf "*** add docs packages\n"
  [ "$pdoc" ] && $pdoc && {
    for p in $(apk -p /mnt info); do
      apk info ${p}-doc > /dev/null && apk -p /mnt add ${p}-doc
    done
  }

  ### packages independent setup

  # printf "*** move root home to /home/root\n"
  sed -i '/^root:/s,:/root,:/home/root,' /mnt/etc/passwd
  mv /mnt/root /mnt/home/

  # printf "*** add admn user, group and home\n"
  sed -i '/^guest:/s,.*,\0\nadmn:x:654:654:admn:/home/admn:/bin/ash,' \
     /mnt/etc/passwd
  sed -i '/^guest:/s,.*,\0\nadmn:::0:::::,' /mnt/etc/shadow
  sed -i '/^utmp:/s,.*,\0\nadmn:x:654:,' /mnt/etc/group
  mkdir /mnt/home/admn
  chown 654.654 /mnt/home/admn
  chmod 755 /mnt/home/admn

  # printf "*** cleanup usr/local\n"
  rm -rf /mnt/usr/local/*

  # printf "*** set default prompt\n"
  sed -i '/export PS1/s,\\h,\\u@\\h,' /mnt/etc/profile

  # printf "*** set ll alias for bash\n"
  printf "[ \"\$BASH_VERSION\" ] && alias ll='ls -la'\n" \
    > /mnt/etc/profile.d/ll.sh

  # printf "*** cleanup motd\n"
  printf 'motd: no news is good news.\n' > /mnt/etc/motd

  ### packages dependent setup

  [ -x /mnt/bin/bash ] && {
    # printf "*** set bash as root and admn shell\n"
    sed -i '/^root:/s,/bin/ash,/bin/bash,;
            /^admn:/s,/bin/ash,/bin/bash,' /mnt/etc/passwd
  }

  [ -x /mnt/usr/bin/sudo ] && {
    # printf "*** add admn sudoer\n"
    sed -i '/^root/s,.*,\0\nadmn ALL=(ALL) NOPASSWD: ALL,' \
      /mnt/etc/sudoers
  }

  [ -x /mnt/usr/bin/ssh ] && {
    # printf "*** add admn ssh key\n"
    mkdir /mnt/home/admn/.ssh
    chown 654.654 /mnt/home/admn/.ssh
    chmod 700 /mnt/home/admn/.ssh
    pubkey > /mnt/home/admn/.ssh/authorized_keys
    chown 654.654 /mnt/home/admn/.ssh/authorized_keys
    chmod 644 /mnt/home/admn/.ssh/authorized_keys

    # printf "*** ssh server setup\n"
    sed -i 's/^#PermitRootLogin.*/PermitRootLogin no/;
            s/^#PasswordAuthentication.*/PasswordAuthentication no/;
            s/^#PermitEmptyPasswords.*/PermitEmptyPasswords no/' \
      /mnt/etc/ssh/sshd_config
    chroot /mnt /sbin/rc-update add sshd default
  }

  ### locally packages dependent setup

  # printf "*** forge and forget root and admn passwords\n"
  # note: show them if ssh is'nt installed... :)
  apk add openssh > /dev/null 2>&1 && {
    ssh-keygen -q -t rsa -b 4096 -N '' -f /tmp/passgen
    sed -n '4s/.*/root:\0/p;5s/.*/admn:\0/p' < /tmp/passgen > \
      /tmp/newpass
    chroot /mnt /usr/sbin/chpasswd < /tmp/newpass
    [ -x /mnt/usr/bin/ssh ] || {
      printf "passwords:\n"
      cat /tmp/newpass
    }
  }

  # printf "*** prevent boot clock skew report\n"
  apk add coreutils findutils > /dev/null 2>&1 && {
    find /mnt -print0 | xargs -0 touch -c -t 0505050505.05 2> \
      /dev/null
  }
  true
}

# helpers

host_test () {
  getent hosts "$@" > /dev/null 2>&1
}

oncdx () {
  [ -d /.modloop ] || errx oncdx
}

bashx () {
  [ "$BASH_VERSION" ] || errx bashx
}

mntfx () {
  mount "$@" || errx mntfx "$@"
}

inrpx () {
  cat <<- EOF > /etc/apk/repositories
	$1
	EOF
  apk update || errx inrpx
}

pkadx () {
  apk add "$@" || errx pkadx "$@"
}

uerrx () { # print usage before error.
  usage 0 && errx "$@"
}

serrx () { # report sub-process error.
  errx strnx $?
}

# data

usage () {
  local tab="  " out
  [ "$1" -ge 1 ] > /dev/null 2>&1 && out=/dev/stderr || {
    { [ -z "$1" ] || [ "$1" == 0 ] ; } && out=/dev/stdout || errx
  }

  cat <<- EOF > ${out}
	commands for system install:

	setup.sh {onln|ofln|cifs} <packages set> [with-doc]
	${tab}onln: from online repository.
	${tab}ofln: from cdrom repository.
	${tab}cifs: from cifs repository.

