#!/bin/bash


disk=""
device=""
device1=""
spart=""
cpart=""
bpart=""
epart=""
drivelist=""
disklist=""

rm -f /tmp/disk* 2> /dev/null
rm -f /tmp/drive* 2> /dev/null
rm -f /tmp/part* 2> /dev/null
rm -f /tmp/device 2> /dev/null
rm -f /tmp/cpar* 2> /dev/null
rm -f /tmp/syspar* 2> /dev/null
rm -f /tmp/lvml* 2> /dev/null

lang=$(echo "$LANG" | awk -F\_ '{print $1}')
case "$lang" in
	de)
	    export title1="Laufwerke"
	    export title2="TUXEDO Chroot Helfer"
	    export title3="Linux Installation Betreten"
	    export text1="Sorry, keine Platte ausgewählt, beende."
	    export text2="Gewählte Disk:"
	    export text3="Aufgeschlossen"
	    export text4="Betrete installiertes System"
	    export text5="Verlassen Sie das Chroot mittels 'exit' oder Ctrl+d"
	    export text6="Nicht verschlüsselt"
	    export text7="Wählen Sie die Festplatte, welche untersucht werden soll."
	    export text8="Es wurde eine <b>TUXEDO OS Installation</b> gefunden.<br>Mit einem Klick auf <font color=red><b>&nbsp;Ja&nbsp;<b></font> wechseln Sie in das installierte System als Root!<br><font color=red><b>Achtung,</b> alles was Sie nun machen, findet im installierten System statt und ist potentiell gefährlich!</font>"
	    export text9="Mehrere Linux Installationen gefunden\n\nWählen Sie eine Partition für chroot"
	    export text10="Sorry, keine Partition ausgewählt, beende."
	    export text11="Es wurde eine <b>Linux Installation</b> gefunden.<br>Mit einem Klick auf <font color=red><b>&nbsp;Ja&nbsp;</b></font> wechseln Sie in das installierte System als Root!<br><font color=red><b>Achtung,</b> alles was Sie nun machen, findet in dem installierten System statt und ist potentiell gefährlich!</font>"
	    export text12="Es wurde eine <b>LUKS1 verschlüsselte Installation</b> gefunden.<br><br>Mit einem Klick auf <font color=red><b>&nbsp;Ja&nbsp;</b></font> und der Eingabe ihres LUKS Passwortes im nächsten Dialog<br> wechseln Sie in das installierte System als Root!<br><br><font color=red><b>Achtung,</b> alles was sie nun machen, findet im installierten System statt und ist potentiell gefährlich!</font>"
	    export text13="Es wurde eine <b>LUKS2 verschlüsselte Installation</b> gefunden.<br><br>Mit einem Klick auf <font color=red><b>&nbsp;Ja&nbsp;</b></font> und der Eingabe ihres LUKS Passwortes im nächsten Dialog<br> wechseln Sie in das installierte System als Root!<br><br><font color=red><b>Achtung,</b> alles was sie nun machen, findet im installierten System statt und ist potentiell gefährlich!</font>"
	    export text14="Kein Linux System gefunden, beende."
	    export text15="Prüfe auf neue Version online."
	    export text16="Neue Version installiert, bitte starten sie das Script neu"
	    export text17="Kein Internet verfügbar. Um alle Möglichkeiten nutzen zu können, ist eine Internetverbindung empfehlenswert."
	    export text18="Rootrechte benötigt! Bitte führen sie dieses Script als Root aus."
	    export text19="Prüfe, ob eine neuere Version verfügbar ist und installiere diese."
            export text20="Kein System gefunden, eventuell eine Datenpartition. Neu versuchen?"
            export text21="Falsches Passwort. Erneut versuchen?"
	    export textcr="LUKS verschlüsselte Partition gefunden<br><br>LUKS Verschlüsselungspasswort für die Partition eingeben"
	    ;;
	*)
	    export title1="Devices"
	    export title2="TUXEDO chroot helper"
	    export text1="Sorry, no disk choosen, exiting."
	    export text2="Choosen disc:"
	    export text3="Decrypted"
	    export text4="Enter installed system"
	    export text5="Exit the chroot using 'exit' or Ctrl+d"
	    export text6="Not crypted"
	    export text7="Select the hard disk to be examined."
	    export text8="A <b>TUXEDO OS installation</b> was found.<br><br>Click on <font color=red>&nbsp;Yes&nbsp;</font> to switch to the installed system as root!<br><br><Font color=red><b>Attention!</b> Everything you do now takes place in the installed system and is potentially dangerous.</font>"
	    export text9="Multiple linux installations found.\n\nChoose one partition for chroot"
	    export text10="Sorry, no partition choosen. Exiting."
	    export text11="A <b>LINUX installation</b> was found.<br><br><b>Click on <font color=red>&nbsp;Yes&nbsp;</font> to switch to the installed system as root!<br><br><font color=red><b>Attention!</b> Everything you do now takes place in the installed system and is potentially dangerous.</font>"
	    export text12="A <b>LUKS1 encrypted installation</b> was found.<br><br>Click on <font color=red>&nbsp;Yes&nbsp;</font> and type in your LUKS passphrase in the next dialog<br>to switch to the installed system as root!<br><br><font color=red><b>Attention!</b> Everything you do now takes place in the installed system and is potentially dangerous.</font>"
	    export text13="A <b>LUKS2 encrypted installation</b> was found.<br><br>Click on <font color=red>&nbsp;Yes&nbsp;</font> and type in your LUKS passphrase in the next dialog<br>to switch to the installed system as root!<br><br><font color=red><b>Attention!</b> Everything you do now takes place in the installed system and is potentially dangerous.</font>"
	    export text14="No linux system found, exiting."
	    export text15="Check for new version online."
	    export text16="New version installed, please restart that script to use the new version"
            export text17="No internet available. An internet connection is recommended to use all facilities."
            export text18="Root rights required! Please run this script as root."
            export text19="Check if a newer version is available and install it."
            export text20="No system found, maybe a data partition. Try again?"
            export text21="Wrong password. Try again?"
	    export textcr="input LUKS passphrase"
	    ;;
esac

