# Maintainer: Antoine Martin (ayakael) <dev@ayakael.net>
# Contributor: Antoine Martin (ayakael) <dev@ayakael.net>

pkgname=qubes-vm-core
subpackages="
	qubes-vm-networking:networking:noarch
	qubes-vm-passwordless-root:root:noarch
	$pkgname-openrc
	$pkgname-doc
	$pkgname-pyc
	"
pkgver=4.2.19
pkgrel=3
_gittag="v$pkgver"
pkgdesc="The Qubes core files for installation inside a Qubes VM."
arch="x86_64"
url="https://github.com/QubesOS/qubes-core-agent-linux"
license="GPL"
options="!check" # No testsuite
depends="
	coreutils
	blkid
	dconf
	desktop-file-utils
	device-mapper
	diffutils
	e2fsprogs
	e2fsprogs-extra
	ethtool
	fakeroot
	gawk
	grep
	haveged
	icu
	imagemagick
	librsvg
	net-tools
	ntpsec
	procps
	py3-dbus
	py3-gobject3
	py3-xdg
	python3
	qubes-db-vm
	qubes-libvchan-xen
	qubes-vm-utils
	sed
	socat
	xdg-utils
	zenity
	"
makedepends="
	gcc
	libx11-dev
	linux-pam-dev
	lsb-release-minimal
	make
	pandoc
	pkgconf
	py3-setuptools
	python3
	qubes-db-vm
	qubes-libvchan-xen
	qubes-vm-utils
	"
options="suid"
source="
	$pkgname-$_gittag.tar.gz::https://github.com/QubesOS/qubes-core-agent-linux/archive/refs/tags/$_gittag.tar.gz
	qubes-core-early.openrc
	qubes-core-netvm.openrc
	qubes-core.openrc
	qubes-firewall.openrc
	qubes-iptables.openrc
	qubes-sysinit.openrc
	qubes-updates-proxy-forwarder.openrc
	qubes-updates-proxy.openrc
	qvm-sync-clock.sh
	setupip-do-not-use-systemctl.patch
	"
builddir="$srcdir"/qubes-core-agent-linux-${_gittag/v}


build() {
	# Fix for network tools paths
	sed 's:/sbin/ethtool:ethtool:g' -i network/*
	sed 's:/sbin/ip:ip:g' -i network/*
	sed 's:/bin/grep:grep:g' -i network/*

	for dir in qubes-rpc misc; do
		make -C "$dir"
	done

	# replace all shebangs with /bin/sh as qubes expects bash
	# shellcheck disable=SC2013
	for i in $(grep '/bin/sh' -Rl .); do
		sed -i 's|/bin/sh|/bin/bash|' "$i"
	done
}

#This package provides:
# * qrexec agent
# * qubes rpc scripts
# * core linux tools and scripts
# * core systemd services and drop-ins
# * basic network functionality (setting IP address, DNS, default gateway)
package() {
	make install-corevm DESTDIR="$pkgdir" SBINDIR=/sbin LIBDIR=/usr/lib SYSLIBDIR=/lib
	make -C app-menu install DESTDIR="$pkgdir" install LIBDIR=/usr/lib SYSLIBDIR=/lib
	make -C misc install DESTDIR="$pkgdir" install LIBDIR=/usr/lib SYSLIBDIR=/lib
	make -C qubes-rpc DESTDIR="$pkgdir" install
	make -C qubes-rpc/kde DESTDIR="$pkgdir" install
	make -C qubes-rpc/nautilus DESTDIR="$pkgdir" install
	make -C qubes-rpc/thunar DESTDIR="$pkgdir" install
	make -C network DESTDIR="$pkgdir" install
	install -Dm755 "$builddir"/network/update-proxy-configs "$pkgdir"/usr/lib/qubes/.
	install -Dm755 "$srcdir"/qvm-sync-clock.sh "$pkgdir"/etc/qubes/suspend-post.d/.

	for i in $source; do
		case $i in
		*.openrc) install -Dm755 "$srcdir"/$i \
				"$pkgdir"/etc/init.d/${i%.*};;
		*.confd) install -Dm644 "$srcdir"/$i \
				"$pkgdir"/etc/conf.d/${i%.*};;
		esac
	done

