#!/bin/sh -eu
export PATH="/snap/bin/:${PATH}"

cleanup() {
    set +e
    incus delete build-lxc-cache -f >/dev/null 2>&1

    exit 0
}
trap cleanup EXIT HUP INT TERM

ARCH="$1"
TARGET="$2"

# Create the container
incus init "images:ubuntu/jammy/${ARCH}" build-lxc-cache \
    -c security.nesting=true

# Start the container
incus start build-lxc-cache

# Install build dependencies
(
    cat << EOF
#!/bin/sh
set -eux

# Wait for network
while :; do
    ping -W1 -c1 linuxcontainers.org >/dev/null 2>&1 && break
    sleep 1
done

ARCHIVE="http://us.ports.ubuntu.com/ubuntu-ports"
if [ "${ARCH}" = "amd64" ] || [ "${ARCH}" = "i386" ]; then
    ARCHIVE="http://us.archive.ubuntu.com/ubuntu"
fi

# Setup clean sources
echo force-unsafe-io >> /etc/dpkg/dpkg.cfg
cat > /etc/apt/sources.list << EOL
deb \${ARCHIVE} jammy main universe restricted multiverse
deb \${ARCHIVE} jammy-updates main universe restricted multiverse
deb \${ARCHIVE} jammy-security main universe restricted multiverse
deb \${ARCHIVE} jammy-backports main universe restricted multiverse
EOL
apt-get update --yes

# Install dependencies
apt-get install --yes --no-install-recommends \
    apparmor automake autoconf bash-completion bridge-utils build-essential \
    busybox-static clang cloud-image-utils curl dbus debhelper debootstrap \
    devscripts dh-apparmor dh-autoreconf dnsmasq-base docbook2x doxygen ed \
    fakeroot file gcc gnupg graphviz git iptables meson net-tools \
    libapparmor-dev libcap-dev libgnutls28-dev liblua5.2-dev libpam0g-dev \
    libseccomp-dev libselinux1-dev libssl-dev libtool linux-libc-dev \
    lsb-release make openssl pkg-config python3-all-dev \
    python3-setuptools rsync squashfs-tools uidmap unzip uuid-runtime \
    wget xz-utils liburing-dev libdbus-1-dev

apt-get clean

# Create build directory
mkdir -p /build
EOF
) | incus exec build-lxc-cache -- sh

# Install Android dependencies
if [ "${ARCH}" = "amd64" ]; then
    incus file push deps/android-ndk-linux-x86_64.zip build-lxc-cache/root/ndk.zip
    (
    cat << EOF
#!/bin/sh
set -eux

mkdir -p /build/ndk
cd /build/ndk/

# Unpack the Android NDK
unzip -q /root/ndk.zip
mv android-ndk-*/toolchains/llvm/prebuilt/linux-x86_64/* .
rm -Rf android-ndk-*

rm /root/ndk.zip

# Get specific libcap source
git clone https://git.kernel.org/pub/scm/libs/libcap/libcap.git /build/libcap
cd /build/libcap
git checkout 0ee94211e95096750ede752acd13b163aa6d5046

# Environment
export PATH=/build/ndk/bin/:\${PATH}
export CC="armv7a-linux-androideabi29-clang --sysroot=/build/ndk/sysroot/"
export DESTDIR=/build/android
export BUILD_CC=clang

# Build and install libcap
cd /build/libcap/libcap/
make -e LIBATTR=no

cp -P /build/libcap/libcap/libcap.so* /build/ndk/sysroot/usr/lib/
cp -P /build/libcap/libcap/libcap.a /build/ndk/sysroot/usr/lib/
cp -P /build/libcap/libcap/include/sys/capability.h /build/ndk/sysroot/usr/include/sys/
cp -P /build/libcap/libcap/include/uapi/linux/capability.h /build/ndk/sysroot/usr/include/linux/
EOF
    ) | incus exec build-lxc-cache -- sh
fi

incus stop build-lxc-cache
incus export build-lxc-cache "${TARGET}/build-lxc-cache.tar.xz" --optimized-storage
incus delete -f build-lxc-cache

exit 0