is_root() {
if [ "$EUID" -ne 0 ]
    then kdialog --error "$text18" 2>/dev/null
    exit 0
fi
}

inet_on() {
    if wget -q --spider https://tuxedocomputers.com; then
            export net="1"
    else
            export net=""
            kdialog --msgbox "$text17" 2>/dev/null
    fi
}

update_task() {
    apt-get update | zenity --progress --title="Update..." --text="$text19" --pulsate --no-cancel --auto-close
    now=$(apt-cache policy tuxedo-repair | sed -n '2p;3q' | awk '{print $2}')
    repo=$(apt-cache policy tuxedo-repair | sed -n '3p;4q' | awk '{print $2}')
    if [ "$repo" != "$now" ]; then
        export inst="yes"
        apt-get -y install tuxedo-repair | zenity --progress --title="Update..." --text="$text19" --pulsate --no-cancel --auto-close
    else
        export inst=""
    fi
}

is_txos() {
    is_txos=""
    osrel=(
      /mnt/$syspart/usr/lib/os-release
      /mnt/$syspart/@/usr/lib/os-release
    )

    if grep -iq tuxedo "${osrel[@]}" 2>/dev/null
    then
	is_txos="txos"
    fi
}

is_system() {
    is_system=""
    if [ "$(ls -f /mnt/"$syspart"/etc/fstab 2>/dev/null)" ] || [ "$(ls -f /mnt/"$syspart"/@/etc/fstab 2>/dev/null)" ]; then
        is_system="system"
    fi
}

find_crypt() {
    is_crypt=$(lsblk -fs | grep "$part" | grep -i luks | awk '{print $1}')
    if [ "$is_crypt" ]; then
        is_luks1=$(cryptsetup luksDump /dev/"$part" | grep Version | awk '{print $2}' | grep 1)
        is_luks2=$(cryptsetup luksDump /dev/"$part" | grep Version | awk '{print $2}' | grep 2)
    fi
}

