#!/bin/bash
# =============================================== #
# devc.sh v2.0; job79                             #
# Dev container enter script. Handles setting up  #
# different dev containers, resuming sessions and #
# automatic container updates.                    #
#                                                 #
# TODO:                                           #
# - Remove security-opt label=disable             #
#   when possible.                                #
# - Look into removeing userns=keep-id.           #
# - Isolate ssh keys to containers.               #
# =============================================== #
set -eu
log() { printf '\e[%sm%s\e[0m %s\n' "${3:-36}" "${2:-○}" "$1"; }
arg() { echo -n " $@"; }

# run_args returns the podman run arguments required for
# starting a new container.
default_args() {
  arg "--name $name"
  arg "--hostname $name"
  arg "--pull=newer"

  # Disable some security settings so host directories can
  # be mounted without problems.
  arg "--security-opt label=disable" # disable labeling so mounts don't need to be labeled.
  arg "--userns=keep-id"             # required for ~/.ssh which is usually 700.

  # Mount the wayland socket. Required to get the system
  # clipboard (wl-copy) and gui applications working.
  [ -e "/run/user/$UID/wayland-0" ] && arg "-v /run/user/$UID/wayland-0:/run/user/1000/wayland-0"

  # Mount the ssh socket to get ssh commands working.
  [ -e "$SSH_AUTH_SOCK" ] && arg "-v $SSH_AUTH_SOCK:/run/user/1000/ssh-auth-sock"

  # Add a volume for the home directory so it survives
  # container updates.
  arg "-v $name:/home/user:copy"
}

# param_args returns the podman run arguments based on the
# arguments provided to this script.
param_args() {
  while test $# -gt 0; do
    case "$1" in
    -gpu) # Enable gpu acceleration.
      arg "--device /dev/dri" ;;
    -host-spawn) # Enable spawning host commands from inside the container using host-spawn.
      arg "-v /run/user/$UID/bus:/tmp/bus" ;;
    *) # Use argument as is.
      echo "$1" ;;
    esac
    shift
  done
}

### MAIN ###
script_dir="$(dirname "$(realpath "$0")")"

# Get container registry from DEVC_REGISTRY env variable.
if [ -n "${DEVC_REGISTRY:-}" ]; then
  registry="$DEVC_REGISTRY"
  echo "$registry" >"$script_dir/state/registry"
else
  log "registry unknown; set the DEVC_REGISTRY environment variable" 'x' 31
  exit 1
fi

# Get the devcontainer name from the first argument. If not
# provided, use the last used name when possible.
if [[ $# -gt 0 ]] && [[ ${1:-} != -* ]]; then
  name="$1"
  echo "$name" >"$script_dir/state/last-name"
  shift
elif [ -f "$script_dir/state/last-name" ]; then
  name=$(<"$script_dir/state/last-name")
else
  log "no container name specified" 'x' 31
  exit 1
fi

# Create a new container when the container is not running or
# when any arguments are provided.
if [ "$(podman container inspect "$name" -f {{.State.Running}} 2>&1)" != 'true' ] || [[ $# -gt 0 ]]; then
  log "starting devcontainer..."
  podman container rm -f -t 0 "$name" 1>/dev/null
  podman run -td $(default_args) $(param_args $@) "$registry/$name"
fi

podman exec -it "$name" bash -l