#!/bin/bash

###############################################################################
##
##      Copyright (c) 2019 Avaya Inc All Rights Reserved
##      THIS IS UNPUBLISHED PROPRIETARY SOURCE CODE OF AVAYA INC
##
##      The copyright notice above does not evidence any
##      actual or intended publication of such source code.
##
###############################################################################
#
# This script/utility is used for configuring retention period for customizable list
# of logs that may contain customer-sensitive information.
#
#

[ $UID -eq 0 ] || exec sudo $0 "$@"
usage(){
	echo "usage : $(basename $0)  -l|-m |-s <no. of days> |-g |-h"
	echo "        -l Display list of logfiles for which log retention is enabled"
	echo "        -m Enable/disable logfiles for log retention"
	echo "        -s Set log retention duration(value in days)"
	echo "        -g Get the currently configured log retention duration"
	echo "        -h See usage"
}

if [ $# -eq 0 ]
then
	usage
	exit 1
fi

LOG_DIR='/var/log'
CONF_DIR='/etc/logrotate.d'
LIST='/opt/avaya/common_services/logretention_filelist'
LOGLIST=`sed -n '3,$ p' $LIST | cut -d'(' -f1`
ENABLED_LOGLIST=`sed -n '3,$ p' $LIST | grep ENABLED | cut -d'(' -f1`


enable(){
	LOGNAME=$1
	NEW_MAXAGE_TIME=$2
	EXISTING_VAL=`grep $LOGNAME $LIST | awk '{print $NF}'`
	CONF_FILE=`grep $LOGNAME $LIST | cut -d'(' -f2 | cut -d')' -f1`
	 sed -i "/$LOGNAME/     s/\(DEFAULT\)/ENABLED\t/" $LIST >/dev/null 2>&1
	if [ -n "$NEW_MAXAGE_TIME" ]
	then
		 sed -i "/$LOGNAME/     s/\($EXISTING_VAL\)/$2/" $LIST >/dev/null
		 sed -i "/$LOGNAME/ , /\}$/     s/\(maxage\).*$/\1 $2/" $CONF_DIR/$CONF_FILE >/dev/null
	else
		 sed -i "/$LOGNAME/ , /\}$/     s/\(maxage\).*$/\1 $EXISTING_VAL/" $CONF_DIR/$CONF_FILE >/dev/null
	fi
}

set_default(){
	LOGNAME=$1
	CONF_FILE=`grep $LOGNAME $LIST | cut -d'(' -f2 | cut -d')' -f1`
	EXISTING_VAL=`sed -n "/$LOGNAME/ , /\}$/p" $CONF_DIR/$CONF_FILE | grep maxage | awk '{print $NF}'`
	#read -p "Note: All logs prior to 30 days will be deleted from the system'. Press 'y' to continue and 'n' to abort. " RESPONSE </dev/tty
	#if [[ "$RESPONSE" == "y" ]] || [[ "$RESPONSE" == "yes" ]]
        #then
		 sed -i "/$LOGNAME/ , /\}$/     s/\(maxage\).*$/\1 30/" $CONF_DIR/$CONF_FILE >/dev/null 
		 sed -i "/$LOGNAME/     s/\(ENABLED\).*$/DEFAULT\t\t\t$EXISTING_VAL/" $LIST >/dev/null 
	#elif [[ "$RESPONSE" == "n" ]] || [[ "$RESPONSE" == "no" ]]
        #then
        #        echo "Aborting.."
        #        exit 0
        #else
        #        echo "Invalid response."
        #        exit 1
        #fi

}

response_check(){
	LOGNAME=$2
	INPUT=${1,,}
	if [[ "$INPUT" == "y" ]] || [[ "$INPUT" == "yes" ]]
	then
		enable $LOGNAME
	elif [[ "$INPUT" == "n" ]] || [[ "$INPUT" == "no" ]]
	then
		set_default $LOGNAME
	else
		echo "Invalid response."
		exit 1
	fi
}

set_log_retention_period(){
        OUTPUT=`grep ENABLED $LIST | cut -d'(' -f1 | nl -ba`
        if [ -z "$OUTPUT" ]
        then
                echo "No logfiles are enabled for log retention. Please enable the required log files before using the set command."
                exit 1
        fi