find_lvm(){
    if lsblk -lf -o NAME,TYPE | grep -iq lvm; then
	export is_lvm="1"
	lsblk -lf -o NAME,TYPE | awk '/lvm/{print $1}' | grep -v swap > /tmp/lvmlist
	if [ "$(wc -l < /tmp/lvmlist)" -ge 1 ]; then
	    echo "Gefundene LVM-Volumes:"
	    cat /tmp/lvmlist
	    if [ "$(wc -l < /tmp/lvmlist)" -gt 1 ]; then
    		# Mehrere LVs vorhanden → Auswahl per KDialog
    		lvmlist_items=()
    		while read -r lv; do
        	    # Optional: Größe & Dateisystem dazuschreiben
        	    size=$(lsblk -no SIZE "$lv")
        	    fstype=$(lsblk -no FSTYPE "$lv")
        	    lvmlist_items+=("$lv" "$fstype $size")
    		done < /tmp/lvmlist

    		part=$(kdialog --menu "Bitte ein LVM-Volume auswählen:" "${lvmlist_items[@]}" 2>/dev/null)
	    else
    		# Nur ein LV vorhanden → direkt nehmen
    		part=$(cat /tmp/lvmlist)
	    fi
	fi
    else
	export is_lvm=""
    fi
}

find_disk() {
    mount | grep '^/dev/' | awk '{print $1}' | sed 's/^\/dev\///; s/\([0-9]*\|p[0-9]*\)$//' | sort -u > /tmp/mounts
    lsblk -ldb -o NAME,SIZE | awk '$2 <= 15359738368 {print $1}' > /tmp/sizes
    lsblk -lf -o NAME,TYPE,SUBSYSTEMS,SIZE,LABEL | grep -i ventoy | awk '{print $1}' | sed 's/[0-9]*$//' > /tmp/ventoy
    # Üperprüfe, wieviele Platten im System stecken und präsentiere eine Auflistung der Platten in Kdialog, wenn mehr als eine Festplatte im System steckt
    # erzeuge eine formatierte Liste der Festplatten
    for i in $(lsblk -dn -o NAME,SIZE,TYPE,SUBSYSTEMS | grep -vf "/tmp/mounts" | grep -vf "/tmp/sizes" | grep -vf "/tmp/ventoy" |grep -E -iv "loop|rom|0B" | awk '{print$1}'); do
        z=$(lsblk -dn -o NAME,Size | grep "$i" | awk '{print $2}')
        echo -e "$i"'\t'\'"$i"'\t'"$z"'\t'"$(sed 's/*_//' /sys/block/"$i"/device/model)"\' | sed "s/\ '/\'/g"
    done 1> /tmp/device1 2> /dev/null
    sort /tmp/device1 > /tmp/device 2> /dev/null
    if [[ "$(wc -l < /tmp/device)" -ge 2 ]]; then
        # Wenn Platte > 1, präsentiere eine Liste der verfügbaren Platten
        disk=$(dialog_disk.pl)
    else
        disk=$(awk '{print $1}' < /tmp/device)
    fi
    if [[ -z "$disk" ]]; then
        kdialog --sorry "$text1"
        exit 0
    fi
    echo "$disk"
    rm -f /tmp/mounts
    rm -f /tmp/sizes
    rm -f /tmp/ventoy
}

