#! /bin/bash
# Run m2_gui_iptables scripts in order
# v 1.0

. /usr/src/m2/framework/bash_functions.sh

# ---- VARS -----

VERSION="1.1.0"
SCRIPT_NAME="Run M2 GUI iptables scripts"

k_config_details

TEST=0   # 1 - do not execute changes

# ---- FUNCTIONS -----

format_date()
{
    date "+%Y-%m-%d %H:%M:%S"
}

log_notice()
{
    echo "[$(format_date)] [NOTICE] $*"
}

heartbeat_confline_ip_active() {
    local heartbeat_ip_confline
    heartbeat_ip_confline=$(get_confline "Heartbeat_IP")
    if ((GUI_PRESENT == 1)); then
        if [[ -n $heartbeat_ip_confline && $heartbeat_ip_confline =~ ^[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+ ]]; then
            if /usr/sbin/ip -o -f inet addr show | grep -Eq "inet[[:space:]]${heartbeat_ip_confline}[[:space:]/]"; then
                log_notice "heartbeat ip from conflines ${heartbeat_ip_confline} matches system IPs"
                return 0
            else
                log_notice "heartbeat ip from conflines ${heartbeat_ip_confline} does NOT match system IPs"
                return 1
            fi
        fi

        return 0
    fi
}

pcsd_main() {
    if [[ $PCSD_ACTIVE == 1 && $PCSD_MAIN == 0 ]]; then
        log_notice "PCSD is active, but VIRTUAL_IP from system.conf does not match system IPs"
        return 1
    fi
    return 0
}
execute_gui_scripts() {
    if ! heartbeat_confline_ip_active || ! pcsd_main; then
       return 1
    else
       return 0
    fi
}

# ---- MAIN -----

if [[ $1 == check ]]; then
    if execute_gui_scripts; then
       report "$0 detected this system as MAIN, all m2 gui iptables scripts will run here" 3
    else
       report "$0 detected this system as BACKUP, only m2_block_ip will run here" 3
    fi
    exit 0
fi

sleep 15
k_start

if execute_gui_scripts; then
    log_notice "Running m2_gui_iptables scripts"
    echo "To check logs run: tail -f /var/log/m2/m2_unblock_ip.log /var/log/m2/m2_block_ip.log /var/log/m2/m2_get_blocked_ip.log"
    flock -w 0 /var/lock/m2_unblock_ip.lock /usr/local/m2/m2_unblock_ip.sh >> /var/log/m2/m2_unblock_ip.log 2>&1
    flock -w 0 /var/lock/m2_block_ip.lock /usr/local/m2/m2_block_ip.sh >> /var/log/m2/m2_block_ip.log 2>&1
    sleep 30
    flock -w 0 /var/lock/m2_get_blocked_ip.lock /usr/local/m2/m2_get_blocked_ip.sh >> /var/log/m2/m2_get_blocked_ip.log 2>&1
    log_notice "Finished running m2_gui_iptables scripts"
else
    log_notice "Backup server detected. Only m2_block_ip.sh will be executed"
    echo "To check logs run: tail -f /var/log/m2/m2_block_ip.log"
    flock -w 0 /var/lock/m2_block_ip.lock /usr/local/m2/m2_block_ip.sh >> /var/log/m2/m2_block_ip.log 2>&1
    log_notice "Finished running m2_gui_iptables scripts"
fi