#cwd := $(notdir $(patsubst %/,%,$(dir $(abspath $(lastword $(MAKEFILE_LIST))))))
#disk       := /dev/disk/by-id/usb-Generic-_Multi-Card_20071114173400000-0:0
#disk       := /dev/disk/by-id/nvme-Samsung_SSD_970_EVO_Plus_250GB_S4EUNJ0N211426T
server      := losurdo
disk_sd     := /dev/disk/by-id/mmc-SB32G_0xdb5e2237
disk_nvme   := /dev/disk/by-id/nvme-Samsung_SSD_970_EVO_Plus_250GB_S4EUNJ0N211426T
disk_ssd    := /dev/disk/by-id/ata-Samsung_SSD_860_EVO_250GB_S3YJNX0K863141Y
rpool       := $(server)
cipher      := aes-128-gcm
autotrim    := on
reservation := 1G
#unicode_normalization := formD

wipe-sd:
	sudo $$(which sgdisk) --zap-all $(disk_sd)
wipe-nvme:
	sudo zpool labelclear -f /dev/disk/by-partlabel/$(server)_nvme_rpool || true
wipe-ssd:
	sudo $$(which sgdisk) --zap-all $(disk_ssd)
	sudo zpool labelclear -f /dev/disk/by-partlabel/$(server)_ssd_rpool || true

part: wipe-sd wipe-nvme wipe-ssd
part-sd: wipe-sd
	sudo $$(which sgdisk) -a1 -n0:34:2047  -t0:EF02 -c0:"$(server)_sd_bios"  $(disk_sd)
	sudo $$(which sgdisk)     -n0:1M:+100M -t0:EF00 -c0:"$(server)_sd_efi"   $(disk_sd)
	sudo $$(which sgdisk)     -n0:0:+256M  -t0:8300 -c0:"$(server)_sd_boot"  $(disk_sd)
	sudo $$(which sgdisk) --randomize-guids $(disk_sd)
	sudo $$(which sgdisk) --backup=$(server)_sd.sgdisk $(disk_sd)
part-nvme:
	sudo $$(which sgdisk) -n0:0:+8G -t0:8200 -c0:"$(server)_nvme_swap"  $(disk_nvme)
	sudo $$(which sgdisk) -n0:0:0   -t0:BF01 -c0:"$(server)_nvme_rpool" $(disk_nvme)
	sudo $$(which sgdisk) --randomize-guids $(disk_nvme)
	sudo $$(which sgdisk) --backup=$(server)_nvme.sgdisk $(disk_nvme)
part-ssd:
	sudo $$(which sgdisk) -a1 -n0:34:2047  -t0:EF02 -c0:"$(server)_ssd_bios"  $(disk_ssd)
	sudo $$(which sgdisk)     -n0:1M:+100M -t0:EF00 -c0:"$(server)_ssd_efi"   $(disk_ssd)
	sudo $$(which sgdisk)     -n0:0:+256M  -t0:8300 -c0:"$(server)_ssd_boot"  $(disk_ssd)
	sudo $$(which sgdisk)     -n0:0:+8G    -t0:8200 -c0:"$(server)_ssd_swap"  $(disk_ssd)
	sudo $$(which sgdisk)     -n0:0:0      -t0:BF01 -c0:"$(server)_ssd_rpool" $(disk_ssd)
	sudo $$(which sgdisk) --randomize-guids $(disk_ssd)
	sudo $$(which sgdisk) --backup=$(server)_ssd.sgdisk $(disk_ssd)

format: umount format-sd-efi format-sd-boot format-nvme-rpool format-ssd-efi format-ssd-boot format-ssd-mirror
format-sd-efi:
	sudo blkid                       /dev/disk/by-partlabel/$(server)_sd_efi -t TYPE=vfat || \
	sudo mkfs.vfat -F 16 -s 1 -n EFI /dev/disk/by-partlabel/$(server)_sd_efi
format-sd-boot:
	sudo mkdir -p /mnt/$(server)
	sudo blkid -t TYPE=ext2 /dev/disk/by-partlabel/$(server)_sd_boot; test $$? != 2 || \
	sudo mkfs.ext2          /dev/disk/by-partlabel/$(server)_sd_boot
format-nvme-rpool:
	sudo zpool list $(rpool) 2>/dev/null || \
	sudo zpool create -o ashift=12 \
	 $(if $(cipher),-O encryption=$(cipher) \
	 -O keyformat=passphrase \
	 -O keylocation=prompt) \
	 $(if $(unicode_normalization),-O normalization=$(unicode_normalization)) \
	 -R /mnt/$(server) $(rpool) /dev/disk/by-partlabel/$(server)_nvme_root
	sudo zpool set \
	 autotrim=$(autotrim) \
	 $(rpool)
	sudo zfs set \
	 acltype=posixacl \
	 atime=off \
	 canmount=off \
	 compression=lz4 \
	 dnodesize=auto \
	 relatime=on \
	 xattr=sa \
	 mountpoint=/ \
	 $(rpool)
	# https://nixos.wiki/wiki/NixOS_on_ZFS#Reservations
	sudo zfs list $(rpool)/reserved 2>/dev/null || \
	sudo zfs create -o canmount=off -o mountpoint=none $(rpool)/reserved
	sudo zfs set refreservation=$(reservation) $(rpool)/reserved
	# /
	# mountpoint=legacy is required to let NixOS mount the ZFS filesystems.
	sudo zfs list $(rpool)/root 2>/dev/null || \
	sudo zfs create \
	 -o canmount=on \
	 -o mountpoint=legacy \
	 $(rpool)/root
	# /boot
	#sudo zfs list bpool/boot 2>/dev/null || \
	#sudo zfs create \
	# -o canmount=on \
	# -o mountpoint=legacy \
	# bpool/boot
	# /*
	for p in \
	 home \
	 nix \
	 var \
	 var/cache \
	 var/log \
	 var/tmp \
	 ; do \
		sudo zfs list $(rpool)/"$$p" 2>/dev/null || \
		sudo zfs create \
		 -o canmount=on \
		 -o mountpoint=legacy \
		 $(rpool)/"$$p" ; \
	 done
	sudo zfs set \
	 com.sun:auto-snapshot=false \
	 $(rpool)/nix
	sudo zfs set \
	 com.sun:auto-snapshot=false \
	 $(rpool)/var/cache
	sudo zfs set \
	 com.sun:auto-snapshot=false \
	 sync=disabled \
	 $(rpool)/var/tmp
format-ssd-efi:
	sudo blkid                       /dev/disk/by-partlabel/$(server)_ssd_efi -t TYPE=vfat || \
	sudo mkfs.vfat -F 32 -s 1 -n EFI /dev/disk/by-partlabel/$(server)_ssd_efi
format-ssd-boot:
	sudo blkid -t TYPE=ext2 /dev/disk/by-partlabel/$(server)_ssd_boot; test $$? != 2 || \
	sudo mkfs.ext2          /dev/disk/by-partlabel/$(server)_ssd_boot
format-ssd-mirror:
	sudo zpool attach $(rpool) $(disk_nvme)-part5 $(disk_ssd)-part5