partlist() {
    blkid -c /dev/null | grep -iE "ext|btrf|xfs|luks" | grep -E -iv "ntfs|gap|ventoy|reserved|fat" | awk '{print $1}' | grep "$disk" | awk -F\: '{print $1}' | awk -F\/ '{print $3}' | sort > /tmp/partlist1
    for x in $(cat /tmp/partlist1); do
	mkdir -p /mnt/"$x" && mount /dev/"$x" /mnt/"$x" 2>/dev/null
    done
    is_boot=$(ls -d /mnt/*/grub 2>/dev/null | awk -F\/ '{print $3}' || ls -d /mnt/*/@/grub 2>/dev/null | awk -F\/ '{print $3}')
    if [ "$is_boot" ]; then
	for p in $(cat /tmp/partlist1 | grep -v "$is_boot"); do
		x=$(lsblk -lf -o NAME,FSTYPE,SIZE | grep "$p" | sed s/crypto_// | awk '{print $1}')
		z=$(lsblk -lf -o NAME,FSTYPE,SIZE | grep "$p" | sed s/crypto_// | awk '{print $2}')
		y=$(lsblk -lf -o NAME,FSTYPE,SIZE | grep "$p" | sed s/crypto_// | awk '{print $3}')
		echo -e  "$p"' '\'"$p"'\t     '"$z"'\t'"$y"\'
	done 1> /tmp/partlist 2> /dev/null
	umount -R /mnt/* 2>/dev/null
    else
	for p in $(cat /tmp/partlist1); do
		x=$(lsblk -lf -o NAME,FSTYPE,SIZE | grep "$p" | sed s/crypto_// | awk '{print $1}')
		z=$(lsblk -lf -o NAME,FSTYPE,SIZE | grep "$p" | sed s/crypto_// | awk '{print $2}')
		y=$(lsblk -lf -o NAME,FSTYPE,SIZE | grep "$p" | sed s/crypto_// | awk '{print $3}')
		echo -e  "$p"' '\'"$p"'\t     '"$z"'\t'"$y"\'
	done 1> /tmp/partlist 2> /dev/null
	umount -R /mnt/* 2>/dev/null
    fi
    if [ "$(cat /tmp/partlist | wc -l)" -ge 2 ]; then
	part=$(dialog_part.pl)
	if [ -z "$part" ]; then
	    kdialog --sorry "<p><h3>$text10</h3></p>" 2> /dev/null
	    exit 1
	fi
    else
	part=$(cat /tmp/partlist | awk '{print $1}')
    fi
    echo "gewählte Partition" "$part"
}

find_lvmpart() {
        syspart="$part"
        mkdir /mnt/"$part" 2>/dev/null
        mount /dev/mapper/"$part" /mnt/"$syspart"
        if [ $(ls -ld /mnt/"$syspart"/@ 2>/dev/null | awk '{print $2}') ]; then
            svol=1
        else
            svol=0
        fi
        is_system
        if [ ! "$is_system" ]; then
            umount -R /mnt/* 2>/dev/null
            kdialog --yesno "$text20" 2>/dev/null
            if [ $? = 0 ]; then
                find_lvm
                find_lvmpart
            else
            umount -R /mnt/* 2>/dev/null
            umount -R /mnt 2>/dev/null
            exit 0
            fi
        else
            is_txos 2>/dev/null
        fi
        umount -R /mnt/* 2>/dev/null
        umount -R /mnt 2> /dev/null
        echo "syspart" "$syspart"
}

find_part() {
        syspart="$part"
        mkdir /mnt/"$part" 2>/dev/null
        mount /dev/"$part" /mnt/"$syspart"
        if [ $(ls -ld /mnt/"$syspart"/@ 2>/dev/null | awk '{print $2}') ]; then
            svol=1
        else
            svol=0
        fi
        is_system
        if [ ! "$is_system" ]; then
            umount -R /mnt/* 2>/dev/null
            kdialog --yesno "$text20" 2>/dev/null
            if [ $? = 0 ]; then
                find_disk
                partlist
                find_part
            else
            umount -R /mnt/* 2>/dev/null
            umount -R /mnt 2>/dev/null
            exit 0
            fi
        else
            is_txos 2>/dev/null
        fi
        umount -R /mnt/* 2>/dev/null
        umount -R /mnt 2> /dev/null
        echo "syspart" "$syspart"
}

