#!/bin/busybox sh

ROOT_DEV=/dev/disk/by-label/rootfs
# USB stick w/ keys
USB_KEY_ID=0781:5567
USB_KEY_DEV=/dev/disk/by-uuid/953f675b-5c6c-4ae9-ab1b-189e923c945d
# encrypted home
HOME_KEY_FILE_NAME=.bogues-home.key
HOME_DEV=/dev/disk/by-uuid/092fdc4a-4356-47d9-9272-9a5f58e33bbf
# encrypted sdcard
EXT_SD_KEY_FILE_NAME=.bogues-ext_sd.key
EXT_SD_DEV=/dev/disk/by-uuid/c3834c30-2f8e-4955-a682-cf898979b41f

prep_dev()
{
    for opt in `cat /proc/cmdline`; do
      name=$(echo $opt | cut -d= -f 1)
      if [ $name == "root" ] || [ $name == "home" ] || [ $name == "ext_sd" ] || [ $name == "usb_key" ]; then
        type=$(echo $opt | cut -d'=' -f 2)
        id=$(echo $opt | cut -d= -f 3)
        if [ $type == LABEL ]; then
          prefix="/dev/disk/by-label";
        elif [ $type == UUID ]; then
          prefix="/dev/disk/by-uuid"
        fi
        mkdir -p $prefix
        full="$prefix/$id"
        if [ ! -e $full ]; then
          ln -s $(findfs "$type=$id") $full
        fi
      fi
    done
}

rescue_shell()
{
    echo "Something went wrong. Dropping you to a shell."
    busybox --install -s
    exec /bin/sh
}

cryptsetup_do()
{
  echo "cryptsetup $1 $2"
  mkdir -p /run/cryptsetup
  if [ -f $3 ]; then
    cryptsetup luksOpen $1 $2 --key-file $3
  else
    cryptsetup -T 3 luksOpen $1 $2
  fi
}

mount_root()
{
  echo "mount root $1"
  mount $1 /newroot
}

mkdir -p /dev /proc /sys /newroot /etc /key
touch /etc/mtab

mount -t devtmpfs none /dev
mount -t proc none /proc
mount -t sysfs none /sys

# wait for USB stick w/ keys on it
for _ in {1..3}; do
  sleep 3
  lsusb | grep $USB_KEY_ID 2>&1 /dev/null
  if [[ $? == 0 ]]; then break; fi
done
prep_dev

# `resume` is currently not used
#resume

mount_root $ROOT_DEV || rescue_shell

if [ -e $USB_KEY_DEV ]; then
  mount $USB_KEY_DEV /key 2>&1 > /dev/null
fi

cryptsetup_do $HOME_DEV home /key/$HOME_KEY_FILE_NAME
cryptsetup_do $EXT_SD_DEV ext_sd /key/$EXT_SD_KEY_FILE_NAME

umount /dev
umount /proc
umount /sys
umount /key 2>&1 > /dev/null

exec switch_root /newroot /sbin/init