	assuming their repositories provides the needed packages,
	onln and cifs installations does'nt require anything beside
	this script; ofln require repository on cdrom root.

	utilities:

	setup.sh {psls|dkey|cimt|help}
	${tab}init: only initialize keyboard and network(s).
	${tab}cimt: init then mount cifs repository only.
	${tab}psls: list and describe packages sets.
	${tab}dkey: dump public ssh key to standard output.
	${tab}help: show this help.

	commands availables only in full featured environment:

	setup.sh {pfls} <remote|mirror>
	${tab}list packages files in remote or mirror repository.

	setup.sh {srls} <remote|mirror> <pkg set> [with-doc]
	${tab}list packages files on remote or mirror repository
	${tab}which are locally required to install system with
	${tab}packages set.

	setup.sh {mkrp} <dir> <remote|mirror> <pkg set> [with-doc]
	${tab}create a repository in <dir> copying packages files
	${tab}which are locally required to install system with
	${tab}packages set. files are copied from <remote|mirror>
	${tab}repository including repository index file.

	setup.sh {mkim} <out> <ofln|onln|cifs> <pkg set> [with-doc]
	${tab}create iso, ofln mode not yet supported.

	notes:
	minisys and setupsys sets deploy different systems but
	generates the same repository when used with mkrp
	since setupsys is required to deploy minisys.

	the [with-doc] option try to determine and automatically
	install documentation packages based on the packages
	requested by a package set and what is effectively
	available in the repository, but there is no guarantee
	that they will be available and effectively installed.
	EOF
  [ "$1" != 0 ] && exit $1
  true
}

errx () {
  local err="$1" xtv=0 ; shift

  errchk () { let ++xtv && [ "$err" == "$1" ] ;}
  errchk usagx && usage $xtv

  local hdr="abort:" out="/dev/stderr"
  local tab="${hdr//?/ }"
  errexc () { exit $xtv ; }

  errchk badsx && cat <<- EOF > ${out} && errexc
	${hdr} packages set error.
	EOF
  errchk bashx && cat <<- EOF > ${out} && errexc
	${hdr} full featured environment required.
	EOF
  errchk repox && cat <<- EOF > ${out} && errexc
	${hdr} unable to define source repository.
	EOF
  errchk cflnx && cat <<- EOF > ${out} && errexc
	${hdr} lan unavailable for cifs mounting.
	EOF
  errchk inrpx && cat <<- EOF > ${out} && errexc
	${hdr} packages database update failure.
	EOF
  errchk mrrfx && cat <<- EOF > ${out} && errexc
	${hdr} missing required file(s) in repository.
	EOF
  errchk moipx && cat <<- EOF > ${out} && errexc
	${hdr} missing or invalid parameter(s).
	EOF
  errchk oncdx && cat <<- EOF > ${out} && errexc
	${hdr} no loop mount of boot cd detected,
	${tab} initialization or installation
	${tab} procedure unknown.
	EOF
  errchk strnx && cat <<- EOF > ${out} && errexc
	${hdr} internal subprocess error: ${@}.
	EOF
  errchk xdirx && cat <<- EOF > ${out} && errexc
	${hdr} file or directory already exist:
	${tab} ${@}
	EOF
  errchk mntfx && cat <<- EOF > ${out} && errexc
	${hdr} mount failure with parameters:
	${tab} ${@}
	EOF
  errchk pkadx && cat <<- EOF > ${out} && errexc
	${hdr} packages add failure with parameters:
	${tab} ${@}
	${tab} (missing from repository ?)
	EOF

  errchk "$err" && cat <<- EOF > ${out}
	${hdr} unknown error.
	EOF
  errexc
}

pkgset () {
  { [ "$#" -gt 0 ] && [ "$#" -lt 3 ]; } || return
  [ "$1" == "ls" ] && {
    case "$2" in
      doc|def)
        local sets='minisys setupsys setupext configsys default'
        for s in $sets; do pkgset $s "ls$2" ; done ;;
      *) errx badsx ;;
    esac
    return
  }