find_crpart2() {
        cpart="$part"
        ERC=1
        until [ "$ERC" -ne 1 ]
            do
		CPASS="$(kdialog --password "<p><font size=4>&emsp;$textcr</font></p>" 2> /dev/null)"
            ret=$?
            if [ "$ret" = 0 ] && [ "$CPASS" ]; then
				printf '%s\n' "$CPASS" | cryptsetup -q luksOpen /dev/"$cpart" cryptdev_"$cpart"
                ret1=$?
            else
                ret1=255
            fi
            if [ "$ret" = 0 ] && [ "$ret1" -ge 1 ] && [ ! "$CPASS" ]; then
                clear
                sleep 1
                ERC=1
            else
                if [ "$ret" = 0 ] && [ "$ret1" -ge 1 ]; then
                    kdialog --sorry "$text21" 2>/dev/null
                    ERC=1
                else
                    set +H
                    ERC=0
                    break;
                fi
            fi
        done
        case "$ret" in
            0)
                echo ""
                ;;
            1)
                exit 1
                ;;
            255)
                exit 1
                ;;
        esac
        for z in $( vgscan | awk -F\" '{print $2}'); do vgchange -ay "$z" >/dev/null; done 2>/dev/null
        spart=$(blkid -c /dev/null | grep mapper |grep -Eiv "live|ventoy" | grep -E "ext|btrfs|xfs" | awk '{print $1}' | awk -F\: '{print $1}')
        syspart="$cpart"
        mkdir -p /mnt/"$syspart"
        mount "$spart" /mnt/"$syspart"
        if [ $(ls -ld /mnt/"$syspart"/@ 2>/dev/null | awk '{print $2}') ]; then
            svol=1
            cdev=$(awk '/luks/{print $1}' /mnt/"$syspart"/@/etc/crypttab)
        else
            svol=0
            cdev=$(awk '/luks/{print $1}' /mnt/"$syspart"/etc/crypttab)
        fi
        is_txos 2>/dev/null
        umount -R /mnt/* 2>/dev/null
        umount -R /mnt 2>/dev/null
        for z in $( vgscan | awk -F\" '{print $2}'); do vgchange -a n "$z" >/dev/null; done >/dev/null
        for c in $( dmsetup info -c | awk '/LUKS/{print $1}'); do cryptsetup luksClose "$c" >/dev/null ; done >/dev/null
        printf '%s\n' "$CPASS" | cryptsetup luksOpen -q /dev/"$cpart"  "$cdev"
        for z in $( vgscan | awk -F\" '{print $2}'); do vgchange -ay "$z" >/dev/null ; done >/dev/null
        syspart=$(blkid | grep mapper | grep -Eiv "live|ventoy" | grep -E "ext|btrf|xfs" | awk '{print $1}' | awk -F\: '{print $1}')
}

find_crpart1() {
        cpart="$part"
        syspart=luks\-$(lsblk -fl | grep "$part" | awk '/LUKS/{print $4}')
        pwdata="$(tempfile 2>/dev/null)"
        # trap it
        trap "rm -f ""$pwdata""" 0 1 2 5 15

        # get password
        ERC=1
        until [ "$ERC" -ne 1 ]
            do
	    trap "rm -f ""$pwdata""" 0 1 2 5 15
            dialog --title "LUKS 1 password" --clear --insecure --passwordbox "$textcr" 10 40 2> "$pwdata"
            ret=$?
            if [ "$ret" = 0 ] && [ "$(cat "$pwdata")" ]; then
                printf '%s\n' "$(cat "$pwdata")" | cryptsetup luksOpen -q /dev/"$cpart" "$syspart" 2>/dev/null
                ret1=$?
            else
                ret1=255
            fi
            if [ "$ret" = 0 ] && [ "$ret1" -ge 1 ] && [ ! "$(cat "$pwdata")" ]; then
                dialog --msgbox "alles Leer" 8 30
                #clear
                sleep 1
                ERC=1
            else
                if [ "$ret" = 0 ] && [ "$ret1" -ge 1 ]; then
                    dialog --msgbox "$text14" 8 30
                    ERC=1
                else
                    set +H
                    ERC=0
                    break;
                fi
            fi
        done
        case "$ret" in
            0)
                ;;
            1)
                #dialog --msgbox "Cancel Pressed" 8 30
                echo "Cancel pressed."
                exit 1
                ;;
            255)
                exit 1
                ;;
        esac
        mount /dev/mapper/"$syspart" /mnt/"$syspart"
        if [ $(ls -ld /mnt/@ 2>/dev/null | awk '{print $2}') ]; then
            svol=1
            umount -R /mnt 2> /dev/null
            mount -o subvol=@ /dev/mapper/"$syspart" /mnt/"$syspart"
        else
            svol=0
        fi
        is_txos 2>/dev/null
        umount -R /mnt/* 2> /dev/null
        umount -R /mnt 2> /dev/null
}

