# vim:set ft=sh:

# Distfiles mirror:
# https://archive.org/download/gentoo-bootstrap-2025.8/distfiles.tar/

# Changelog:
# - 2025.8:
#   - Set up a proper gentoo install using prefix, by building a bunch of tools
#     in a temporary prefix, and then cross-compiling a final prefix.
#   - Use crossdev to build the final system.
#   - Both of these changes make the instructions significantly more
#     future-proof, although there's still a lot of bugs to fix upstream, and
#     ways to lessen the amount of compilation needed.
# - 2025:
#   - Upstreamed portage patch
#   - Cross-compile all packages in packages.build for the profile
#     (this simplifies the steps afterwards significantly)
#   - Pin to GCC 13 (gcc 14 isn't working...)
#   - Future proofing by ignoring HTTPs certificates
#     (portage verifies the checksums anyway)
#   - Avoid using wget (need to set FETCHCOMMAND anyway...)
#   - Future proofing by not hardcoding a python version
# - 2024.8:
#   - Rewrite bootstrap to avoid using LFS
#   - Pin the repository version
# - 2024:
#   - Initial version

# Overview of bootstrap:
# step 0: Build live-bootstrap as a starting point
# step 1: Install a temporary copy of portage to /tmp/portage
# step 2: Setup a prefix-guest using the live-bootstrap toolchain, build a few additional tools
# step 3: Set up a target prefix, build glibc, and a cross compiler targetting it
# step 4: Build portage and necessary utilities for the target prefix
# step 5: Switch to it and emerge the rest of @world
# step 6: Install crossdev and build the final system

# Build live-bootstrap
git clone https://github.com/fosslinux/live-bootstrap
git -C live-bootstrap checkout 63b24502c7e5bad7db5ee1d2005db4cc5905ab74
git -C live-bootstrap submodule update --init --recursive --depth=1 --progress
cd live-bootstrap
python3 -m venv env
env/bin/pip install -U --no-binary :all: pip
env/bin/pip install -v --no-binary :all: requests
./download-distfiles.sh
#sudo -s  # if not root already
umask 022
env/bin/python ./rootfs.py -c --external-sources --cores $(nproc) -m ''
umount target/dev/shm  # double mounted?
umount target/dev/shm target/sys target/proc target/tmp

# Optional: Back up the system
rm -r target/dev/*  # allow extracting as non-root
env -i chroot target tar --exclude='/external' --sort=name -cf /target.tar /
env -i chroot target bzip2 -9v /target.tar
mv target/external/repo .
mv target/target.tar.bz2 .
rm -rf target/external

# Optional: Keep distfiles in one place
mkdir -p target/var/cache/distfiles
mount --bind distfiles target/var/cache/distfiles

# Chroot into the live-bootstrap system
cd target
mount -t proc proc proc
mount -t sysfs sysfs sys
mount -t devtmpfs devtmpfs dev
mount -t devpts devpts dev/pts
env -i TERM="$TERM" chroot . /bin/bash -l

umask 022
source /steps/env
cd /tmp

# Optional: Configure additional mirrors for missing/removed distfiles
# This is a space-separated list of URLs, but full paths to local directories
#   can be added as well.
export GENTOO_MIRRORS="/mirror http://distfiles.gentoo.org"

mkdir -p /var/cache/distfiles; cd /var/cache/distfiles
curl -LO http://gitweb.gentoo.org/proj/portage.git/snapshot/portage-3.0.68.tar.bz2
curl -LO http://distfiles.gentoo.org/snapshots/squashfs/gentoo-20250801.xz.sqfs
curl -LO https://github.com/plougher/squashfs-tools/archive/refs/tags/4.7.2/squashfs-tools-4.7.2.tar.gz
cd /tmp
# TODO: gentoo currently uses squashfs-tools-4.7, but that fails to build, upgraded to 4.7.2

# Build squashfs-tools to extract the ::gentoo tree
# TODO: Include in live-bootstrap proper
tar xf /var/cache/distfiles/squashfs-tools-4.7.2.tar.gz
cd squashfs-tools-4.7.2
make -C squashfs-tools install \
    INSTALL_PREFIX=/usr \
    LZO_SUPPORT=0 LZ4_SUPPORT=0 ZSTD_SUPPORT=0
cd ..
rm -rf squashfs-tools-4.7.2

# Make some additional root modifications
cp /usr/include/asm-generic/mman.h /usr/include/asm  # needed by dev-libs/openssl