mount: mount-rpool mount-boot mount-efi
mount-rpool:
	# scan needed zpools
	sudo zpool list $(rpool) || \
	sudo zpool import -f $(rpool)
	# load encryption key
	sudo zfs get -H encryption $(rpool) | \
	grep -q '^$(rpool)\s*encryption\s*off' || \
	sudo zfs get -H keystatus $(rpool) | \
	grep -q '^$(rpool)\s*keystatus\s*available' || \
	sudo zfs load-key $(rpool)
	# /
	sudo mkdir -p /mnt/$(server)
	sudo mountpoint /mnt/$(server) || \
	sudo mount -v -t zfs $(rpool)/root /mnt/$(server)
	# /*
	for p in \
	 home \
	 nix \
	 var \
	 var/cache \
	 var/log \
	 var/tmp \
	 ; do \
		sudo mkdir -p /mnt/$(server)/"$$p"; \
		sudo mountpoint /mnt/$(server)/"$$p" || \
		sudo mount -v -t zfs $(rpool)/"$$p" /mnt/$(server)/"$$p" ; \
	 done
	sudo chmod 1777 /mnt/$(server)/var/tmp
mount-boot:
	sudo mkdir -p /mnt/$(server)/boot
	sudo mountpoint /mnt/$(server)/boot || \
	sudo mount -v /dev/disk/by-partlabel/$(server)_sd_boot /mnt/$(server)/boot
	#sudo mount -v -t zfs bpool/boot /mnt/$(server)/boot
mount-efi: | mount-boot
	sudo mkdir -p /mnt/$(server)/boot/efi
	sudo mountpoint /mnt/$(server)/boot/efi || \
	sudo mount -v /dev/disk/by-partlabel/$(server)_sd_efi /mnt/$(server)/boot/efi

bootstrap: mount
	# Workaround https://dev.gnupg.org/T3908
	chmod o+rw $$GPG_TTY $$XAUTHORITY
	
	sudo --preserve-env \
	NIXOS_CONFIG="$$PWD/install.nix" \
	$$(which nixos-install) \
	 --root /mnt/$(server) \
	 --no-root-passwd \
	 --no-channel-copy \
	 --show-trace
	
	# End workaround https://dev.gnupg.org/T3908
	chmod o-rw $$GPG_TTY $$XAUTHORITY
	
	sudo sourcephile-shred-tmp

umount:
	for p in \
	 boot/efi \
	 boot \
	 home \
	 nix \
	 var/cache \
	 var/log \
	 var/tmp \
	 var \
	 "" \
	 ; do \
		! sudo mountpoint /mnt/$(server)/"$$p" || \
		sudo umount -v /mnt/$(server)/"$$p" ; \
	 done
	! sudo zpool list $(rpool) 2>/dev/null || \
	zfs get -H encryption $(rpool) | \
	grep -q '^$(rpool)\s*encryption\s*off' || \
	zfs get -H keystatus $(rpool) | \
	grep -q '^$(rpool)\s*keystatus\s*unavailable' || \
	sudo zfs unload-key $(rpool)
	#! sudo zpool list bpool 2>/dev/null || \
	#sudo zpool export bpool
	! sudo zpool list $(rpool) 2>/dev/null || \
	sudo zpool export $(rpool)

unlock:
	pass hosts/$(server)/zfs/rpool | \
	NIXOPS_DEPLOYMENT="$${NIXOPS_DEPLOYMENT:-$(LOSURDO_DEPLOYMENT)}" \
	nixops ssh $(server) -p 2222 'zfs load-key $(rpool) && pkill zfs'