#!/bin/sh
#----------------------------------------------------------------------------
# /var/install/bin/rsyslogd-tools-dbtool - rsyslogd database tool
#
# Creation:     2016-03-03 ap
# Last Update:  $Id$
#
# Copyright (c) 2016-2022 Ansgar Puester, ansgar.puester(at)freenet(dot)de
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2 of the License, or
# (at your option) any later version.
#
# rsyslogd tool to handle databases
#
# Arguments:
#   task    createdb             create MySQL Syslog DB
#           dropdb               drop MySQL Syslog DB
#           adduser_rw           add read/write user
#           adduser_r            add read only user
#           dbpurge              purge table SystemEvents
#           dbpurge_exp          purge table SystemEvents RSYSLOGD_DBPURGE_EXPERT
#           addon_LogAnalyzer    alter database for LogAnalyzer
# Returns:
#   None
#
#----------------------------------------------------------------------------

#include eislib
. /var/install/include/eislib

#include rsyslogdlib
. /var/install/include/rsyslogdlib

ASK=/var/install/bin/ask
CAT=/bin/cat
RM=/bin/rm
MKTEMP=/bin/mktemp

rsyslogdfile=/etc/config.d/rsyslogd
# read configuration
. ${rsyslogdfile}

syslogdb="${RSYSLOGD_MYSQL_DB_NAME}"

# rsyslogd working directory
rsyslog_workdirectory=/usr/lib/rsyslog/workdir

# directory for rsyslogd logrotate skripts
rsyslog_skripts="${rsyslog_workdirectory}/rsyslog_skripts"

# ---------------------------------------------------------------------------
# check existence
#   return
#    1        database exists
#    0        database does not exist
# ---------------------------------------------------------------------------
check_existence_ischema()
{
   db_exists=$( \
   ${mysql_basedir}/mysql \
     --socket=${mysql_socket} \
     --skip-column-names \
     --batch \
     -e "use mysql;SELECT count(*) FROM INFORMATION_SCHEMA.SCHEMATA WHERE SCHEMA_NAME = '${syslogdb}';" \
   )
   return "${db_exists}"
}

# ---------------------------------------------------------------------------
# check existence
#   return
#    1        database exists
#    0        database does not exist
# ---------------------------------------------------------------------------
check_existence()
{
   db_name=$( \
   ${mysql_basedir}/mysql \
     --socket=${mysql_socket} \
     --batch \
     --skip-column-names \
     -e "SHOW DATABASES LIKE '"${syslogdb}"';")
   [ -n "${db_name}" ] && db_exists=1 || db_exists=0
   return "${db_exists}"
}


# ---------------------------------------------------------------------------
# check status and access of MariaDB/MySQL Database
# ---------------------------------------------------------------------------
check_status()
{
    if [ ! -f ${mysql_pid_file} ]; then
        echo
        mecho --error "MariaDB/MySQL Server is not running."
        echo
        return 1
    fi

    ${mysql_basedir}/mysqladmin --socket=${mysql_socket} status >/dev/null 2>&1
    if [ "${?}" -ne 0 ]; then
        echo
        mecho -n --error 'MariaDB/MySQL Server'
        mecho -n --std   " 'root' "
        mecho --error    'password is required.'
        mecho --info     'Please set the root password.'
        echo
        return 1
    fi
    return 0
}

# ---------------------------------------------------------------------------
# drop rsyslogd db
# ---------------------------------------------------------------------------
drop_db()
{

   # check if database exists
   check_existence
   RC=$?
   if [ "${RC}" = 0 ]; then
      mecho --error "Database ${syslogdb} does not exists."
      mecho --error "Can not drop database."
      mecho
   else
      _ask_file=$(${MKTEMP} -t ${pgmname}-ask.XXXXXXXXXXXXX)
      ${ASK} "Do you really want to drop database ${syslogdb}?" 'n' >${_ask_file}
      rc=${?}
      answer=$(${CAT} ${_ask_file})
      ${RM} -f ${_ask_file}

      # check for (n)o
      if [ "${answer}" = 'no' ]; then
         exit 0
      fi

      ${mysql_basedir}/mysql \
        --socket=${mysql_socket} \
        --skip-column-names \
        --batch \
        -e "use mysql;DROP DATABASE ${syslogdb};"
      RC=$?
      if [ "${RC}" = 0 ]; then
         mecho --info "Database ${syslogdb} dropped"
      else
         mecho --error "Error dropping database ${syslogdb} RC=${RC}"
      fi
   fi

   anykey
  
}

# ---------------------------------------------------------------------------
# alter database for LogAnalyzer
# ---------------------------------------------------------------------------
addon_LogAnalyzer()
{

   # check if database exists
   check_existence
   RC=$?
   if [ "${RC}" = 0 ]; then
      mecho --error "Database ${syslogdb} does not exists."
      mecho --error "Can not alter database."
      mecho
   else
      _ask_file=$(${MKTEMP} -t ${pgmname}-ask.XXXXXXXXXXXXX)
      ${ASK} "Do you really want to alter database ${syslogdb}?" 'n' >${_ask_file}
      rc=${?}
      answer=$(${CAT} ${_ask_file})
      ${RM} -f ${_ask_file}

