#!/bin/sh
#
# Copyright (C) 2005 Red Hat, Inc.
#
# This program is Free Software.  You may modify and/or redistribute it under
# the terms of the GNU General Public License version 2, or (at your option)
# any later version.
#
# description:  Starts and stops Red Hat Cluster and Storage Remote \
#               Configuration Web Interface (luci)
# chkconfig: - 99 01
#

# Source function library
. /etc/init.d/functions

# Grab the network config file
. /etc/sysconfig/network

# grab luci defaults
. /etc/sysconfig/luci

PATH=/sbin:/bin:/usr/sbin:/usr/bin
export PATH

ID="luci"
LUCID="/var/lib/luci/bin/runzope"
PIDFILE="/var/lib/luci/var/Z2.pid"
GLOB_PIDFILE="/var/run/luci.pid"
GLOB_LOCKFILE="/var/lock/subsys/luci"

LUCI_USER="luci"
LUCI_GROUP="luci"

LUCI_URL="https://`/bin/hostname`:$LUCI_HTTPS_PORT"

HTTPS_PUBKEY="/var/lib/luci/var/certs/https.pem"
HTTPS_PRIVKEY="/var/lib/luci/var/certs/https.key.pem"
STUNNEL_D="/usr/sbin/stunnel"
STUNNEL_PID="/var/lib/luci/var/stunnel/pid"
STUNNEL_CONF="/var/lib/luci/etc/stunnel.conf"

#
# Only root wants to run this...
#
[ `id -u` = 0 ] || exit 0

#
# If we're not configured, then don't start anything.
#
[ "${NETWORKING}" = "yes" ] || exit 0


https_certs_ok()
{
    if [ ! -e $HTTPS_PRIVKEY ] ; then
	return 1
    fi
    if [ ! -e $HTTPS_PUBKEY ] ; then
	return 2
    fi
    return 0
}

generate_https_certs()
{
    rm -f $HTTPS_PRIVKEY $HTTPS_PUBKEY
    echo -n "generating https SSL certificates...  "
    /usr/bin/openssl genrsa -out $HTTPS_PRIVKEY 2048 > /dev/null 2>&1
    /usr/bin/openssl req -new -x509 -key $HTTPS_PRIVKEY -out $HTTPS_PUBKEY -days 1825 -config /var/lib/luci/var/certs/cacert.config
    /bin/chown $LUCI_USER:$LUCI_GROUP $HTTPS_PRIVKEY $HTTPS_PUBKEY
    /bin/chmod 600 $HTTPS_PRIVKEY
    /bin/chmod 644 $HTTPS_PUBKEY
    echo "done"
    return $?
}

start()
{
    $LUCID >/dev/null 2>/dev/null &
    
    https_certs_ok
    if [ "1$?" != "10" ] ; then
	generate_https_certs
    fi
    sleep 4
    sed -e s,\\\(^accept.*=\ \\\)\\\(.*\\\),\\\1$LUCI_HTTPS_PORT, $STUNNEL_CONF | $STUNNEL_D -fd 0
    sleep 4
}

stop_luci()
{
    pid_num=`cat $PIDFILE`
    kill $pid_num
    sleep 2
}

stop_stunnel()
{
    pid_num=`cat $STUNNEL_PID`
    kill $pid_num
    sleep 2
}

stop()
{
    stop_luci
    stop_stunnel
}

system_running()
{
    # luci
    LUCI_UP=1
    if [ -e $PIDFILE ] ; then
	pid_num=`cat $PIDFILE`
	res=`ps -Af | grep python | grep $LUCI_USER | grep $pid_num`
	if [ "1$res" != "1" ] ; then
	    LUCI_UP=0
	fi
    fi
    
    # stunnel
    ST_UP=2
    if [ -e $STUNNEL_PID ] ; then
	pid_num=`cat $STUNNEL_PID`
	res=`ps -Af | grep stunnel | grep $LUCI_USER | grep $pid_num`
	if [ "1$res" != "1" ] ; then
	    ST_UP=0
	fi
    fi
    
    # resolve
    let res=$LUCI_UP+$ST_UP
    if [ "1$res" = "10" ] ; then
	return 0
    fi
    if [ "1$res" = "11" ] ; then
	# only stunnel running -> stop it
	stop_stunnel
    fi
    if [ "1$res" = "12" ] ; then
	# only luci running -> stop it
	stop_luci
    fi
    return 1
}



case $1 in
	start)
	        if ! /bin/grep True /var/lib/luci/.default_password_has_been_reset 2>&1 >/dev/null; then
		    echo ""
		    echo "luci's 'admin' password has to be changed before server is allowed to start"
		    echo "To do so, execute (as root): " 
		    echo -e "\tluci_admin password"
		    echo ""
		    /usr/bin/logger -t $ID "startup failed (password not reset): execute 'luci_admin password'"
		    exit 1
		fi
		
		echo -n "Starting $ID: "
		system_running
		rtrn=$?
		if [ "1$rtrn" != "10" ] ; then
		    start
		fi
		system_running
		rtrn=$?
		if [ "1$rtrn" = "10" ] ; then
		    echo_success
		    cat $PIDFILE > $GLOB_PIDFILE
		    touch $GLOB_LOCKFILE
		    /usr/bin/logger -t $ID "startup succeeded"
		    /usr/bin/logger -t $ID "Listening on port $LUCI_HTTPS_PORT; accessible using url $LUCI_URL"
		    echo; echo
		    echo "Please, point your web browser to $LUCI_URL to access luci"
		    echo
		else
		    echo_failure
		    /usr/bin/logger -t $ID "startup failed"
		    echo
		fi
		;;

        restart)
		$0 stop
		$0 start 
		rtrn=$?
		;;
        
        condrestart)
	        system_running
		rtrn=$?
		if [ "1$rtrn" = "10" ] ; then
		    $0 restart
		    rtrn=$?
		fi
		;;

	status)
	        system_running
		rtrn=$?
		if [ "1$rtrn" = "10" ] ; then
		    echo "$ID is running..."
		else
		    echo "$ID is stopped"
		fi
		;;

	stop)
		echo -n "Shutting down $ID: "
		system_running
		rtrn=$?
		if [ "1$rtrn" = "10" ] ; then
		    stop
		    /usr/bin/logger -t $ID "shutdown succeeded"
		fi
		echo_success
		rm -f $GLOB_PIDFILE
		rm -f $GLOB_LOCKFILE
		rtrn=0
		echo 
		;;

        reload)
               rtrn=0
	       ;;

	*)
		echo "Usage: $0 {start|stop|status|restart|condrestart|reload}"
		rtrn=1
		;;

esac

exit $rtrn
