From afa27179161b77e130184baed00f96fb207f37ba Mon Sep 17 00:00:00 2001
From: matt1432 <matt@nelim.org>
Date: Sat, 6 Jan 2024 02:40:54 -0500
Subject: [PATCH] feat(servivi): add lineageos docker build files

---
 devices/servivi/modules/arion/default.nix     | 24 ++++--
 .../servivi/modules/arion/lineageos/Caddyfile |  7 ++
 .../modules/arion/lineageos/compose.nix       | 76 +++++++++++++++++++
 .../arion/lineageos/manifests/manifests.xml   | 10 +++
 .../arion/lineageos/manifests/roomservice.xml | 10 +++
 .../modules/arion/lineageos/scripts/before.sh | 20 +++++
 flake.lock                                    |  8 +-
 7 files changed, 143 insertions(+), 12 deletions(-)
 create mode 100755 devices/servivi/modules/arion/lineageos/Caddyfile
 create mode 100644 devices/servivi/modules/arion/lineageos/compose.nix
 create mode 100644 devices/servivi/modules/arion/lineageos/manifests/manifests.xml
 create mode 100644 devices/servivi/modules/arion/lineageos/manifests/roomservice.xml
 create mode 100755 devices/servivi/modules/arion/lineageos/scripts/before.sh

diff --git a/devices/servivi/modules/arion/default.nix b/devices/servivi/modules/arion/default.nix
index 33e20bac..c118e7b8 100644
--- a/devices/servivi/modules/arion/default.nix
+++ b/devices/servivi/modules/arion/default.nix
@@ -3,7 +3,7 @@
   config,
   lib,
   ...
-}:
+} @ inputs:
 with lib;
 with builtins; let
   user = config.vars.user;
@@ -26,15 +26,21 @@ in {
       backend = "podman-socket";
 
       projects = let
+        configPath = "/var/lib/arion";
+
         composeFiles =
           filter (n: hasSuffix "compose.nix" (toString n))
           (filesystem.listFilesRecursive ./.);
 
-        projects = listToAttrs (map (p: {
+        projects = filterAttrs (n: v: v.enabled or true) (listToAttrs (map (p: {
             name = elemAt (match ".*\/(.*)\/compose\.nix" (toString p)) 0;
-            value = import p;
+
+            value = import p (inputs
+              // {
+                rwPath = configPath + "/" + elemAt (match "[^-]*-(.*)" "${dirOf p}") 0;
+              });
           })
-          composeFiles);
+          composeFiles));
       in
         mapAttrs (n: v: {
           # https://docs.hercules-ci.com/arion/options
@@ -42,10 +48,12 @@ in {
             enableDefaultNetwork = v.enableDefaultNetwork or true;
             networks = optionalAttrs (hasAttr "networks" v) v.networks;
 