      # check for (n)o
      if [ "${answer}" = 'no' ]; then
         exit 0
      fi

      ${mysql_basedir}/mysql --socket=${mysql_socket} \
       -e "USE ${syslogdb}; source /usr/lib/rsyslog/alterDB_addon_LogAnalyzer.sql;"
      RC=$?

      if [ "${RC}" = 0 ]; then
         mecho --info "Database ${syslogdb} altered."
      else
         mecho --error "Error trying to alter database ${syslogdb} RC=${RC}"
      fi
   fi

   anykey

}


# ---------------------------------------------------------------------------
# create rsyslogd db
# ---------------------------------------------------------------------------
create_db()
{

   # check if database exists
   check_existence
   RC=$?
   if [ "${RC}" = 1 ]; then
      mecho --error "Database ${syslogdb} already exists."
      mecho --error "Can not create database."
      mecho         "If you want to recreate database ${syslogdb} drop the database first."
      mecho
   else
      ${mysql_basedir}/mysql --socket=${mysql_socket} \
       -e "CREATE DATABASE ${syslogdb}; USE ${syslogdb}; source /usr/lib/rsyslog/createDB.sql;"
      RC=$?

      if [ "${RC}" = 0 ]; then
         # additional modifications
         ${mysql_basedir}/mysql --socket=${mysql_socket} \
          -e "USE ${syslogdb}; source /usr/lib/rsyslog/alterDB_add_ProcessID.sql;"
         RC=$?
      fi

      if [ "${RC}" = 0 ]; then
         mecho --info "Database ${syslogdb} created"
      else
         mecho --error "Error creating database ${syslogdb} RC=${RC}"
      fi
   fi

   anykey
}

# ---------------------------------------------------------------------------
# add user
# ---------------------------------------------------------------------------
add_user()
{
    # get option for rights
    rights=${1}

    # check if database exists
    check_existence
    RC=$?
    if [ "${RC}" = 0 ]; then
       mecho --error "Database ${syslogdb} does not exists."
       mecho --error "Can not grant rights."
       mecho
    else
       if [ "$rights" = 'rw' ]; then
          mecho --info "Granted full rights on ${syslogdb} to a user"
          grant_right='ALL'
       else
          mecho --info "Granted read rights on ${syslogdb} to a user"
          grant_right='SELECT'
       fi

       # granting rights on MySQL Syslog DB
       _ask_file=$(${MKTEMP} -t ${pgmname}-ask.XXXXXXXXXXXXX)
       ${ASK} "Enter username to access ${syslogdb} database or (q)uit:" "" "+" >${_ask_file}
       rc=${?}
       user=$(${CAT} ${_ask_file})
       ${RM} -f ${_ask_file}

       # check for (q)uit
       if [ "${user}" = 'q' ]; then
          exit 0
       fi

       # if ask break, ask returned 255
       if [ ${rc} = 255 ]; then
           exit 127
       fi
       echo
       _ask_file=$(${MKTEMP} -t ${pgmname}-ask.XXXXXXXXXXXXX)
       ${ASK} "Enter password for user ${user} or (q)uit:" "" "+hidden+" >${_ask_file}
       rc=${?}
       password=$(${CAT} ${_ask_file})
       ${RM} -f ${_ask_file}

       # check for (q)uit
       if [ "${password}" = 'q' ]; then
          # mecho because of "+hidden+"
          mecho
          exit 0
       fi

       # if ask break, ask returned 255
       if [ ${rc} = 255 ]; then
           exit 127
       fi
       echo

       mecho --info "Granting rights on ${syslogdb} to user ${user} ..."
#       ${mysql_basedir}/mysql --socket=${mysql_socket} \
#        -e "use mysql;grant ${grant_right} ON ${syslogdb}.* to ${user}@localhost identified by '${password}'; flush privileges;"
        ${mysql_basedir}/mysql --socket=${mysql_socket} \
         --batch \
         <<EOFG
use mysql;
grant ${grant_right} ON ${syslogdb}.* to ${user}@localhost identified by '${password}';
flush privileges;
EOFG
       RC=$?