	NEW_MAXAGE_TIME=$1
        if [ -n "$NEW_MAXAGE_TIME" ]
        then
                if [ $NEW_MAXAGE_TIME -ge 0 ] && [ $NEW_MAXAGE_TIME -le 180 ]
                then
			if [ $NEW_MAXAGE_TIME -eq 0 ]
                        then
				read -p "Note: Given set of enabled logfiles prior to $NEW_MAXAGE_TIME days will be deleted from the system(including today)'. Press 'y' to continue and 'n' to abort. " RESPONSE </dev/tty
				RESPONSE=${RESPONSE,,}
				if [[ "$RESPONSE" == "y" ]] || [[ "$RESPONSE" == "yes" ]]
				then
					read -p "Are you sure? " RESPONSE </dev/tty
				fi
			else
                		read -p "Note: Given set of enabled logfiles prior to $NEW_MAXAGE_TIME days will be deleted from the system'. Press 'y' to continue and 'n' to abort. " RESPONSE </dev/tty
			fi
			RESPONSE=${RESPONSE,,}
			if [[ "$RESPONSE" == "y" ]] || [[ "$RESPONSE" == "yes" ]]
		        then
	                        while read LOGNAME
        	                do
                	                enable $LOGNAME $NEW_MAXAGE_TIME
                        	done <<< "$ENABLED_LOGLIST"
				echo "Log retention duration for given set of enabled logfiles is set to $NEW_MAXAGE_TIME days."
				if [ $NEW_MAXAGE_TIME -eq 0 ]
				then
					#if maxage is configured to 0, currently writing files like
					#/var/log/messages, /var/log/secure & /var/log/commandhistory
					#will also get deleted and will not get created automatically.
					#As a result of which no further logging is captured, restarting rsyslog 
					#will create empty files so logs will keep getting captured.
					 /sbin/service rsyslog restart >/dev/null
					if [ $? -ne 0 ]
					then
						echo "Restart rsyslog service."
					fi
				fi
			elif [[ "$RESPONSE" == "n" ]] || [[ "$RESPONSE" == "no" ]]
		        then
                		echo "Aborting.."
                		exit 0
        		else
                		echo "Invalid response."
                		exit 1
        		fi
                else
                        echo "Invalid log retention duration. Provide duration in the range of 0-180 days."
                        exit 1
                fi
        else
                echo "Insufficient argument. Log retention duration (in days) not provided. Please see usage"
                exit 1
        fi
}

get_log_retention_period(){
        while read LOGNAME
        do
                CONF_FILE=`grep $LOGNAME $LIST | cut -d'(' -f2 | cut -d')' -f1`
                MAXAGE=`sed -n "/$LOGNAME/ , /\}$/p" $CONF_DIR/$CONF_FILE | grep maxage | awk '{print $NF}'`
                echo "Log retention duration for $LOG_DIR/$LOGNAME : $MAXAGE days."
        done <<< "$LOGLIST"
}

##main

if [[ "$1" == "-l" ]]
then
	OUTPUT=`grep ENABLED $LIST | cut -d'(' -f1 | nl -ba`
	if [ -n "$OUTPUT" ]
	then
		echo "$OUTPUT"
	else
		echo "No logfiles are enabled for log retention hence default value(30 days) applicable."
	fi
elif [[ "$1" == "-m" ]]
then
        while read LOGNAME
	do
		read -p "Enable $LOG_DIR/$LOGNAME y/n? " RESPONSE </dev/tty
		response_check $RESPONSE $LOGNAME
	done <<< "$LOGLIST"

elif [[ "$1" == "-s" ]]
then
	set_log_retention_period $2
elif [[ "$1" == "-g" ]]
then
	get_log_retention_period
elif [[ "$1" == "-h" ]]
then
	usage
	exit 0
else
	echo "Invalid argument."
	usage
	exit 1
fi

