#
# Cookbook:: esh_undocker
# Resource:: network
#
# Copyright:: 2022, https://easyself.host
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
#     http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.

unified_mode true
property :ip_addr, String, name_property: true
property :image, String, required: true
default_action :setup

action :setup do
  ip_addr = new_resource.ip_addr
  image = new_resource.image
  netns_name = image
  eth_name = image[0..8]

  apt_package 'bridge-utils'

  file '/etc/systemd/network/undocker0.netdev' do
    content <<~EOT
    [NetDev]
    Name=undocker0
    Kind=bridge
    EOT
    owner 'root'
    group 'root'
    mode '0644'
    action :create
    notifies :restart, 'service[systemd-networkd]', :immediately
  end

  file '/etc/systemd/network/undocker0.network' do
    content <<~EOT
    [Match]
    Name=undocker0
    Driver=bridge
    [Network]
    Address=10.10.10.1/24
    LinkLocalAddressing=yes
    DHCPServer=no
    IPMasquerade=yes
    LLDP=yes
    EmitLLDP=customer-bridge
    EOT
    owner 'root'
    group 'root'
    mode '0644'
    action :create
    notifies :restart, 'service[systemd-networkd]', :immediately
  end

  service 'systemd-networkd' do
    action :nothing
  end

  systemd_unit "#{image}-network.service" do
    content <<~EOU
    [Unit]
    Description=ESH Piped Network Service
    After=network.target
    Before=#{image}.service

    [Service]
    Type=oneshot
    RemainAfterExit=yes
    # Weird bug where you need to mount sys again...
    ExecStart=-/usr/bin/mkdir -p /sys2
    ExecStart=-/usr/bin/mount -t sysfs --make-private /sys2
    ExecStart=-/usr/bin/ip netns add #{netns_name}
    ExecStart=-/usr/bin/ip link add name vb-#{eth_name} type veth peer name host-#{eth_name}
    ExecStart=-/usr/bin/ip link set host-#{eth_name} netns #{netns_name}
    ExecStart=-/usr/bin/ip netns exec #{netns_name} ip addr add #{ip_addr}/24 dev host-#{eth_name}
    ExecStart=-/usr/bin/ip netns exec #{netns_name} ip link set host-#{eth_name} up
    ExecStart=-/usr/bin/ip netns exec #{netns_name} ip route add 10.10.10.0/24 dev host-#{eth_name}
    ExecStart=-/usr/bin/ip netns exec #{netns_name} ip link set lo up
    ExecStart=-/usr/bin/ip link set vb-#{eth_name} up
    ExecStart=-/usr/bin/ip netns exec #{netns_name} ip route add default via 10.10.10.1 dev host-#{eth_name}
    ExecStart=-/usr/sbin/brctl addif undocker0 vb-#{eth_name}
    Restart=on-failure

    [Install]
    WantedBy=multi-user.target
    EOU
    action [:create, :enable, :start]
  end
end