#!/bin/bash

#$Id: knoerre-conf 691 2017-06-04 23:12:04Z fwbergm $

# knoerre-conf, configure knoerre http-server for nagios remote checks
# knoerre is part of nagios-fwb, http://www.tuxad.com

if [ -z "$DESTDIR" ]
then
  DESTDIR="/"
else
  [ "$DESTDIR" != "/" ] && echo "  knoerre-conf: WARNING, installing in $DESTDIR"
fi
[ -z "$KNOERREHOME" ] && KNOERREHOME=opt/ngtx/knoerre
SYSCONF_DIR=/etc

umask 022

mkdir -p $DESTDIR/$KNOERREHOME
/bin/rm -rf $DESTDIR/$KNOERREHOME/log

test -e $DESTDIR/$KNOERREHOME/run || {
mkdir -p $DESTDIR/$KNOERREHOME/supervise
chmod 700 $DESTDIR/$KNOERREHOME/supervise

cat >$DESTDIR/$KNOERREHOME/run <<EOF
#!/bin/sh
exec 2>&1
exec /command/tcpserver -c 80 -v -RHl localhost -x /etc/knoerre.tcprules.cdb -X 0 8888 /usr/bin/knoerre
EOF
chmod 744 $DESTDIR/$KNOERREHOME/run
}

test -e $DESTDIR/$SYSCONF_DIR/knoerrerc || {
cat >$DESTDIR/$SYSCONF_DIR/knoerrerc <<EOF
# resource config for knoerre nagios remote check webserver NON-MONOLITHIC VERSION
# this is just left as a example:
CMD loadavg cat /proc/loadavg
EOF
}
chmod 600 $DESTDIR/$SYSCONF_DIR/knoerrerc

grep -q "knoerre:" $DESTDIR/$SYSCONF_DIR/hosts.allow 2>/dev/null || {
echo Setting up $SYSCONF_DIR'/hosts.(deny|allow)'
echo 'knoerre: 192.168.0.90' >>$DESTDIR/$SYSCONF_DIR/hosts.allow
echo 'knoerre: ALL' >>$DESTDIR/$SYSCONF_DIR/hosts.deny
}

SERVICE=knoerre
DAEMONNAME=knoerre
RULES_FILE=$DESTDIR/$SYSCONF_DIR/"$DAEMONNAME".tcprules.cdb
PATH="/command:/sbin:/usr/sbin:/bin:/usr/bin:/usr/local/bin"
echo Setting up $RULES_FILE from $SYSCONF_DIR'/hosts.(deny|allow)'
{
  for IP in `egrep "^($SERVICE|ALL)": $DESTDIR/$SYSCONF_DIR/hosts.allow | sed "s,.*:,,"`
  do
    if [ "$IP" = "ALL" ];then echo :allow;else echo $IP:allow;fi
  done
  for IP in `egrep "^($SERVICE|ALL)" $DESTDIR/$SYSCONF_DIR/hosts.deny | sed "s,.*:,,"`
  do
    if [ "$IP" = "ALL" ];then echo :deny;else echo $IP:deny;fi
  done
} |tee /dev/stderr| tcprules $RULES_FILE "$RULES_FILE".tmp

exit 0