  local pset="$1" def doc ; shift
  case "$pset" in
    minisys)
      doc='minisys:\n\t alpine system base (boot) packages.\n';
      def='' ;;
    setupsys)
      doc='setupsys:\n\t add packages required by this script to\n'
      doc="$doc\tminisys packages set.\n"
      def='init_hd_set' ;;
    setupext)
      doc='setupext:\n\t add packages optionnally needed by this\n'
      doc="$doc\tscript to setupsys packages set.\n"
      def='init_hd_set system_setup_set' ;;
    configsys)
      doc='configsys:\n\t add packages configured by this script\n'
      doc="$doc\tto minisys packages set.\n";
      def=setup_support_set ;;
    default)
      doc='default:\n\t combine setupext and configsys.\n'
      def='init_hd_set system_setup_set setup_support_set' ;;
  esac
  [ "$doc" ] || errx badsx

  case "$1" in
    lsdoc) printf "$doc";;
    lsdef) printf "$def";;
    '')  pkgdef $def;;
    *) errx badsx ;;
  esac
}

pkgdef () {
  while [ "$1" ]; do
    case "$1" in
      # musl to alpine-base : loaded at boot
      # kbd-bkeymaps : required by setup-keymap script
      mini_dep) cat <<- EOF
	musl busybox alpine-baselayout openrc alpine-conf       \
	libressl2.6-libcrypto libressl2.6-libssl zlib apk-tools \
	busybox-suid busybox-initscripts scanelf musl-utils     \
	libc-utils alpine-keys alpine-base                      \
	kbd-bkeymaps
	EOF
        ;;
      init_hd_set) cat <<- EOF
	sfdisk xfsprogs e2fsprogs btrfs-progs
	EOF
        ;;
      ### setup-disk script deps :
      # syslinux and linux-vanilla : required by setup-disk script
      # linux-firmware : required by linux-vanilla.
      # blkid, mtools and mkinitfs: required by syslinux
      # lddtree, kmod and cryptsetup-libs : required by mkinitfs
      # device-mapper-libs : required by cryptsetup-libs
      # xz-libs : required by kmod
      # acct : not needed but prevent error message in setup-disk script.
      ### init_hd_set deps :
      # libblkid and libuuid : required by blkid, sfdisk, e2fsprogs and btrfs-progs
      # libfdisk, libsmartcols and ncurses-* : required by sfdisk
      # e2fsprogs-libs : required by e2fsprogs
      # libcom_err : required by e2fsprogs-libs
      # lzo : required by btrfs-progs
      init_hd_dep) cat <<- EOF
	linux-vanilla linux-firmware   \
	syslinux blkid mtools mkinitfs \
	lddtree kmod cryptsetup-libs   \
	device-mapper-libs xz-libs     \
	acct                           \
	libblkid libuuid               \
	libfdisk libsmartcols          \
	ncurses-terminfo-base          \
	ncurses-terminfo ncurses-libs  \
	e2fsprogs-libs libcom_err      \
	lzo
	EOF
        ;;
      system_setup_set) cat <<- EOF
	openssh findutils coreutils
	EOF
        ;;
      # libacl and libattr : required by coreutils
      # openssh-* : required by openssh
      system_setup_dep) cat <<- EOF
	libacl libattr                               \
	openssh-client openssh-server openssh-keygen \
	openssh-server-common openssh-sftp-server
	EOF
        ;;
      setup_support_set) cat <<- EOF
	bash sudo openssh
	EOF
        ;;
      # pkgconf and readline : required by bash
      setup_support_dep) cat <<- EOF
	pkgconf readline
	EOF
        ;;
    esac
    shift
  done
}

