#!/bin/bash

######################################################################################
#### Version 2.2                                                                  ####
#### For questions or comments contact@mylinux.work                               ####
#### Author : Phil Connor                                                         ####
####                                                                              ####
#### Notes :                                                                      ####
####   This script is a simple "helper" to install and configure Maria,           ####
####   PowerDNS and PowerAdmin on RedHat Based servers.                           ####
####   There is no silver bullet. Don't expect the perfect setup,                 ####
####   review comments and adapt the parameters to your application usage.        ####
####                                                                              ####
####   Use this script at your OWN risk. There is no guarantee whatsoever.        ####
####                                                                              ####
####   Usage chmod 755 then ./PdnsInstall.sh or bash PdnsInstall.sh               ####
######################################################################################

############################
#### User Configurables ####
############################
# HTTP=apache
NAGAD=nagiosadmin
NAGADPASS=MyPaSsWoRd
# SAEMAIL=

##########################
#### System Variables ####
##########################
# IPADD=$(ifconfig | grep -Eo 'inet (addr:)?([0-9]*\.){3}[0-9]*' | grep -Eo '([0-9]*\.){3}[0-9]*' | grep -v '127.0.0.1')
if [ "$(command -v lsb_release)" ]; then
    OS=$(lsb_release -i | awk '{print $3}' | tr '[:upper:]' '[:lower:]')
    OSVER=$(lsb_release -r | awk '{print $2}' | awk -F. '{print $1}')
else 
    OS=$(grep PRETTY_NAME /etc/os-release | sed 's/PRETTY_NAME=//g' | tr -d '="' | awk '{print $1}' | tr '[:upper:]' '[:lower:]')
    OSVER=$(grep VERSION_ID /etc/os-release | sed 's/VERSION_ID=//g' | tr -d '="' | awk -F. '{print $1}')
fi

###########################################################
#### Detect Package Manger from OS and OSVer Variables ####
###########################################################
if [[ ${OS} = alma || ${OS} = amazon || ${OS} = centos || ${OS} = red || ${OS} = rocky || ${OS} = oracle ]]; then
	if [ "${OSVER}" = 7 ]; then
		PAKMGR="yum -y"
	else
		PAKMGR="dnf -y"
	fi
elif [ "${OS}" = ubuntu ]; then
	PAKMGR="apt -y"
fi

###########################
#### Install Net-Utils ####
###########################
if [ ! "$(command -v ifconfig)" ]; then
    if [ "${OS}" = ubuntu ]; then
        ${PAKMGR} update
        ${PAKMGR} install net-utils
    else
        ${PAKMGR} install net-tools
    fi
fi

########################
#### Nagios Install ####
########################
function nagios_install() {
	{
        if [ "${OS}" = ubuntu ]; then
            htpath=/etc/apache2/conf-enabled/nagios4-cgi.conf
        else 
            htpath=/etc/apache2/conf.d/nagios.conf
        fi
        #if [ "${OS}" = ubuntu ]; then
        ${PAKMGR} update
        DEBIAN_FRONTEND=noninteractive ${PAKMGR} install nagios4 nagios-nrpe-server nagios-plugins nagios-plugins-contrib expect libcgi-pm-perl librrds-perl libgd-gd2-perl
        a2enmod authz_groupfile auth_digest 
        # ${PAKMGR} install autoconf gcc libc6 make wget unzip apache2 php libapache2-mod-php libgd-dev libssl-dev expect
        sed -i 's/Require ip ::1\/128 fc00::\/7 fe80::\/10 10\.0\.0\.0\/8 127\.0\.0\.0\/8 169\.254\.0\.0\/16 172\.16\.0\.0\/12 192\.168\.0\.0\/16/# Require ip ::1\/128 fc00::\/7 fe80::\/10 10\.0\.0\.0\/8 127\.0\.0\.0\/8 169\.254\.0\.0\/16 172\.16\.0\.0\/12 192\.168\.0\.0\/16/g' $htpath
        #sed -i 's/<Files "cmd.cgi">/#<Files "cmd.cgi">/g' $htpath
        sed -i 's/Require all/#Require all/g' $htpath
        #sed -i 's/<//Files>/#<//Files>/g' $htpath
        sed -i 's/#Require /Require /g' $htpath
        expect -f - <<-EOF
            set timeout 5
            spawn htdigest -c /etc/nagios4/htdigest.users Nagios4 $NAGAD
            expect "New password:"
            send -- "$NAGADPASS\r"
            expect "Re-type new password:"
            send -- "$NAGADPASS\r"
            expect eof
EOF
        systemctl enable --now nagios
        systemctl status nagios
        if [ "${OS}" = ubuntu ]; then
            systemctl enable apache2
            systemctl restart apache2
        else
            systemctl enable httpd
            systemctl restart httpd
        fi
    
