#!/bin/bash
# Wrapper around /opt/bin/sbosrcarch to keep a log of the session, and email it.

# Configuration.
COMMAND="/opt/bin/sbosrcarch"
DEPOSITORY="/data/depository/sbosrcarch"
SBOSRCARCH_USER='SLACKWAREUKINT\sbosrcarch'
DEPOSITORY_GROUP='SLACKWAREUKINT\depository'
LOGSDIR="/var/log/duplication/sbosrcarch/$(printf "%(%Y/%m)T")"
LOGFILE="$(printf "%(%Y%m%d-%H%M%S)T")-$$"
# Where from/to to send emails.  Comment for no emailing.
EMAIL_FROM="\"Server: ${HOSTNAME%%.*}\" <noreply@slackware.uk.net>"
EMAIL_TO=("Systems' Administrator <sysadmin@slackware.uk>")
EMAIL_CC=("Urchlay <urchlay@slackware.uk>")

# Functions
notify() {
  [[ -n "$EMAIL_FROM" ]] && (( "${#EMAIL_TO[@]}" != 0 )) && {
    printf "%s: %s\\n%s: %s\\n%s:\\n%s\\n" "Exit code" "$ERR" "Logfile" "$LOGSDIR/$LOGFILE.xz" "Output" "$(cat "$LOGSDIR/$LOGFILE" | sed -re 's/^/  /g')" | mail -r "$EMAIL_FROM" -s "SboSrcArch $1" "$(for i in $(seq -s ' ' 0 $(( ${#EMAIL_CC[@]} -1 ))); do echo ${EMAIL_CC[$i]:+-c "${EMAIL_CC[$i]}"}; done)" "${EMAIL_TO[@]}" >/dev/null 2>&1 || {
      printf "%s: %s\\n" "${0##*/}" "mail command failed" >&2
      return 1
    }
  }

  return 0
}

# Logs are only for root.
umask 027

# Only run for the configured sbosrcarch user.
[[ "$(whoami)" != "$SBOSRCARCH_USER" ]] && {
  printf "%s: %s\\n" "${0##*/}" "must be run by the '$SBOSRCARCH_USER' user" >&2
  printf "%s: %s: %s\\n" "${0##*/}" "to run manually:" "su '$SBOSRCARCH_USER' $0 $@" >&2
  exit 1
}

# Make sure the logs directory exists.
# shellcheck disable=SC2174
mkdir -p -m 750 "$LOGSDIR" 2>/dev/null || {
  printf "%s: %s\\n" "${0##*/}" "Failed to create logs directory '$LOGSDIR'" >&2
  exit 1
}

# Make sure the command to do the work is runnable.
[[ ! -x "$COMMAND" ]] && {
  printf "%s: %s\\n" "${0##*/}" "'$COMMAND' is not executable" >&2
  exit 1
}

# Only allow one copy of the script to run at any time.
# shellcheck disable=SC2154
if [[ "$FLOCK" != "$0" ]]; then
  # shellcheck disable=SC2093
  exec env FLOCK="$0" flock -E 10 -e -n "$0" "$0" "$@"
  ERR="$?"
  if (( ERR == 10 )); then
    # File is locked, exit now.
    exit 0
  elif (( ERR > 0 )); then
    printf "%s: %s\\n" "${0##*/}" "flock execution error" >&2
    exit 1
  fi
fi

# Drop the caches as sometimes old user/groups are cached.
sudo /opt/sbin/drop-caches

# Make sure there's no errant ownerships.
printf "%s: %s\\n" "INFO" "Scanning sbosrcarch directory for correct ownerships/permissions" | tee "$LOGSDIR/$LOGFILE"
WRONG="$(find "$DEPOSITORY/" \( \
    \( -type b -o -type c -o -type p -o -type s \) -o \
    \( -type l -a \! -perm 777 \) -o \
    \( -type d -a \! -perm 755 -a \! -perm 2755 \) -o \
    \( -type f -a \! -perm 644 -a \! -perm  755 \) -o \
    \( \! -user "$SBOSRCARCH_USER" \) -o \
    \( \! -group "$DEPOSITORY_GROUP" \) \
    \) -a -printf "%u:%g\t%M\t%p\n")"
if [[ -n "$WRONG" ]]; then
  printf "%s: %s\\n" "ERROR" "This run has been aborted!" | tee -a "$LOGSDIR/$LOGFILE"
  printf "%s: %s\\n" "WARNING" "The following paths have erronious ownerships/permissions:" | tee -a "$LOGSDIR/$LOGFILE"
  printf "%s\\n" "$WRONG" | sed -re 's/^/  /g' | tee -a "$LOGSDIR/$LOGFILE"
  ERR=-1
else
  printf "%s: %s\\n" "INFO" "No ownership/permission issues found" | tee -a "$LOGSDIR/$LOGFILE"
  # Do the sbosrcarch work.
  umask 022
  printf "%s: %s: %s\\n" "INFO" "Beginning sbosrcarch run" "sg \"$DEPOSITORY_GROUP\" -c \"$COMMAND ${1:-update}\"" | tee -a "$LOGSDIR/$LOGFILE"
  TMP_OUTPUT="$(sg "$DEPOSITORY_GROUP" -c "$COMMAND ${1:-update} 2>&1")"
  ERR="$?"
  sg "$DEPOSITORY_GROUP" -c "$COMMAND status 2>&1" | tee -a "$LOGSDIR/$LOGFILE"
  printf "\\n%s\\n" "$TMP_OUTPUT" | tee -a "$LOGSDIR/$LOGFILE"
  (( ERR += $? ))
fi

# Tell the sysadmin what went on.
if (( "$ERR" == 0 )); then
  # Send a report.
  notify "report"
  ERR="$?"
else
  # sbosrcarch failed, tell the admin.
  notify "failure" || [[ -x /opt/bin/pushover-client ]] && /opt/bin/pushover-client "mirroring" -p -1 -s "SBoSrcArch failure" -m "Check log in email"
  ERR="1"
fi

# Compress the log to save some space.
xz -9 "$LOGSDIR/$LOGFILE" 2>/dev/null || printf "%s: %s\\n" "${0##*/}" "failed to compress '$LOGSDIR/$LOGFILE'" >&2

exit "$ERR"