pubkey () {
  local key="ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDHz6HtOdGknQJvSNsFWY"
  key="${key}k8Yu9rKhznLVDDgzc9wZgcQOL23R/FqltWoiVVlC4siY8uXni/4AnKpAZo"
  key="${key}PokVRrHLo+TE1xgOdgEHszPgdDe/idTaqX8fKWvks0DglJkWu4rnHD8NfI"
  key="${key}Fld0Q9ECURbehBS65bw8Msi5Zm9g7FwzuCBxKfmQ4GWcJeWRO9f4VQqneE"
  key="${key}XA1wjsPCQdY48PQLQB8Xk9jwctHqQGQDeeJNbkSwE009Z1dThMzEexsU0g"
  key="${key}TOB0E01pdrN9QLuSGvfSqlCjEbiioYl2UPXpforQ/0//J6F8WX4cC7kckV"
  key="${key}SSJ3qOn9K65qlIF+LKcHGjqLpftemQmz1w/9cQItesoEwBYagaKncUOV72"
  key="${key}DMR+4/aLrUSYwR2IDGPGTt4nvfdhBzktEOXey/+DszQ+TkN4VCbChpC5Om"
  key="${key}UJtc4sMsDXl9rb/fkrWd1293u/GUragiSimbS6uSNfcEZOLdF82k5I6+n1"
  key="${key}HmE1h5aNDJMPYe1CL0CtmJ7biPd/rFilwKTwh68iquiQrcUE+qqWqrab+s"
  key="${key}dXiK0K5pfdq/kgUYZOI27ldNCf2Nzg3Q2scEfbu3ZexUjpEiue1MkYV3LU"
  key="${key}TzGZgx9O6Uq4Q/5l13lFOmG0Vphuk4njrlbqRbyB+VvfgbSuO0rFWnBvby"
  key="${key}najEgSEDZcPyTAi6PTcn+v2vvw== admn@alpine"
  printf "%s\n" "${key}"
}

# let's do it

[ "$BASH_VERSION" ] || {
  main "$@"
  exit $?
}

# assuming bash shell and full runtime environment from here

pkfiles () {
  local addr lst sedlst='/^-r/s,.*[[:blank:]]\([^[:blank:]]*\)$,\1,p'
  case "$1" in
    mirror) addr="${MIRROR}latest-stable/main/${ARCH}"
      lst="$(ls -l $addr | sed -n "$sedlst")" || serrx ;;
    remote) addr="${ONLN_REPO}${ARCH}"
      # getent required, not available in msys
      # host_test "$ONLN_HOST" || return
      lst="$(lftp -e 'ls;quit' $addr | sed -n "$sedlst")" || serrx ;;
    *) uerrx moipx ;;
  esac
  [ "$lst" ] && printf "%s" "$lst"
}

pdef2fflt () {
  local filter="$1" ; shift

  local cntchk="$1" ; shift
  case "$cntchk" in true|false) ;; *) uerrx moipx ;; esac

  local files="$1" ; shift
  case "$files" in mirror|remote) ;; *) uerrx moipx ;; esac

  local pdef
  pdef="$(pkgdef "$@")" || serrx
  [ "$pdef" ] || errx

  files="$(pkfiles $files)" || serrx
  [ "$files" ] || errx

  filter () { sort | uniq | sed -n -e "$1"; }

  filter='s,\.,\\.,;s,.*,/^\0'"$filter"'\\.apk$/p;,p'
  pdef=($pdef)
  pdef=($(printf "%s\n" "${pdef[@]}" | filter "$filter")) || serrx

  filter="${pdef[*]}"
  files=($files)
  files=($(printf "%s\n" "${files[@]}" | filter "$filter")) || serrx

  $cntchk && {
    [ "${#pdef[@]}" == "${#files[@]}" ] || errx mrrfx
  }

  printf "%s\n" "${files[@]}"
}

pdef2docs () {
  pdef2fflt '-doc-[[:digit:]].*' false "$@"
}

pdef2files () {
  pdef2fflt '-[[:digit:]].*' true "$@"
}

pset2repofiles () {
  local source="$1" ; shift
  case "$source" in mirror|remote) ;; *) uerrx moipx ;; esac

  pkgset "$1" lsdoc > /dev/null || errx badsx

  [ "$#" -le 2 ] || uerrx moipx
  case "$2" in with-doc|'') ;; *) uerrx moipx ;; esac

  local def
  def=(mini_dep init_hd_set $(pkgset "$1" lsdef)) || serrx

  local ssetm='\([^[:blank:]]\+\)_set\([[:blank:]]\|$\)'
  local saddd='\1_set \1_dep\2'
  def=($(printf "%s\n" "${def[@]}" | sed "s,$ssetm,$saddd,g")) || serrx

  files=($(pdef2files $source "${def[@]}")) || serrx
  [ "$2" ] && { files+=($(pdef2docs $source "${def[@]}")) || serrx ; }

  printf "%s\n" "${files[@]}"
}

makerepo () {
  local dest="$1" ; shift
  [ -e "$dest" ] && errx xdirx "$dest"

  local files
  files=(APKINDEX.tar.gz $(pset2repofiles "$@")) || serrx

  mkdir "$dest" "${dest/#\//}/${ARCH}" || errx
  dest="${dest/#\//}/${ARCH}"

  case "$1" in
    mirror)
      files=("${files[@]/#/${MIRROR}latest-stable/main/${ARCH}/}")
      cp -t "$dest" "${files[@]}" || errx ;;
    remote)
      files="mget -O ${dest} ${files[*]}; quit"
      lftp -e "${files}" ${ONLN_REPO}${ARCH}/ || errx ;;
  esac
}