-            services = mapAttrs (n': v': {
-              image = optionalAttrs (hasAttr "customImage" v') v'.customImage;
-              service = filterAttrs (n: v: n != "customImage") v';
-            }) v.services;
+            services =
+              mapAttrs (n': v': {
+                image = optionalAttrs (hasAttr "customImage" v') v'.customImage;
+                service = filterAttrs (n: v: n != "customImage") v';
+              })
+              v.services;
           };
         })
         projects;
diff --git a/devices/servivi/modules/arion/lineageos/Caddyfile b/devices/servivi/modules/arion/lineageos/Caddyfile
new file mode 100755
index 00000000..923d9210
--- /dev/null
+++ b/devices/servivi/modules/arion/lineageos/Caddyfile
@@ -0,0 +1,7 @@
+ota.nelim.org {
+    tls matt@nelim.org {
+        dns cloudflare {env.CLOUDFLARE_API_TOKEN}
+        resolvers 1.0.0.1
+    }
+    reverse_proxy lineageOTA
+}
diff --git a/devices/servivi/modules/arion/lineageos/compose.nix b/devices/servivi/modules/arion/lineageos/compose.nix
new file mode 100644
index 00000000..307cc40a
--- /dev/null
+++ b/devices/servivi/modules/arion/lineageos/compose.nix
@@ -0,0 +1,76 @@
+{
+  config,
+  rwPath,
+  ...
+}: {
+  # FIXME: crashes when building
+
+  # This should only be ran when an update is needed
+  enabled = false;
+
+  services = {
+    "builder" = {
+      image = "lineageos4microg/docker-lineage-cicd";
+      container_name = "lineage_builder";
+
+      environment = {
+        BRANCH_NAME = "lineage-20.0";
+        DEVICE_LIST = "lemonadep";
+        SIGN_BUILDS = "true";
+        SIGNATURE_SPOOFING = "restricted";
+        WITH_GMS = "true";
+        ZIP_SUBDIR = "false";
+        OTA_URL = "https://ota.nelim.org/api";
+        CUSTOM_PACKAGES = "AuroraStore AvesLibre Droidify MJPdfReader Mull OpenCalc";
+        INCLUDE_PROPRIETARY = "false";
+        PARALLEL_JOBS = 6;
+        CLEAN_AFTER_BUILD = "false";
+        CCACHE_SIZE = "200G";
+      };
+
+      volumes = [
+        "${rwPath}/lineage/src:/srv/src"
+        "${rwPath}/lineage/zips:/srv/zips"
+        "${rwPath}/lineage/logs:/srv/logs"
+        "${rwPath}/lineage/cache:/srv/ccache"
+        "${rwPath}/lineage/keys:/srv/keys"
+
+        "${toString ./.}/manifests:/srv/local_manifests:ro"
+        "${toString ./.}/scripts:/srv/userscripts:ro"
+        "/etc/timezone:/etc/timezone:ro"
+        "/etc/localtime:/etc/localtime:ro"
+      ];
+    };
+
+    "OTA-server" = {
+      container_name = "lineageOTA";
+      image = "docker.io/julianxhokaxhiu/lineageota";
+      volumes = [
+        "${rwPath}/lineage/zips:/var/www/html/builds/full:ro"
+      ];
+    };
+
+    "caddy" = {
+      image = "quay.io/slothcroissant/caddy-cloudflaredns:latest";
+      container_name = "caddy";
+
+      ports = [
+        "80:80"
+        "443:443"
+      ];
+
+      volumes = [
+        "${rwPath}/caddy/data:/data"
+        "${rwPath}/caddy/config:/config"
+
+        "${toString ./.}/Caddyfile:/etc/caddy/Caddyfile:ro"
+      ];
+
+      env_file = [config.sops.secrets.caddy-cloudflare.path];
+      environment = {
+        CLOUDFLARE_EMAIL = "matt@nelim.rg";
+        ACME_AGREE = "true";
+      };
+    };
+  };
+}
diff --git a/devices/servivi/modules/arion/lineageos/manifests/manifests.xml b/devices/servivi/modules/arion/lineageos/manifests/manifests.xml
new file mode 100644
index 00000000..9bf67d86
--- /dev/null
+++ b/devices/servivi/modules/arion/lineageos/manifests/manifests.xml
@@ -0,0 +1,10 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<manifest>
+    <remote  name="gitea" fetch="https://git.nelim.org/" />
+