# Unpack the ::gentoo tree
unsquashfs /var/cache/distfiles/gentoo-20250801.xz.sqfs
mkdir -p /var/db/repos
rm -rf /var/db/repos/gentoo
mv squashfs-root /var/db/repos/gentoo

# Install temporary copy of portage
tar xf /var/cache/distfiles/portage-3.0.68.tar.bz2
ln -sfT portage-3.0.68 portage

# Add portage user/group
echo 'portage:x:250:250:portage:/var/tmp/portage:/bin/false' >> /etc/passwd
echo 'portage::250:portage' >> /etc/group

# Create cross repository
mkdir -p /var/db/repos/cross/profiles
echo cross > /var/db/repos/cross/profiles/repo_name
mkdir -p /var/db/repos/cross/metadata
printf '%s\n' 'masters = gentoo' 'thin-manifests = true' \
    > /var/db/repos/cross/metadata/layout.conf
mkdir -p /var/db/repos/cross/cross-base
ln -sfT /var/db/repos/gentoo/sys-devel/binutils /var/db/repos/cross/cross-base/binutils
ln -sfT /var/db/repos/gentoo/sys-devel/gcc /var/db/repos/cross/cross-base/gcc
mkdir -p /var/db/repos/cross/cross-base/glibc
printf '%s\n' EAPI=8 SLOT=0 KEYWORDS='"*"' > /var/db/repos/cross/cross-base/glibc/glibc-0.ebuild

# Register i686-cross-linux-gnu toolchain
echo cross-i686-cross-linux-gnu >> /var/db/repos/cross/profiles/categories
ln -sfT cross-base /var/db/repos/cross/cross-i686-cross-linux-gnu

# Configure prefix for host tools
mkdir -p /cross/etc/portage/make.profile
cat > /cross/etc/portage/make.profile/make.defaults << 'EOF'
FETCHCOMMAND="curl -k --retry 3 -y 60 --ftp-pasv -o \"\${DISTDIR}/\${FILE}\" -L \"\${URI}\""
RESUMECOMMAND="curl -C - -k --retry 3 -y 60 --ftp-pasv -o \"\${DISTDIR}/\${FILE}\" -L \"\${URI}\""
FEATURES="-news -sandbox -usersandbox -pid-sandbox -ipc-sandbox -network-sandbox -parallel-fetch"
BINPKG_COMPRESS=bzip2
CLEAN_DELAY=0

ARCH=x86
ACCEPT_KEYWORDS="$ARCH"
CHOST=i686-unknown-linux-musl
IUSE_IMPLICIT="prefix prefix-guest kernel_linux elibc_musl elibc_glibc sparc m68k alpha amd64 x86"
USE="prefix prefix-guest kernel_linux elibc_musl x86 python_targets_python3_13"

C_INCLUDE_PATH="$EROOT/usr/include"
CPLUS_INCLUDE_PATH="$EROOT/usr/include"
LIBRARY_PATH="$EROOT/usr/lib"
PKG_CONFIG_PATH="$EROOT/usr/lib/pkgconfig:$EROOT/usr/share/pkgconfig"
LDFLAGS="-Wl,--disable-new-dtags,-rpath,$EPREFIX/usr/lib"
EOF
cat > /cross/etc/portage/repos.conf << 'EOF'
[cross]
location = /var/db/repos/cross
EOF
cat > /cross/etc/portage/package.use << 'EOF'
dev-lang/perl minimal
dev-libs/libxml2 -python
sys-apps/file -seccomp
sys-apps/util-linux -su
cross-i686-cross-linux-gnu/gcc -sanitize -fortran openmp
EOF
cat > /cross/etc/portage/package.mask << 'EOF'
sys-devel/binutils
sys-devel/gcc
EOF
cat > /cross/etc/portage/make.profile/package.provided << 'EOF'
sys-devel/binutils-2.27
sys-devel/gcc-6.2
app-arch/xz-utils-0
EOF
mkdir -p /cross/etc/portage/env/cross-i686-cross-linux-gnu
cat > /cross/etc/portage/env/cross-i686-cross-linux-gnu/gcc << '_EOF'
EXTRA_ECONF='--with-sysroot=/gentoo'
post_src_install() {
cat > "$ED/usr/lib/gcc/$CTARGET/specs" << 'EOF'
*link:
+ %{!shared:%{!static:%{!static-pie:-dynamic-linker %{m64|mx32:;:/gentoo/lib/ld-linux.so.2}%{m64:/gentoo/lib64/ld-linux-x86-64.so.2}%{mx32:/gentoo/libx32/ld-linux-x32.so.2}}}}
EOF
}
_EOF
mkdir -p /cross/etc/portage/env/dev-lang
cat > /cross/etc/portage/env/dev-lang/python << 'EOF'
pre_src_prepare() {
sed -i 's/\[MULTIARCH=\$(.*\]/[MULTIARCH=]/' configure.ac || die
}
EOF
mkdir -p /cross/etc/portage/env/dev-build
echo 'CFLAGS=-std=c17' > /cross/etc/portage/env/dev-build/make