# makeiso

function ok { printf '[done]\n'; }
function ko { printf '[fail]\n'; }

function fail {
  ko
  local garbage
  printf "%s\n" "$@"
  printf 'press a key to exit\n'
  read -s -N1 garbage
  exit 1
}

function onfail { ((!$?)) && ok || fail "$@"; }

makeiso () {
  [ "$1" ] || usage 1
  [ "$1" != "${1%/}" ] && fail 'bad output filename' "$1"

  case "$2" in
    ofln|onln|cifs) true ;;
    *) fail 'bad install mode parameter' "$2" ;;
  esac

  case "$3" in
    minisys|setupsys|setupext|configsys|default) true ;;
    *) fail 'bad packages set parameter' "$3" ;;
  esac

  case "$4" in
    with-doc|"") true ;;
    *) fail 'invalid parameter' "$4" ;;
  esac

  set +H || fail 'disable history substitution...'
  shopt -s globstar || fail 'enable bash globstar option...'

  local pad='  '
  local rels_f=''
  local init_f=init
  local irfs_f=/boot/initramfs-vanilla

  local iso_output_dir iso_output
  iso_output="$(realpath -m "$1")"
  iso_output_dir="$(dirname "$iso_output")"
  ! [ -a "$iso_output" ] || fail 'already exist' "$iso_output"
  [ -d "$iso_output_dir" ] || fail 'directory does not exist' "$iso_output_dir"
  shift

  local releases_d="$(dirname $MIRROR)/02-releases"
  [ -d "$releases_d" ] || fail 'lookup releases directory'

  local tmpwd
  tmpwd=$(mktemp -d "/tmp/isoset-tmpwd-XXXXXX")
  ((!$?)) || fail 'create temporary working directory:' "$pad$tmpwd"

  local tmpwf
  tmpwf=$(mktemp "$tmpwd/tmpwf-XXXXXX.gz")
  ((!$?)) || fail 'create temporary file:' "$pad$tmpwf"

  cd "$tmpwd" || fail "unknow error when cwd to $tmpwd"

  printf 'lookup release file in:\n%s%s\n' "$pad" "$releases_d"
  printf -v rels_f "%s" $releases_d/alpine-vanilla-*-x86_64.iso
  [ -r "$rels_f" ] && printf 'using\n%s%s\n' "$pad" "$rels_f"
  onfail 'not a regular file' "$pad$rels_f"

  printf 'lookup initramfs in:\n%s%s\n' "$pad" "$rels_f"
  xorriso -abort_on warning -indev $rels_f -ls $irfs_f &> /dev/null
  onfail 'unable to find'  "$pad$irfs_f" 'in' "$pad$rels_f"

  printf 'extract initramfs from iso to:\n%s%s\n' "$pad" "$tmpwf"
  xorriso -osirrox on -indev $rels_f -extract_single $irfs_f $tmpwf &> /dev/null
  onfail 'unable to extract' "$pad$irfs_f" 'from' "$pad$rels_f"

  printf 'uncompress:\n%s%s\nto:\n%s%s\n' "$pad" "$tmpwf" "$pad" "${tmpwf%.gz}"
  gzip -d "$tmpwf" && ok || fail

  tmpwf="${tmpwf%.gz}"
  [ -r "$tmpwf" ] || fail 'unknow error'

  # MEMO: when using with msys2
  # trying to extract full initramfs to rebuild it rely on
  # filesystem symlinks ability which may be unavailable.

