#!/bin/bash
# Created 2015-10-24 by tuxedo
# inspired by http://blog.pi3g.com/2014/04/make-raspbian-system-read-only/

if [ $EUID -ne 0 ]; then
    echo "Please run as root"
       exit 1
fi
    

#echo -n "Disable swap ..."
#dphys-swapfile swapoff
#dphys-swapfile uninstall
#update-rc.d dphys-swapfile disable
#echo "*done*"
echo "Checking for FuseFS..."

dpkg-query -l unionfs-fuse
FUSEFS_INSTALLED=$?

if [ $FUSEFS_INSTALLED -eq 1 ]; then
    echo "FuseFS not installed. Installing ..."
    apt-get install unionfs-fuse
    echo "FuseFS has been installed."
else
    echo "FuseFS already installed. Skipping."
fi




echo -n "Creating UnioNFS mount script ..."
cat <<\EOF > /usr/local/bin/mount_unionfs
#!/bin/sh
DIR=$1
ROOT_MOUNT=$(awk '$2=="/" {print substr($4,1,2)}' < /etc/fstab)
if [ $ROOT_MOUNT = "rw" ]; then
  /bin/mount --bind ${DIR}_org ${DIR}
else
  /bin/mount -t tmpfs ramdisk ${DIR}_rw
  /usr/bin/unionfs-fuse -o cow,allow_other,suid,dev,nonempty ${DIR}_rw=RW:${DIR}_org=RO ${DIR}
fi
EOF
chmod +x /usr/local/bin/mount_unionfs
echo "*done*"




if grep -q "mount stuff read-only" "/etc/fstab"; then
    echo "fstab already contains read-only mounts. Skipping."
else
    NOW=$(date +"%Y-%m-%d")
    # make backup file
    cp /etc/fstab /etc/fstab_backup_readonlymount_$NOW
    echo -n "Updating fstab with read-only mounts..."
    cat <<EOF > /etc/fstab
# mount stuff read-only    
prov            /proc           proc    defaults          0       0
# mount as read only
/dev/mmcblk0p1  /boot           vfat    ro                0       2
/dev/mmcblk0p2  /               ext4    ro,noatime        0       1
# mount special folders to raw, using special mount_unionfs script
mount_unionfs   /etc            fuse    defaults          0       0
mount_unionfs   /var            fuse    defaults          0       0
none            /tmp            tmpfs   defaults          0       0

EOF
    echo "*done*"
fi




if [ ! -d "/etc_org" ]; then
    echo -n "Prepare directories ..."
    # backups where all the initial stuff is located (like configs in /etc)
    cp -al /etc /etc_org
    mv /var /var_org
    # read/write folders for ram disk
    mkdir /etc_rw
    mkdir /var /var_rw
    echo "*done*"
else
    echo "Directories already prepared. Skipping."
fi


echo -n "Clean up log folder"
cd /var_org/log
# empty files ending with "log"
for f in $(find . -name \*log); do > $f; done
# delete all log-archives
rm -f *.gz
echo "*done*"

echo ""
echo ""
echo "All done."
echo "Please reboot now. Type 'reboot' followed by [enter]-key."
echo ""

cp -al /opt /opt_org
mkdir /opt_rw

mount_unionfs   /opt            fuse    defaults          0       0