# TODO: Upgrade to findutils 4.9 for portage, and add pax-utils for "scanelf". Both of these are required by portage's `estrip`

# Initialize environment
PORTAGE_OVERRIDE_EPREFIX=/cross ./portage/bin/emerge -D1n sys-apps/baselayout
echo 'PATH=/usr/bin' > /cross/etc/env.d/99host
PORTAGE_OVERRIDE_EPREFIX=/cross ./portage/bin/env-update
mkdir -p /cross/bin
ln -sf /bin/sh /cross/bin  # Required by sys-devel/gcc
ln -sf /bin/bash /cross/bin  # Required by eautoreconf

# Build tools missing from/broken in live-bootstrap
# TODO: Include in live-bootstrap proper
PORTAGE_OVERRIDE_EPREFIX=/cross MAKEOPTS=-j1 ./portage/bin/emerge -D1n dev-build/make  # make in live-bootstrap has trouble with parallel builds under portage
PORTAGE_OVERRIDE_EPREFIX=/cross ./portage/bin/emerge -D1n net-misc/rsync  # https://bugs.gentoo.org/963902

# Configure target prefix
mkdir -p /gentoo/etc/portage
ln -sfT /var/db/repos/gentoo/profiles/default/linux/x86/23.0/i686/prefix/kernel-3.2+ /gentoo/etc/portage/make.profile
cat > /gentoo/etc/portage/make.conf << 'EOF'
FETCHCOMMAND="curl -k --retry 3 -y 60 --ftp-pasv -o \"\${DISTDIR}/\${FILE}\" -L \"\${URI}\""
RESUMECOMMAND="curl -C - -k --retry 3 -y 60 --ftp-pasv -o \"\${DISTDIR}/\${FILE}\" -L \"\${URI}\""
FEATURES="-news -sandbox -usersandbox -pid-sandbox -ipc-sandbox -network-sandbox -parallel-fetch"
BINPKG_COMPRESS=bzip2
CLEAN_DELAY=0

PORTDIR=/var/db/repos/gentoo
DISTDIR=/var/cache/distfiles
PORTAGE_TMPDIR=/var/tmp

CHOST=i686-cross-linux-gnu
ACCEPT_KEYWORDS="-~$ARCH"
USE=-nls
INSTALL_MASK=/etc/env.d/99host
EOF
mkdir -p /gentoo/etc/portage/profile
cat > /gentoo/etc/portage/profile/package.use << 'EOF'
sys-devel/gcc -sanitize -fortran
app-arch/gzip pic
EOF
cat > /gentoo/etc/portage/profile/package.accept_keywords << 'EOF'
~net-misc/curl-8.15.0  # Fix bug that prevents --ftp-pasv from working
EOF
cat > /gentoo/etc/portage/bashrc << 'EOF'
if [ "$CBUILD" = i686-unknown-linux-musl ]; then
export BUILD_CFLAGS="-I$BROOT/usr/include"
export BUILD_LDFLAGS="-L$BROOT/usr/lib -Wl,--disable-new-dtags,-rpath,$BROOT/usr/lib"
export PKG_CONFIG_LIBDIR="$EROOT/usr/lib/pkgconfig:$EROOT/usr/share/pkgconfig"
export PKG_CONFIG_SYSTEM_INCLUDE_PATH="$EROOT/usr/include"
export PKG_CONFIG_SYSTEM_LIBRARY_PATH="$EROOT/lib:$EROOT/usr/lib"
export CONFIG_SITE="$EROOT/etc/portage/config.site"
fi
EOF
cat > /gentoo/etc/portage/config.site << 'EOF'
ac_cv_file__dev_ptmx=yes  # dev-lang/python
ac_cv_file__dev_ptc=no  # dev-lang/python
gl_cv_func_strcasecmp_works=yes  # sys-apps/diffutils
EOF
mkdir -p /gentoo/etc/portage/env/dev-lang
cat > /gentoo/etc/portage/env/dev-lang/python << '_EOF'
if [ "$CBUILD" = i686-unknown-linux-musl ]; then
pre_src_prepare() {
sed -i 's/\[MULTIARCH=\$(.*\]/[MULTIARCH=]/' configure.ac || die
}
fi
_EOF

