#! /bin/sh
set -e

ESP_LIST="/etc/kernel/pve-efiboot-uuids"
ESPTYPE='c12a7328-f81f-11d2-ba4b-00a0c93ec93b'

MANUAL_KERNEL_LIST="/etc/kernel/pve-efiboot-manual-kernels"

# relative to the ESP mountpoint
PMX_ESP_DIR="EFI/proxmox"
PMX_LOADER_CONF="loader/loader.conf"

# adapted from /etc/kernel/postinst.d/apt-auto-removal as present in
# debian's apt package:
#
# Mark as not-for-autoremoval those kernel packages that are:
#  - the currently booted version, if still installed
#  - the kernel version we've been called for
#  - the latest kernel version (as determined by debian version number)
#  - the second-latest kernel version
#  - the latest kernel version of each series (e.g. 4.13, 4.15, 5.0) by
#    marking the meta-packages

kernel_keep_versions() {
	eval "$(apt-config shell DPKG Dir::bin::dpkg/f)"
	test -n "$DPKG" || DPKG="/usr/bin/dpkg"

	list="$("${DPKG}" -l | awk '/^[ih][^nc][ ]+pve-kernel-[0-9]+\./ && $2 !~ /-dbg(:.*)?$/ && $2 !~ /-dbgsym(:.*)?$/ { print $2; }' \
	   | sed -e 's#^pve-kernel-##' -e 's#:[^:]\+ # #')"

	sorted_list="$(echo "$list" | sort --unique --reverse --version-sort)"

	[ -n "$1" ] && install_version="$1"

	running_version="$(uname -r | tr 'A-Z' 'a-z')"

	# ignore the currently running version if attempting a reproducible build
	if [ -n "${SOURCE_DATE_EPOCH}" ]; then
		running_version=""
	elif [ ! -e "/boot/vmlinuz-$running_version" ]; then
		# ignore the current version if it got removed, the "auto-remove" logic
		# will not be affected, because either it is installed and thus we keep
		# it in the list, or it's already removed anyway
		running_version=""
	fi

	latest_2_versions="$(echo "$sorted_list" | grep -E '^[^ ]+-pve' | head -n2 )"

	series_metapackages="$(echo "$sorted_list" | grep -Ev '^[^ ]+-pve' | head -n2)"

	oldseries="$(echo "$series_metapackages" | tail -n1)"
	oldseries_latest_kernel="$(echo "$sorted_list" | grep -E "^${oldseries}\.[^ ]+-pve" | head -n1 )"

	if [ -e "$MANUAL_KERNEL_LIST" ]; then
		manual_kernels="$(cat "$MANUAL_KERNEL_LIST")"
	fi

	kernels="$(cat <<-EOF
		$running_version
		$install_version
		$manual_kernels
		$latest_2_versions
		$series_metapackages
		$oldseries_latest_kernel
		EOF
	)"

	echo "$kernels" | sort -u | sed -e '/^$/ d'
}

#bootable kernels are the same as the no_autoremove ones without the meta-package
boot_kernel_list() {
	list="$(kernel_keep_versions "$@")"

	echo "$list" | grep -E '^[^ ]+-pve' || true
}

warn() {
	echo "$@" 1>&2
}

reexec_in_mountns() {
	if [ -z "$PVE_EFIBOOT_UNSHARED" ]; then
		export PVE_EFIBOOT_UNSHARED=1
		echo "Re-executing '$0' in new private mount namespace.."
		unshare --mount --propagation private "$0" "$@"
		exit 0
	fi
}

loop_esp_list() {
	if [ ! -e ${ESP_LIST} ]; then
		return 2
	fi

	cat "${ESP_LIST}" | while IFS= read -r curr_uuid; do
		if [ -z "$curr_uuid" ]; then
			continue
		fi
		"$@"
	done
}