#!/bin/sh
# initramfs-tools hook for abyssinit
#
# Copies the abysscrypt binary, cryptsetup, required kernel modules, and
# the optional /etc/abyssinit.conf into the initramfs image.
PREREQ=""
prereqs() { echo "$PREREQ"; }
case "${1:-}" in
    prereqs) prereqs; exit 0 ;;
esac

. /usr/share/initramfs-tools/hook-functions

# Locate abysscrypt. abysscrypt installs to /usr/sbin by default per its
# upstream Makefile; fall back to PATH lookup.
if [ -x /usr/sbin/abysscrypt ]; then
    copy_exec /usr/sbin/abysscrypt /sbin/abysscrypt
elif [ -x /usr/bin/abysscrypt ]; then
    copy_exec /usr/bin/abysscrypt /sbin/abysscrypt
elif [ -x /usr/local/sbin/abysscrypt ]; then
    copy_exec /usr/local/sbin/abysscrypt /sbin/abysscrypt
elif [ -x /usr/local/bin/abysscrypt ]; then
    copy_exec /usr/local/bin/abysscrypt /sbin/abysscrypt
elif command -v abysscrypt >/dev/null 2>&1; then
    copy_exec "$(command -v abysscrypt)" /sbin/abysscrypt
else
    echo "abyssinit hook: abysscrypt binary not found; aborting" >&2
    exit 1
fi

# Runtime dependencies of abysscrypt.
copy_exec /sbin/cryptsetup
[ -x /sbin/dmsetup ] && copy_exec /sbin/dmsetup
[ -x /bin/mount  ]   && copy_exec /bin/mount
[ -x /bin/umount ]   && copy_exec /bin/umount

# Kernel modules abysscrypt may need. Silent-fail per module so that
# kernels missing one optional cipher do not break the whole hook.
for mod in dm_mod dm_crypt \
           aes_generic aes_x86_64 aesni_intel \
           xts cbc ecb \
           sha256_generic sha512_generic \
           serpent_generic twofish_generic camellia_generic \
           dm_integrity; do
    manual_add_modules "$mod" 2>/dev/null || true
done

# Optional configs. /etc/abyssinit.conf is the default; any additional
# /etc/abyssinit*.conf files are copied too so they can be selected at
# boot time with abyssinit.conf=/etc/abyssinit.<name>.conf (useful for
# multi-target portable installs).
mkdir -p "${DESTDIR}/etc"
for _cfg in /etc/abyssinit.conf /etc/abyssinit.*.conf; do
    [ -f "$_cfg" ] || continue
    install -m 0600 "$_cfg" "${DESTDIR}${_cfg}"
done

exit 0