# Initialize prefix
PORTAGE_OVERRIDE_EPREFIX=/gentoo USE=build ./portage/bin/emerge -D1n sys-apps/baselayout
echo 'man:x:13:15:System user; man:/dev/null:/sbin/nologin' >> /gentoo/etc/passwd
echo 'man:x:15:' >> /gentoo/etc/group
# TODO: The acct-user and acct-group should create the groups honestly

# Build libc and adapt compiler for target prefix
# Usually, CC and CXX should be the CHOST compilers, to cross compile. However, they're compatible enough here.
# Using --nodeps because the live-bootstrap environment is guaranteed to provide enough to build glibc
PORTAGE_OVERRIDE_EPREFIX=/cross PORTAGE_CONFIGROOT=/gentoo EPREFIX=/gentoo CBUILD=i686-unknown-linux-musl CC=i686-unknown-linux-musl-gcc CXX=i686-unknown-linux-musl-g++ BOOTSTRAP_RAP=y ./portage/bin/emerge -O1n sys-kernel/linux-headers
PORTAGE_OVERRIDE_EPREFIX=/cross PORTAGE_CONFIGROOT=/gentoo EPREFIX=/gentoo CBUILD=i686-unknown-linux-musl CC=i686-unknown-linux-musl-gcc CXX=i686-unknown-linux-musl-g++ BOOTSTRAP_RAP=y ./portage/bin/emerge -O1n sys-libs/glibc
PORTAGE_OVERRIDE_EPREFIX=/cross ./portage/bin/emerge -D1n cross-i686-cross-linux-gnu/glibc  # Dummy package to use proper flags in gcc
PORTAGE_OVERRIDE_EPREFIX=/cross ./portage/bin/emerge -D1n cross-i686-cross-linux-gnu/binutils  # TODO: cross-gcc doesn't depend on the right binutils
PORTAGE_OVERRIDE_EPREFIX=/cross ./portage/bin/emerge -D1n cross-i686-cross-linux-gnu/gcc

# Build compiler and initial tools for prefix
PORTAGE_OVERRIDE_EPREFIX=/cross ./portage/bin/emerge -D1n sys-libs/ncurses  # https://bugs.gentoo.org/963660
PORTAGE_OVERRIDE_EPREFIX=/cross ./portage/bin/emerge -D1n dev-lang/python  # TODO: dev-util/re2c requires dev-lang/python
PORTAGE_OVERRIDE_EPREFIX=/cross PORTAGE_CONFIGROOT=/gentoo EPREFIX=/gentoo CBUILD=i686-unknown-linux-musl USE=build ./portage/bin/emerge -D1n \
    app-alternatives/awk \
    app-alternatives/gzip \
    app-shells/bash \
    dev-build/make \
    sys-apps/coreutils \
    sys-apps/diffutils \
    sys-apps/grep \
    sys-apps/portage \
    sys-apps/sed \
    sys-devel/binutils \
    sys-devel/gcc \
    sys-devel/patch

# Finalize prefix
/gentoo/usr/bin/emerge -DUu @world
/gentoo/usr/bin/emerge -c

# Optional: Back up
tar --sort=name -cf /gentoo.tar /gentoo
bzip2 -9v /gentoo.tar

# Create a cross compiler
/gentoo/usr/bin/emerge -Dn sys-devel/crossdev app-eselect/eselect-repository sys-apps/shadow
( . /gentoo/etc/profile; eselect repository create crossdev )
mkdir -p /gentoo/etc/portage/profile/package.use.mask
printf 'cross-x86_64-pc-linux-gnu/%s -multilib cet\n' linux-headers glibc binutils gcc gdb > /gentoo/etc/portage/profile/package.use.mask/cross-x86_64-pc-linux-gnu.multilib
( . /gentoo/etc/profile; crossdev -A 'amd64 x86' -S -P -v x86_64-pc-linux-gnu )

