# Contributor: Łukasz Jendrysik <scadu@yandex.com>
# Contributor: William Pitcock <nenolod@dereferenced.org>
# Contributor: Jakub Jirutka <jakub@jirutka.cz>
# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
pkgname=lxc
pkgver=2.0.9
_pkgver=${pkgver/_rc/.rc}
pkgrel=1
pkgdesc="Userspace interface for the Linux kernel containment features"
url="https://linuxcontainers.org/lxc/"
arch="all"
license="GPL"
depends="gzip"
depends_dev="libcap-dev"
makedepends="$depends_dev lvm2 util-linux automake autoconf libtool lua5.2-dev
	linux-headers bash tar docbook2x libseccomp-dev python3-dev dnsmasq wget"
options="suid"
subpackages="$pkgname-dev $pkgname-doc $pkgname-lvm::noarch lua5.2-lxc:_lua52
	$pkgname-download:_download:noarch $pkgname-templates::noarch $pkgname-libs
	py3-$pkgname:_py3 $pkgname-bridge"
source="https://github.com/lxc/lxc/archive/lxc-$_pkgver.tar.gz
	version.patch
	lxc.initd
	lxc.conf

	download-template-tmpfs.patch
	CVE-2018-6556.patch
	"
builddir="$srcdir/lxc-lxc-$_pkgver"

# secfixes:
#   2.0.9-r1:
#     - CVE-2018-6556

_tmpldir="usr/share/lxc/templates"

prepare() {
	default_prepare || return 1
	./autogen.sh
}

build() {
	cd "$builddir"
	LUA_VERSION=5.2 \
	./configure \
		--build=$CBUILD \
		--host=$CHOST \
		--prefix=/usr \
		--sysconfdir=/etc \
		--localstatedir=/var \
		--disable-apparmor \
		--enable-lua \
		--enable-python \
		--with-lua-pc=lua5.2 \
		--with-distro=alpine \
		--disable-werror \
		|| return 1
	make VERSION=$pkgver || return 1
}

package() {
	cd "$builddir"

	make DESTDIR="$pkgdir" install || return 1

	install -Dm755 "$srcdir"/lxc.initd "$pkgdir"/etc/init.d/lxc || return 1
	install -d "$pkgdir"/var/lib/lxc

	# XXX: workaround for https://github.com/lxc/lxc/issues/1095.
	install -Dm644 "$srcdir"/lxc.conf "$pkgdir"/etc/lxc/lxc.conf || return 1

	# Remove useless config for SysVinit.
	rm -r "$pkgdir"/etc/default
}

lvm() {
	pkgdesc="LVM support for LXC"
	depends="lvm2 util-linux lxc"

	mkdir "$subpkgdir"
}

_lua52() {
	pkgdesc="Lua 5.2 module for LXC"

	local dir; for dir in lib share; do
		mkdir -p "$subpkgdir"/usr/$dir || return 1
		mv "$pkgdir"/usr/$dir/lua "$subpkgdir"/usr/$dir/ || return 1
	done
}

_py3() {
	pkgdesc="Python3 module for LXC"
	depends="python3"
	mkdir -p "$subpkgdir"/usr/lib
	mv "$pkgdir"/usr/lib/python3.* "$subpkgdir"/usr/lib || return 1
}

_download() {
	pkgdesc="LXC container image downloader template"
	depends="$pkgname gnupg tar xz wget"

	mkdir -p "$subpkgdir"/$_tmpldir
	mv "$pkgdir"/$_tmpldir/lxc-download "$subpkgdir"/$_tmpldir/
}

templates() {
	pkgdesc="Templates for LXC (except alpine and download)"
	depends="bash tar"

	mkdir -p "$subpkgdir"/$_tmpldir
	mv "$pkgdir"/$_tmpldir/* "$subpkgdir"/$_tmpldir/ || return 1

	# Keep alpine template in the base package (doesn't need bash or GNU tar).
	mv "$subpkgdir"/$_tmpldir/lxc-alpine "$pkgdir"/$_tmpldir/
}

dev() {
	default_dev || return 1

	# fix abuild smartness
	mv "$subpkgdir"/usr/bin/lxc-config "$pkgdir"/usr/bin/
}

bridge() {
	depends="dnsmasq"
	pkgdesc="Bridge interface for LXC with dhcp"
	mkdir -p "$subpkgdir"/etc/conf.d \
		"$subpkgdir"/etc/init.d \
		"$subpkgdir"/etc/lxc

	ln -s dnsmasq "$subpkgdir"/etc/init.d/dnsmasq.lxcbr0
	cat >>"$subpkgdir"/etc/conf.d/dnsmasq.lxcbr0 <<- EOF
		BRIDGE_ADDR="10.0.3.1"
		BRIDGE_NETMASK="255.255.255.0"
		BRIDGE_NETWORK="10.0.3.0/24"
		BRIDGE_DHCP_RANGE="10.0.3.2,10.0.3.254"
		BRIDGE_DHCP_MAX="253"
		BRIDGE_MAC="00:16:3e:00:00:00"
		DNSMASQ_CONFFILE="/etc/lxc/dnsmasq.conf"
EOF
	cat >>"$subpkgdir"/etc/lxc/dnsmasq.conf <<- EOF
		#dhcp-host=somehost,10.0.3.3
		#dhcp-host=otherhost,10.0.3.4
EOF
	cat >>"$subpkgdir"/etc/conf.d/lxc <<- EOF
		rc_need="dnsmasq.lxcbr0"
EOF

}


sha512sums="c2eb65565efb54e31ba2de61e6768a03142d940bcfda3a85c7fd7cd51bfed206aa4ea1a73134fad735774b2b801cbcb3eb4e32b2b09c2fb66d5896f81ac5cd7b  lxc-2.0.9.tar.gz
e2ffcbf55447291a8434a4f37255c3a6a119bc4116c75d205006aa2b070bf6be28535cf6107bead14bbf64bf9fa415346ab544bd1c15e1add7d1c6380e6b2def  version.patch
1037e0b773553aa04b619cec7cfc8fa504af830e58c8211eda367da7e36aeb88f45fca1f955a08fc4fa3f9da660017d5fe7145a326a2064cf15e24d1772d9e27  lxc.initd
5b83b0323e58bf00bd1e124c265729499cee97559b6fe18482962e3bed50d121b4c7a09f25cbce7b1e18d4234627bc4b4581ba2060e33cd022f105b4429cef01  lxc.conf
d055df5f7cc1001829f6eaef4c31c50088eeb7965d57b756e17b05dddeb86cf5648470c6711471fd0092418b95214ad5dc15c33d8db284f242773dd432ea51e0  download-template-tmpfs.patch
3409711430072a3d4b8e7496aac8f655fe75d5b2b299bb0def17d119361611f2659a746a3f9c6aff539a13c3fbd8486dcaaff23a27a2b9d533673da524f4f095  CVE-2018-6556.patch"