#!/bin/bash

############################################
# Script eole-common
############################################

action=$1

. /usr/lib/eole/ihm.sh

#test si le réseau est configuré sinon renvoie une erreur (#1100)
adresse_ip_eth0=`CreoleGet adresse_ip_eth0`
if [ "$adresse_ip_eth0" = "" ]; then
        EchoRouge "Impossible de déterminer l'adresse réseau \"adresse_ip_eth0\"."
        EchoRouge "Redemarrage du reseau"
        /etc/init.d/networking restart
        EchoRouge "#######################################################################"
        EchoRouge "# Veuillez relancer $action"
        EchoRouge "#######################################################################"
        exit 1
fi

#pour rsyslog
[[ ! -d /var/log/rsyslog ]] && mkdir -p /var/log/rsyslog
chown -R syslog:adm /var/log/rsyslog

#pour l'envoi des logs (#11404)
if [ "$(CreoleGet activer_envoi_logs non)" = oui ];then
    if [ ! -d "/var/log/rsyslog/queues" ];then
        mkdir -p /var/log/rsyslog/queues
        chown syslog:adm /var/log/rsyslog/queues
    fi
fi

#pour les logs de certains outils
mkdir -p /var/log/eole

#pour logrotate
LOG_BASE=/var/log/rsyslog
LOG_TYPES="local remote"
LOGROTATE_CONF_D=/etc/logrotate.d
LOGROTATED_DIRS=''

# Clean generated files
for log_type in ${LOG_TYPES}
do
	[ -e ${LOGROTATE_CONF_D}/generated_${log_type}_rules ] \
	    && rm -f ${LOGROTATE_CONF_D}/generated_${log_type}_rules
done

# Get all directories referenced in logrotate configuration
# Create them if they don't exists
for log_file in $(sed -ne '/^\/.*\.log/ s,{,,p' ${LOGROTATE_CONF_D}/* 2> /dev/null); do
	log_dir=$(dirname ${log_file})
	LOGROTATED_DIRS="${LOGROTATED_DIRS:+${LOGROTATED_DIRS}$'\n'}${log_dir}"
	if [ ! -d "${log_dir}" ]
	then
		mkdir -p "${log_dir}"
		chown syslog:adm "${log_dir}"
	fi
done

# Deduplicate directory list
LOGROTATED_DIRS=$(echo "$LOGROTATED_DIRS" | sort -u)

get_not_rotated_log_files() {
	local base_dir="${1}"
	local not_rotated=""
	[ -d "${base_dir}" ] || return
	for log_file in $(find ${base_dir} -type f -name '*.log')
	do
		log_dir=$(dirname ${log_file})
		if [[ ! "$LOGROTATED_DIRS" =~ ${log_dir} ]]; then
			# Avoid newline when ${not_rotated} is empty
			not_rotated="${not_rotated:+${not_rotated}$'\n'}${log_file}"
		fi
	done
	echo -e "${not_rotated}"
}

gen_globs_from_files() {
	local levels='\(panic\|emerg\|crit\|err\|error\|alert\|warn\|warning\|info\|notice\|debug\)'
	echo "$@" | sed -e "s,\.${levels}\.,.\*.," | sort -u
}

generate_logrotate_rules() {
	local GLOBBING=$-
	set -f # Disable globbing
	local rules_file="${1}"
	shift # strip first parameter
	local globs="$@"
	# Avoid expanding globs
	for log_glob in ${globs}
	do
		[ -n "${log_glob}" ] || continue
		cat >> ${rules_file} <<EOF

$log_glob {
	missingok
	daily
	rotate 366
	compress
	sharedscripts
	postrotate
		reload rsyslog
	endscript
}
EOF
	done
	[[ "${GLOBBING}" =~ f ]] && set +f

}

for log_type in ${LOG_TYPES}
do
	rotate_conf_file=${LOGROTATE_CONF_D}/generated_${log_type}_rules
	log_dir=${LOG_BASE}/${log_type}

	[ -f "${rotate_conf_file}" ] && rm -f "${rotate_conf_file}"

	echo "# Rules automatically generated" >> ${rotate_conf_file}
	# Do not forget the double quoting or globs will be expanded
	FILES="$(get_not_rotated_log_files ${log_dir})"
	GLOBS="$(gen_globs_from_files "${FILES}")"
	generate_logrotate_rules ${rotate_conf_file} "${GLOBS}"
done

#commente HISTSIZE et HISTFILESIZE car ce sont des paramétrages en lecture seule
sed -i 's/^HISTSIZE/#HISTSIZE/g' /root/.bashrc
sed -i 's/^HISTFILESIZE/#HISTFILESIZE/g' /root/.bashrc

#suppression du log des appels xml-rpc de twisted (cf. #1454)
if [ -f /usr/share/pyshared/twisted/web/http.py ];then
    sed -i '/self.logFile.write(line)/d' /usr/share/pyshared/twisted/web/http.py
fi

#prend en compte le template 10-console-messages.conf
cat /etc/sysctl.d/10-console-messages.conf | sysctl -p - > /dev/null

#regénération des règles iptables
echo -n "Génération des règles de pare-feu"
. /usr/share/eole/firewall.start
if [ $? -ne 0 ]; then
    echo
    EchoRouge "Erreur à la génération des règles de pare-feu"
    rm -f /etc/eole/iptables
    rm -f /etc/eole/ipset
    exit 1
fi
echo
#on repasse en mode forteresse avant le démarrage du service
/etc/init.d/bastion stop > /dev/null

#notamment pour Era (#8106)
mkdir -p /root/.local/share
exit 0