# Configure new system
( . /gentoo/etc/profile; PORTAGE_CONFIGROOT=/gentoo/usr/x86_64-pc-linux-gnu eselect profile set --force default/linux/amd64/23.0 )
( m=/gentoo/usr/x86_64-pc-linux-gnu/etc/portage/make.conf; \
    test -f "$m" && mv "$m" "$m.tmp" && mkdir "$m" && mv "$m.tmp" "$m/0100_crossdev.conf" )
cat > /gentoo/usr/x86_64-pc-linux-gnu/etc/portage/make.conf/1000_make.conf << 'EOF'
FEATURES="$FEATURES -news -sandbox -usersandbox -pid-sandbox -ipc-sandbox -network-sandbox -parallel-fetch"
PORTDIR=/var/db/repos/gentoo
DISTDIR=/var/cache/distfiles

ACCEPT_KEYWORDS="-~$ARCH"
CONFIG_SITE=/gentoo/usr/share/config.site  # Needed because --prefix for target != /gentoo/usr
EOF
cat > /gentoo/usr/x86_64-pc-linux-gnu/etc/portage/bashrc << 'EOF'
export SOURCE_DATE_EPOCH=315532800  # 1980-01-01, because 0 is too old for zip files (e.g. python wheels)
EOF
mkdir -p /gentoo/usr/x86_64-pc-linux-gnu/etc/portage/env/dev-libs
cat > /gentoo/usr/x86_64-pc-linux-gnu/etc/portage/env/dev-libs/libassuan << 'EOF'
# https://bugs.gentoo.org/962780
export GPGRT_CONFIG="$ESYSROOT/usr/bin/$CHOST-gpgrt-config"
EOF
cat > /gentoo/usr/x86_64-pc-linux-gnu/etc/portage/env/dev-libs/libgcrypt << 'EOF'
# https://bugs.gentoo.org/963810
export GPGRT_CONFIG="$ESYSROOT/usr/bin/$CHOST-gpgrt-config"
EOF
cat > /gentoo/usr/x86_64-pc-linux-gnu/etc/portage/env/dev-libs/libksba << 'EOF'
# https://bugs.gentoo.org/963811
export GPGRT_CONFIG="$ESYSROOT/usr/bin/$CHOST-gpgrt-config"
EOF

# Work around an ebuild bug
ln -s /gentoo/lib/ld-linux.so.2 /lib  # https://bugs.gentoo.org/962756

# Cross compile the new system
( . /gentoo/etc/profile; USE=build x86_64-pc-linux-gnu-emerge -D1n sys-apps/baselayout )
( . /gentoo/etc/profile; x86_64-pc-linux-gnu-emerge -DUu @world )

# Create final rootfs
( . /gentoo/etc/profile; ROOT=/target USE=build x86_64-pc-linux-gnu-emerge -KDU1n sys-apps/baselayout )
( . /gentoo/etc/profile; ROOT=/target x86_64-pc-linux-gnu-emerge -KDUu @world )

# Set up final system
mkdir -p /target/etc/portage
ln -sfT ../../var/db/repos/gentoo/profiles/default/linux/amd64/23.0 /target/etc/portage/make.profile
echo 'nameserver 1.1.1.1' > /target/etc/resolv.conf
echo 'C.UTF8 UTF-8' > /target/etc/locale.gen

# This is the point where you have to move from the x86 system to an x86_64 system.
# Make sure that you are running a x86_64 kernel before chrooting, or booting it.
exit
umount dev/pts dev sys proc
umount var/cache/distfiles

# Optional: Back up the system
env -i chroot target tar --sort=name -cf /target-gentoo.tar /
env -i chroot target bzip2 -9v /target-gentoo.tar
mv target/target-gentoo.tar.bz2 ..

# Copy ::gentoo repo and distfiles
mkdir -p target/var/db/repos
rsync -a var/db/repos/gentoo/ target/var/db/repos/gentoo
rsync -a var/cache/distfiles/ target/var/cache/distfiles

# Enter the final, x86_64 system
cd target
mount -t proc proc proc
mount -t sysfs sysfs sys
mount -t devtmpfs devtmpfs dev
mount -t devpts devpts dev/pts
env -i TERM="$TERM" chroot . /bin/bash -l

umask 022

# Initialize system and break dependency cycles
ldconfig
USE='-nls' emerge -1n sys-devel/gettext

# Rebuild everything
emerge -e @world