    }
}

nagios_install


# else
#    install perl-rrdtool perl-GD
# fi       

function nagiosgraph install() { 
    {
        cd /tmp | exit 1
        tar xzvf nagiosgraph-x.y.z.tgz

        mkdir /etc/nagiosgraph
        cp etc/* /etc/nagiosgraph

#  - Edit the perl scripts in the cgi and lib directories, modifying the
#    "use lib" line to point to the directory from the previous step.
#      vi cgi/*.cgi lib/insert.pl

#  - Copy insert.pl to a location from which it can be executed:
#      cp lib/insert.pl /usr/local/nagios/libexec
#    or for Homebrew:
#      cp lib/insert.pl /usr/local/opt/nagios/bin

#  - Copy CGI scripts to a script directory served by the web server:
#      cp cgi/*.cgi /usr/local/nagios/sbin
#    or for Homebrew:
#      cp cgi/*.cgi /usr/local/opt/nagios/cgi-bin

#  - Copy CSS and JavaScript files to a directory served by the web server:
#      cp share/nagiosgraph.css /usr/local/nagios/share
#      cp share/nagiosgraph.js /usr/local/nagios/share
#    or for Homebrew:
#      cp share/nagiosgraph.css /usr/local/opt/nagios/share/nagios/htdocs
#      cp share/nagiosgraph.js /usr/local/opt/nagios/share/nagios/htdocs

#  - Edit /etc/nagiosgraph/nagiosgraph.conf.  Set at least the following:
#      logfile           = /var/log/nagiosgraph.log
#      cgilogfile        = /var/log/nagiosgraph-cgi.log
#      perflog           = /var/nagios/perfdata.log
#      rrddir            = /var/nagios/rrd
#      mapfile           = /etc/nagiosgraph/map
#      nagiosgraphcgiurl = /nagios/cgi-bin
#      javascript        = /nagios/nagiosgraph.js
#      stylesheet        = /nagios/nagiosgraph.css

#  - Set permissions of "rrddir" (as defined in nagiosgraph.conf) so that
#    the *nagios* user can write to it and the *www* user can read it:
#      mkdir /var/nagios/rrd
#      chown nagios /var/nagios/rrd
#      chmod 755 /var/nagios/rrd

#  - Set permissions of "logfile" so that the *nagios* user can write to it:
#      touch /var/log/nagiosgraph.log
#      chown nagios /var/log/nagiosgraph.log
#      chmod 644 /var/log/nagiosgraph.log

#  - Set permissions of "cgilogfile" so that the *www* user can write to it:
#      touch /var/log/nagiosgraph-cgi.log
#      chown www /var/log/nagiosgraph-cgi.log
#      chmod 644 /var/log/nagiosgraph-cgi.log

#  - Ensure that the *nagios* user can create and delete perfdata files:
#      chown nagios /var/nagios
#      chmod 755 /var/nagios

#  - In the Nagios configuration file (nagios.cfg) add this:

#      process_performance_data=1
#      service_perfdata_file=/var/nagios/perfdata.log
#      service_perfdata_file_template=$LASTSERVICECHECK$||$HOSTNAME$||$SERVICEDESC$||$SERVICEOUTPUT$||$SERVICEPERFDATA$
#      service_perfdata_file_mode=a
#      service_perfdata_file_processing_interval=30
#      service_perfdata_file_processing_command=process-service-perfdata

#  - In the Nagios commands file (commands.cfg) add this:

#      define command {
#        command_name  process-service-perfdata
#        command_line  /usr/local/nagios/libexec/insert.pl
#      }

#  - Check the nagios configuration

#      /usr/local/nagios/bin/nagios -v /usr/local/nagios/etc/nagios.cfg

#  - Restart nagios

#      /etc/init.d/nagios restart

#  - Verify that nagiosgraph is working by running showconfig.cgi

#      http://server/nagios/cgi-bin/showconfig.cgi

#  - Try graphing some data by running show.cgi

#      http://server/nagios/cgi-bin/show.cgi

#  - In the Nagios configuration, add a template for graphed services:

#      define service {
#        name graphed-service
#        action_url /nagiosgraph/cgi-bin/show.cgi?host=$HOSTNAME$&service=$SERVICEDESC$' onMouseOver='showGraphPopup(this)' onMouseOut='hideGraphPopup()' rel='/nagiosgraph/cgi-bin/showgraph.cgi?host=$HOSTNAME$&service=$SERVICEDESC$&period=week&rrdopts=-w+450+-j
#        register 0
#      }