       if [ "${RC}" = 0 ]; then
          mecho --info "Granted rights on ${syslogdb} to user ${user}"
       else
          mecho --error "Error granting rights RC=${RC}"
       fi
   fi

   anykey
}

# ---------------------------------------------------------------------------
# purge table SystemEvents
# ---------------------------------------------------------------------------
purge_db()
{
   # source /etc/config.d/rsyslogd
   . /etc/config.d/rsyslogd

   act_status=$(${mysql_basedir}/mysql \
     --socket=${mysql_socket} \
     --skip-column-names \
     --batch \
     <<EOFG
use ${syslogdb}; \
select 'total', count(*) from SystemEvents \
 union \
select 'old', count(*) Old from SystemEvents WHERE ReceivedAt < date_add(current_date, interval -${RSYSLOGD_DBPURGE_KEEP_DAYS} day);
EOFG
)
   act_count=$(echo "$act_status" | grep 'total')
   act_purge=$(echo "$act_status" | grep 'old')
   act_count=$(echo "$act_count" | cut -f2)
   act_purge=$(echo "$act_purge" | cut -f2)
   logger -t 'logger' -i -p syslog.info "rsyslogd: table SystemEvents total $act_count rows / $act_purge will be deleted"
   if [ "${act_purge}" = 0 ]; then
      true
   else
      act_msg=$(${mysql_basedir}/mysql \
        --socket=${mysql_socket} \
        --skip-column-names \
        --batch \
        <<EOFG
use ${syslogdb}; \
DELETE FROM SystemEvents WHERE ReceivedAt < date_add(current_date, interval -${RSYSLOGD_DBPURGE_KEEP_DAYS} day);
EOFG
)
   fi

}

# ---------------------------------------------------------------------------
# purge table SystemEvents RSYSLOGD_DBPURGE_EXPERT
# ---------------------------------------------------------------------------
purge_db_exp()
{

   act_status=$(${mysql_basedir}/mysql \
      --socket=${mysql_socket} \
      --skip-column-names \
      -e "USE ${syslogdb}; source ${rsyslog_skripts}/select_exp${task_index}.sql;"
)
   #echo "$act_status"
   act_count=$(echo "$act_status" | grep 'total')
   act_purge=$(echo "$act_status" | grep 'old')
   act_count=$(echo "$act_count" | cut -f2)
   act_purge=$(echo "$act_purge" | cut -f2)
   logger -p syslog.info "rsyslogd: table SystemEvents (expert ${task_index}) total $act_count rows / $act_purge will be deleted"
   if [ "${act_purge}" = 0 ]; then
      true
   else
      act_msg=$(${mysql_basedir}/mysql \
         --socket=${mysql_socket} \
         --skip-column-names \
         -e "USE ${syslogdb}; source ${rsyslog_skripts}/delete_exp${task_index}.sql;"
)
   #echo "$act_msg"
   fi

}

# ---------------------------------------------------------------------------
# main
# ---------------------------------------------------------------------------
main()
{
    pgmname=`basename $0`

    # get actual task
    act_task=${1}

    if [ "${act_task}" != 'dbpurge' -a "${act_task}" != 'dbpurge_exp' ]; then
       clrhome
       mecho
       mecho
    fi

    case "${act_task}" in
      createdb)
         true
         ;;
      dropdb)
         true
         ;;
      adduser_rw|adduser_r)
         true
         ;;
      dbpurge)
         true
         ;;
      dbpurge_exp)
         true
         task_index=${2}
         if [ "$task_index" = '' ]
         then
            mecho --error "Error $0 missing second parameter (${act_task})"
            exit 1
         fi
         ;;
      addon_LogAnalyzer)
         true
         ;;
      *)
         mecho --error "Error $0 none or wrong parameter (${act_task})"
         exit 1
         ;;
    esac

    if [ "$RSYSLOGD_MYSQL_DB_USE" = 'no' ]; then
        mecho --error "RSYSLOGD_MYSQL_DB_USE was set to 'no', no action possible."
        anykey
        exit 1
    fi

    check_required_package "${RSYSLOGD_MYSQL_DB_PACKAGE}"
    RC=$?
    if [ "$RC" = 1 ];then
       anykey
       exit 1
    fi
    get_defaults "${RSYSLOGD_MYSQL_DB_PACKAGE}"
    RC=$?
    if [ "$RC" = 1 ];then
       anykey
       exit 1
    fi

    if [ ${RSYSLOGD_MYSQL_DB_PACKAGE} = 'Remote' ]; then
       mecho --error "Error illegal action for remote database."
       mecho --error "      You have to work directly on the remote server!"
       anykey
       exit 1
    fi

    check_status || exit 1

    # create db
    [ ${act_task} = 'createdb' ] && create_db
    # drop db
    [ ${act_task} = 'dropdb' ] && drop_db
    # add user with full access
    [ ${act_task} = 'adduser_rw' ] && add_user rw
    # add user with read access
    [ ${act_task} = 'adduser_r' ] && add_user r
    # purge table SystemEvents
    [ ${act_task} = 'dbpurge' ] && purge_db
    # purge table SystemEvents RSYSLOGD_DBPURGE_EXPERT
    [ ${act_task} = 'dbpurge_exp' ] && purge_db_exp
    # alter database for LogAnalyzer
    [ ${act_task} = 'addon_LogAnalyzer' ] && addon_LogAnalyzer

    exit 0
}


# ---------------------------------------------------------------------------
# call function main
# ---------------------------------------------------------------------------
main "${@}"

# ---------------------------------------------------------------------------
# end
# ---------------------------------------------------------------------------