  printf 'extract %s script...\n' "$init_f"
  cpio -i -u "$init_f" < "$tmpwf" && [ -r "$init_f" ]
  onfail 'error extracting script' "$pad$init_f" 'from' "$pad$tmpwf"

  printf 'patch %s script...\n' "$init_f"
  lnum=( $(grep -n 'exec /bin/busybox switch_root' "$init_f" | cut -d ':' -f 1) )
  (( ${#lnum[@]} == 2 && lnum[0] > 2 && lnum[1] > 2))
  ((!$?)) || fail 'unexpected file format' "$pad$init_f"
  sed -n "1,$((${lnum[0]}-1))p" "$init_f" > "${init_f}.intro"
  sed -n "${lnum[0]},$((${lnum[1]}-1))p" "$init_f" > "${init_f}.inter"
  sed -n "${lnum[1]},\$p" "$init_f" > "${init_f}.eof"
  cat <<- EOF > "${init_f}.mod"
	if [ -r /sysroot/media/cdrom/setup/sysroot-prep.rc ]
	then
	  source /sysroot/media/cdrom/setup/sysroot-prep.rc
	fi
	EOF

  cat "${init_f}"{.intro,.mod,.inter,.mod,.eof} > "${init_f}"
  onfail 'error patching script' "$pad$init_f" 'from' "$pad$tmpwf"

  printf 'build %s script cpio archive...\n' "$init_f"
  cpio -o --format=newc > "${init_f}.cpio" <<- EOF
	$init_f
	EOF
  onfail 'error building' "$pad${init_f}.cpio" 'from' "$pad$init_f"

  printf 'build new initramfs...\n'
  cat "$tmpwf" "${init_f}.cpio" > ./initramfs-vanilla && \
    gzip -9 ./initramfs-vanilla &&
    mv ./initramfs-vanilla.gz ./initramfs-vanilla
  onfail 'error building new initramfs'

  mkdir ./setup
  cat <<- S0EOF > ./setup/sysroot-prep.rc
	#!/bin/sh
	# MEMO: this is a busybox ash script.
	# exec /bin/busybox sh # for testing.
	cat <<- S1EOF > /sysroot/etc/local.d/cdsetup.start
		#!/bin/sh
		if [ -r /media/cdrom/setup/setup-prep.rc ]; then
		  nohup /bin/sh /media/cdrom/setup/setup-prep.rc &
		fi
	S1EOF
	chmod 755 /sysroot/etc/local.d/cdsetup.start
	sed -i 's/^tty1/#tty1/' /sysroot/etc/inittab
	echo 'cdrom setup generated as local service and tty1 disabled'
	sync
	chroot /sysroot/ /sbin/rc-update add local default
	S0EOF

  cat <<- S0EOF > ./setup/setup-prep.rc
	#!/bin/sh
	# MEMO: this is a busybox ash script.
	sleep 2 # let local service init terminate.
	exec > /dev/tty1
	exec < /dev/tty1
	exec 2> /dev/tty1
	echo
	echo 'restore tty1 and remove cdrom setup local service'
	echo
	sed -i 's/^#tty1/tty1/' /etc/inittab
	rm -f /etc/local.d/cdsetup.start
	echo 'press any key within 3 seconds to prevent auto setup...'
	sync
	read -s -t 3 -n 1
	[ \$? == 0 ] && {
	  echo 'auto setup aborted, use alternate tty to login!'
	  exit
	}
	echo 'starting auto setup...'
	/media/cdrom/setup/setup.sh $@
	sync
	echo 'auto setup done, reboot...'
	sync
	reboot
	S0EOF

  [ -r "$(dirname $MIRROR)/setup.sh" ] | fail 'missing setup.sh script'
  cp "$(dirname $MIRROR)/setup.sh" ./setup/

  # TODO ofln mode support (repository) using makerepo function
  # this work manually just need to add option to select mirror
  # (online vs local) and add repository graft point to iso.

  printf 'generate new iso...\n'
  xorrisofs.exe -dev "$rels_f" --for_backup   \
    -output "$iso_output" -l -J -R            \
    -b boot/syslinux/isolinux.bin             \
    -c boot/syslinux/boot.cat                 \
    -boot-info-table -no-emul-boot            \
    -boot-load-size 4                         \
    -graft-points                             \
    /boot/initramfs-vanilla=initramfs-vanilla \
    /setup=./setup
  onfail 'unknow error'

  # cleanup
  rm "$tmpwf" "${init_f}"{,.intro,.mod,.inter,.eof,.cpio}
  rm ./initramfs-vanilla ./setup/{sysroot-prep.rc,setup-prep.rc,setup.sh}
  rmdir ./setup
  cd "$OLDPWD"
  rmdir "$tmpwd"

}

do_test () {
  printf "nothing to test right now!\nargs:"
  printf " %s" "$@" $'\n' '----------' $'\n'
  false
}

main "$@"