#  - Enable graph links for services by appending the graphed-service to existing
#    service definitions in the Nagios configuration:

#      define service {
#        use local-service,graphed-service
#        ...
#      }

#  - Replace the Nagios action icon with the nagiosgraph graph icon:
#      mv /usr/local/nagios/share/images/action.gif /usr/local/nagios/share/images/action.gif-orig
#      cp share/graph.gif /usr/local/nagios/share/images/action.gif

#  - In the nagiosgraph SSI file, set the URL for nagiosgraph.js:
#      vi share/nagiosgraph.ssi
#      src="/nagiosgraph/nagiosgraph.js"   ->    src="/nagios/nagiosgraph.js"

#  - Install the nagiosgraph SSI file:
#      cp share/nagiosgraph.ssi /usr/local/nagios/share/ssi/common-header.ssi

#  - Add links to graphs in the Nagios sidebar (side.php or side.html):

# <ul>
# <li><a href="/nagios/cgi-bin/show.cgi" target="main">Graphs</a></li>
# <li><a href="/nagios/cgi-bin/showhost.cgi" target="main">Graphs by Host</a></li>
# <li><a href="/nagios/cgi-bin/showservice.cgi" target="main">Graphs by Service</a></li>
# <li><a href="/nagios/cgi-bin/showgroup.cgi" target="main">Graphs by Group</a></li>
# </ul>

#  - Check the nagios configuration

        /usr/local/nagios/bin/nagios -v /usr/local/nagios/etc/nagios.cfg

        systemctl restart nagios
    }
}


#
#             OUTFILE1="$nagdir/nrpe_rule.te"
#             # TITLE="nrpe_rule" 
#             define NRPE_RULE << 'EOF'
#             module nrpe_rule 1.0;
            
#             require {
#                     type nrpe_t;
#                     type proc_net_t;
#                     class file { open read };
#                     class file { ioctl open read getattr };
#             }
            
#             #=================== nrpe_t =========================
#             allow nrpe_t proc_net_t:file open;
#             allow nrpe_t proc_net_t:file read;
#             allow nrpe_t proc_net_t:file { getattr ioctl };
# EOF
#             {
#             printf "%s\n" "$NRPE_RULE" | cut -c 3-
#             } > "$OUTFILE1"
#             checkmodule -M -m -o $nagdir/nrpe_rule.mod $nagdir/nrpe_rule.te
#             semodule_package -o $nagdir/nrpe_rule.pp -m $nagdir/nrpe_rule.mod
#             semodule -i $nagdir/nrpe_rule.pp
#             semanage permissive -a nrpe_t
#             ${PAKMGR} install nrpe nrpe-selinux nagios-plugins nagios-plugins-all nagios-plugins-uptime nagios-plugins-oracle nagios-plugins-check-updates
        
        
#         sed -i "/^allowed_hosts/c\allowed_hosts=127.0.0.1,::1,$IPADD" $nrpecfg
#         sed -i "/^#command\[check_load\]/c\command[check_uptime]=$nagdir/check_uptime" $nrpecfg
#         sed -i "/^command\[check_load\]/c\command\[check_load\]=$nagdir/check_load -r -w 6,4,2 -c 12,10,7" $nrpecfg
#         sed -i "/^command\[check_hda1\]/c\command[check_hda1]=$nagdir/check_disk -w 15% -c 10% -p /dev/sda3" $nrpecfg
#         sed -i "/^command\[check_zombie_procs\]/c\# command[check_zombie_procs]=$nagdir/check_procs -w 5 -c 10 -s Z" $nrpecfg
#         sed -i "/^command\[check_total_procs\]/c\command[check_total_procs]=$nagdir/check_procs -w 250 -c 300 -s RSZDT" $nrpecfg
#         sed -i "/^#command\[check_users\]/c\command[check_net]=$nagdir/check_net" $nrpecfg
#         sed -i "/^#command\[check_swap\]/c\command[check_swap]=$nagdir/check_swap -w 20% -c 10%" $nrpecfg
#         sed -i "/^#command\[check_mem\]/c\command[check_mem]=$nagdir/check_mem" $nrpecfg
#         if [ "${OS}" = ubuntu ]; then
#             sed -i "/^#command\[check_apt\]/c\command[check_apt]=$nagdir/check_apt/" $nrpecfg
#         else
#             sed -i "/^#command\[check_yum\]/c\command[check_yum]=$nagdir/check_updates" $nrpecfg
#         fi
#         sed -i "/^#command\[check_all_procs\]/c\command[check_logic]=$nagdir/check_http -p 7011" $nrpecfg
#         sed -i "/^#command\[check_procs\]/c\command[check_oracle]=$nagdir/check_http -p 8010" $nrpecfg
#         sed -i "/^#command\[check_disk\]/c\command[check_ping]=$nagdir/check_ping 127.0.0.1 -w 100.0,20% -c 500.0,60%" $nrpecfg
#         sed -i "/^#command\[check_cpu_stats\]/c\command[check_ssh]=$nagdir/check_ssh" $nrpecfg