+    <project name="matt1432/android_vendor_customs"                 path="vendor/alternatives" remote="gitea"  revision="master" />
+
+    <project name="lineageos4microg/android_vendor_partner_gms"     path="vendor/partner_gms"  remote="github" revision="master" />
+    <project name="matt1432/android_vendor_mulchwebview"            path="vendor/mulch"        remote="gitea"  revision="main" />
+    <project name="jgudec/android_vendor_lawnchair"                 path="vendor/lawnchair"    remote="github" revision="13" />
+</manifest>
diff --git a/devices/servivi/modules/arion/lineageos/manifests/roomservice.xml b/devices/servivi/modules/arion/lineageos/manifests/roomservice.xml
new file mode 100644
index 00000000..c13ef8f9
--- /dev/null
+++ b/devices/servivi/modules/arion/lineageos/manifests/roomservice.xml
@@ -0,0 +1,10 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<manifest>
+    <project name="TheMuppets/proprietary_vendor_oneplus_lemonadep"     path="vendor/oneplus/lemonadep"     remote="github" revision="lineage-20" />
+    <project name="TheMuppets/proprietary_vendor_oneplus_sm8350-common" path="vendor/oneplus/sm8350-common" remote="github" revision="lineage-20" />
+
+    <project name="LineageOS/android_device_oneplus_lemonadep"          path="device/oneplus/lemonadep"     remote="github" revision="lineage-20" />
+    <project name="LineageOS/android_hardware_oplus"                    path="hardware/oplus"               remote="github" revision="lineage-20" />
+    <project name="LineageOS/android_kernel_oneplus_sm8350"             path="kernel/oneplus/sm8350"        remote="github" revision="lineage-20" />
+    <project name="LineageOS/android_device_oneplus_sm8350-common"      path="device/oneplus/sm8350-common" remote="github" revision="lineage-20" />
+</manifest>
diff --git a/devices/servivi/modules/arion/lineageos/scripts/before.sh b/devices/servivi/modules/arion/lineageos/scripts/before.sh
new file mode 100755
index 00000000..f60ced3a
--- /dev/null
+++ b/devices/servivi/modules/arion/lineageos/scripts/before.sh
@@ -0,0 +1,20 @@
+#!/usr/bin/env bash
+
+## See here for AndroidAuto: https://github.com/sn-00-x/aa4mg
+
+## add MulchWebView
+sed -i "1s;^;\$(call inherit-product-if-exists, vendor/mulch/mulch.mk)\n\n;" "/srv/src/LINEAGE_20_0/vendor/lineage/config/common.mk"
+
+## add lawnchair overlay to build
+sed -i "1s;^;\$(call inherit-product-if-exists, vendor/lawnchair/lawnchair.mk)\n\n;" "/srv/src/LINEAGE_20_0/vendor/lineage/config/common.mk"
+
+## remove Trebuchet
+sed -i 's/overrides.*/overrides: ["Home", "Launcher2", "Launcher3", "Launcher3QuickStep", "ParanoidQuickStep", "PixelLauncher", "TrebuchetQuickStep", "TrebuchetOverlay"],/' "/srv/src/LINEAGE_20_0/vendor/lawnchair/Android.bp"
+
+## only add needed packages from microg
+echo "PRODUCT_PACKAGES += \\
+    GmsCore \\
+    GsfProxy \\
+    FakeStore \\
+    IchnaeaNlpBackend \\
+    NominatimGeocoderBackend" > "/srv/src/LINEAGE_20_0/vendor/partner_gms/products/gms.mk"
diff --git a/flake.lock b/flake.lock
index f868ad9d..5b552f55 100644
--- a/flake.lock
+++ b/flake.lock
@@ -1309,11 +1309,11 @@
         "sops-nix": "sops-nix"
       },
       "locked": {
-        "lastModified": 1704488095,
-        "narHash": "sha256-cqTF87sIquVLzqpqLJecu79zn58ry6LMCuejabJBa9E=",
+        "lastModified": 1704489655,
+        "narHash": "sha256-IdSc549wIwVKOk8QNn5F0JFyIT0Pe45zd6jC9kOWN7g=",
         "ref": "refs/heads/main",
-        "rev": "02fbf45653e900850446457cd091d700b79ef5ec",
-        "revCount": 21,
+        "rev": "a01a3508a5de7c50a226b3d028d74973b46649d6",
+        "revCount": 22,
         "type": "git",
         "url": "ssh://git@git.nelim.org/matt1432/nixos-secrets"
       },