do_work() {
    if [ "$is_lvm" ]; then
        if [ "$svol" = 1 ]; then
            mount -o subvol=@ /dev/mapper/"$syspart" /mnt
        else
            mount /dev/mapper/"$syspart" /mnt
        fi
    fi
    if [ "$is_luks2" ]; then
        if [ "$svol" = 1 ]; then
            mount -o subvol=@ "$syspart" /mnt
        else
            mount "$syspart" /mnt
        fi
    fi
    if [ "$is_luks1" ]; then
        if [ "$svol" = 1 ]; then
            mount -o subvol=@ /dev/mapper/"$syspart" /mnt
        else
            mount /dev/mapper/"$syspart" /mnt
        fi
    fi
    if [ ! "$is_crypt" ] && [ ! "$is_lvm" ];  then
        if [ "$svol" = 1 ]; then
            mount -o subvol=@ /dev/"$syspart" /mnt
        else
            mount /dev/"$syspart" /mnt
        fi
    fi
    for i in /dev /dev/pts /proc /sys /sys/firmware/efi/efivars /run; do  mount -B "$i" /mnt"$i"; done
    mv /mnt/etc/resolv.conf /mnt/etc/resolv.conf.bak 2>/dev/null
    cp /etc/resolv.conf /mnt/etc/
    hostname chroot
    chroot /mnt /bin/sh -c "mount -a || true && /bin/bash"
    hostname "$(cat /etc/hostname)"
    rm /mnt/etc/resolv.conf
    mv /mnt/etc/resolv.conf.bak /mnt/etc/resolv.conf 2>/dev/null
    umount -R /mnt 2> /dev/null
    umount -R /mnt/* 2> /dev/null
}

is_root
inet_on
if [ "$net" ]; then
    echo "internet in fuction"
fi
if [ "$inst" ]; then
    kdialog --sorry "$text16" 2>/dev/null
    exit
fi
find_lvm
if [ "$is_lvm" ]; then
    find_lvmpart
    do_work
    exit 0
fi
find_disk
partlist
find_crypt
if [ "$is_luks2" ]; then
	find_crpart2
fi
if [ "$is_luks1" ]; then
	find_crpart1
fi
if [ ! "$is_crypt" ]; then
	find_part
fi
if [ "$is_txos" ]; then
    kdialog --warningyesno "$text8" 2>/dev/null
    ret=$?
else
    kdialog --warningyesno "$text11" 2>/dev/null
    ret=$?
fi
if [ "$ret" = 0 ]; then
    do_work
else
    for z in $( vgscan | awk -F\" '{print $2}'); do vgchange -a n "$z" >/dev/null; done
    for c in $( dmsetup info -c | awk '/LUKS/{print $1}'); do cryptsetup luksClose "$c" >/dev/null; done
    umount -R /mnt/* 2>/dev/null
    umount -R /mnt 2>/dev/null
    exit 0
fi
for z in $( vgscan | awk -F\" '{print $2}'); do vgchange -a n "$z" >/dev/null; done
for c in $( dmsetup info -c | awk '/LUKS/{print $1}'); do cryptsetup luksClose "$c" >/dev/null; done
umount -R /mnt/* 2>/dev/null
umount -R /mnt 2>/dev/null
exit 0