}


#This package provides:
# * proxy service used by TemplateVMs to download updates
# * qubes-firewall service (FirewallVM)
#
#Integration of NetworkManager for Qubes VM:
# * make connections config persistent
# * adjust DNS redirections when needed
# * show/hide NetworkManager applet icon
#
networking() {
	pkgdesc="Qubes OS tools allowing to use a Qubes VM as a NetVM/ProxyVM"
	depends="
		conntrack-tools
		ethtool
		iptables
		net-tools
		networkmanager
		nftables
		python3
		qubes-db-vm
		qubes-vm-core
		qubes-vm-utils
		tinyproxy
		"
	cd "$builddir"
	install -dm 755 "$subpkgdir"/usr/bin
	mv "$pkgdir"/usr/bin/qubes-firewall "$subpkgdir"/usr/bin/.
	make install-netvm DESTDIR="$subpkgdir" SBINDIR=/sbin LIBDIR=/usr/lib SYSLIBDIR=/lib
}

root() {
	cd "$builddir"
	pkgdesc="Qubes OS Passwordless root access from normal user"
	make -C passwordless-root install DESTDIR="$subpkgdir" SBINDIR=/sbin LIBDIR=/usr/lib SYSLIBDIR=/lib
}
sha512sums="
4280e6dc5901a2f1d2dcf046aab553d996b0b6af6f5ad75e09779b4c43df1f868defa400ce95959bceeba359f34485b336af2d5c887d2aa46c2198990c1304d1  qubes-vm-core-v4.2.19.tar.gz
95c080a593ca1cd457ffafc0cdd6ee28999c72f67191a3955b6081a4a7d287cae4cd0c626139562e5e1eb55516c25402a174e3599daf7d4cb259d6b4bbdff155  qubes-core-early.openrc
61529413a16b7fa0df691c24adc41b90477c01ea70d572921ecec89df23932e5a2e60c4e73b9a84181dc30424e2e6af4ad1c7dcf6c42689c3cc346a9923d6e07  qubes-core-netvm.openrc
da8e293520f5fce29ce76d7586e8ce1a4164798a1214079fb554c690264da1d774fdad3f45825aac52c2c3a0b0cfd39df73eb33394dedd7c043fe0f2344b90ca  qubes-core.openrc
8f1ea1b6bfb4d3089a51cc3e325861ee7b644f743b2652bf61789933adedefdbc743a61567ad980d2a6077647eb61570b68a056125abaab2a67166d249a961b0  qubes-firewall.openrc
437a3dc443c5b0311c5dc8f792739eef89e38b2e854b9a5bb248211dd0eb0f26c1d79588ca2b4b63236b8bed0d735be6b2265d8328885730a8aa5f854301d61f  qubes-iptables.openrc
e9096560e4ee4cad836b686e18eb6dbac729227683eda2f0c8b3541c909f64de3489dbb66e3752014deab69cbfae7885bc15b9bb7e3942c02e40328337b9ef30  qubes-sysinit.openrc
b1e8af2335955e52cf1817c56296f94f8c472e68d7a17a28f516fe4f5fa8a8053d4f9333efbb007a82a06f9442a4a6cfe5f9c751de07f337e47ee04cb18b9395  qubes-updates-proxy-forwarder.openrc
29d316b9f48cad15f6e22aaa67b228a5e4893ded86463dbe25b3cc68301b961473e79c01f003b1665e217ad4af2e618625442250d5607c1c16462e3f5eed069c  qubes-updates-proxy.openrc
cca9f49422fa25cd5f3942dce8edd3ecff080bf5c407a7a790b438bedea054f39a4a3d8c179b44c4c08fc490b597e14d00dad9b0240861e83957e0af7aa6475d  qvm-sync-clock.sh
fc115d8cb9a279232bad8362903cb74dafbeac988a9d519ef3b6ff2849ab80fb77d648589974d05e565933444dd04c4b3427cdba69c167310f9a57916c5f0499  setupip-do-not-use-systemctl.patch
"