#     } 
# }

######################
#### HTTP Install ####
######################
# function install_http() {
#     {
#         if [ "${OS}" = ubuntu ]; then
#             if [ $HTTP = apache ]; then
#                 echo "Apache"
#             else
#                 echo "Nginx"
#             fi
#             echo "something"
#         else
#             if [ $HTTP = apache ]; then
#                 echo "Apache"
#             else
#                 echo "Nginx"
#             fi
#         fi
#     }
# }

nagios_install
# install_http


# # SAMPLE CONFIG SNIPPETS FOR APACHE WEB SERVER
# #
# # This file contains examples of entries that need
# # to be incorporated into your Apache web server
# # configuration file.  Customize the paths, etc. as
# # needed to fit your system.

# ScriptAlias /nagios/cgi-bin "/usr/local/nagios/sbin"

# <Directory "/usr/local/nagios/sbin">
# #  SSLRequireSSL
#    Options ExecCGI
#    AllowOverride None
#    <IfVersion >= 2.3>
#       <RequireAll>
#          Require all granted
# #        Require host 127.0.0.1

#          AuthName "Nagios Access"
#          AuthType Basic
#          AuthUserFile /usr/local/nagios/etc/htpasswd.users
#          Require valid-user
#       </RequireAll>
#    </IfVersion>
#    <IfVersion < 2.3>
#       Order allow,deny
#       Allow from all
# #     Order deny,allow
# #     Deny from all
# #     Allow from 127.0.0.1

#       AuthName "Nagios Access"
#       AuthType Basic
#       AuthUserFile /usr/local/nagios/etc/htpasswd.users
#       Require valid-user
#    </IfVersion>
# </Directory>

# Alias /nagios "/usr/local/nagios/share"

# <Directory "/usr/local/nagios/share">
# #  SSLRequireSSL
#    Options None
#    AllowOverride None
#    <IfVersion >= 2.3>
#       <RequireAll>
#          Require all granted
# #        Require host 127.0.0.1

#          AuthName "Nagios Access"
#          AuthType Basic
#          AuthUserFile /usr/local/nagios/etc/htpasswd.users
#          Require valid-user
#       </RequireAll>
#    </IfVersion>
#    <IfVersion < 2.3>
#       Order allow,deny
#       Allow from all
# #     Order deny,allow
# #     Deny from all
# #     Allow from 127.0.0.1

#       AuthName "Nagios Access"
#       AuthType Basic
#       AuthUserFile /usr/local/nagios/etc/htpasswd.users
#       Require valid-user
#    </IfVersion>
# </Directory>
# wget https://assets.nagios.com/downloads/nagioscore/releases/nagios-4.4.7.tar.gz
#         tar xzf nagios-4.4.7.tar.gz
#         cd nagios-4.4.7 || exit
#         if [ "${OS}" = ubuntu ]; then
#             ./configure --with-httpd-conf=/etc/apache2/sites-enabled
#         else
#             ./configure --with-httpd-conf=/etc/httpd/conf.d
#         fi
#         make all
#         make install-groups-users
#         if [ "${OS}" = ubuntu ]; then
#             usermod -aG nagios www-data
#         else
#             usermod -aG nagios apache
#         fi
#         make install
#         make install-init
#         make install-daemoninit
#         make install-commandmode
#         make install-config
#         make install-webconf
#         if [ "${OS}" = ubuntu ]; then
#             a2enmod rewrite cgi
#         fi

# fi
#         if [ ! "$(command -v wget)" ]; then
#             ${PAKMGR} install wget
#         fi
#    ndir1=/usr/lib/nagios/plugins
#         ndir2=/usr/lib64/nagios/plugins
#         #nrpecfg=/etc/nagios/nrpe.cfg
#    if [ -d $ndir1 ]; then
#             nagdir=$ndir1
#         elif [ -d $ndir2 ]; then 
#             nagdir=$ndir2
#         fi
#         define () {
#             IFS=$'\n' read -r -d '' "$1"
#         }