# This constructs a minimal initramfs userspace containing `signify`,
# `lvm`, `dmsetup`, `cryptsetup`, and `kexec`.
{ lib
, nixpkgsOnBuildForHost
, kernel
, bootScript ? ../boot.sh   # symlinked to /init if non-null

, withBusybox ? true
, withSignify ? true
# Inclusion of these is temporarily disabled.  I had a bunch of
# ugly space-saving hacks that were removed during the pre-release
# cleanup, and it turns out that without those hacks there isn't enough
# space for the large userspace tools.  Once I clean up and
# reinstate those hacks I will reenable this.
, withLvm ? false
, withCryptsetup ? false
, withKexec ? false
}:

let
  inherit (nixpkgsOnBuildForHost.pkgsStatic) stdenv busybox signify lvm2 cryptsetup kexec-tools findutils cpio;

in stdenv.mkDerivation {
  name = "ownerboot-initramfs-userspace";
  dontUnpack = true;
  dontFixup = true;

  installPhase = ''
    runHook preInstall
    mkdir -p $out/usr
    ln -s bin $out/sbin
    ln -s ../bin $out/usr/bin
    ln -s ../sbin $out/usr/sbin
  '' + lib.optionalString (bootScript != null) ''
    cp    ${bootScript} $out/boot.sh
    chmod +x $out/boot.sh
    ln -s boot.sh $out/init
    chmod +x $out/sbin/init
  '' + lib.optionalString withBusybox ''
    cp -r ${busybox}/bin              $out/bin
    chmod -R u+w $out/bin
  '' + lib.optionalString withSignify ''
    cp    ${signify}/bin/signify      $out/bin/
  '' + lib.optionalString withLvm ''
    cp ${lib.getBin lvm2}/bin/lvm $out/bin/
    cp ${lib.getBin lvm2}/bin/dmsetup $out/bin/
  '' + lib.optionalString withCryptsetup ''
    cp ${cryptsetup}/bin/cryptsetup $out/bin/
  '' + lib.optionalString withKexec ''
    cp ${kexec-tools}/bin/kexec $out/bin/
  '' + ''
    runHook postInstall
  '';
}