#!/bin/sh

# Exit immediately if a command exits with a non-zero status
set -e

# Summary of the script's functionality
summary="The dracut module of zlevis"

# Display summary if requested
if [ "$1" = "--summary" ]; then
    echo "$summary"
    exit 0
fi

# Load the ZFS kernel module
modprobe zfs 2>/dev/null
udevadm settle

# Search for encrypted pool's by means of the cmdline root atribute
local _root_vol="${root}"
local _root_pool="${_root_vol%%/*}"

# Import the root pool
zpool import -N -d /dev $_root_pool

# If the pool is encrypted run `zlevis decrypt` to obtain the key stored in the TPM and load the key
if [ $(zpool list -H -o feature@encryption $_root_pool) = "active" ]; then
	local _encryption_root=$(zfs get -H -o value encryptionroot $_root_vol)
	if [ "$_encryption_root" != "-" ]; then
		zlevis decrypt $_root_pool | zfs load-key -L prompt "$_root_pool" || echo "Failed to unlock $_root_pool with TPM"
	fi
fi

# Exit with the status of the last command
exit $?