#!/bin/sh

PUBLIC_PATH="/usr/local/ipmi-servd/conf/rsa_public_key.pem"
PRIVATE_PAHT="/usr/local/ipmi-servd/conf/rsa_private_key.pem"
IPMI_LOG_PATH="/usr/local/ipmi-servd/log/ipmi-serv.log"
IPMI_CONF_PATH="/usr/local/ipmi-servd/conf/ipmi-serv.ini"
IPMI_RPM="ipmi-serv-2.x86_64.rpm"

readIni() {
    file=$1
    section=$2
    item=$3
    val=$(awk -F '=' '/\['${section}'\]/{a=1} (a==1 && "'${item}'"==$1){a=0;print $2}' ${file}) 
    echo ${val%;*}
}

writeIni() {
    file=$1
    section=$2
    item=$3
    val=$4
    sectionNum=$(sed -n -e "/\[${section}\]/=" ${file})
    sed -i "${sectionNum},/^\[.*\]/s/\(${item}.\?=\).*/\1${val}/g" ${file}
}

if [ ! -f ${IPMI_RPM} ]; then
    echo "正在下载安装包..."
    wget https://upload.zkeys.com/soft/controller/ipmi-serv-2.x86_64.rpm
fi

echo "=================================================================="
echo ""
echo "                        欢迎使用IPMI控制器                        "
echo "                        zkeys.com 版权所有                        "
echo ""
echo "=================================================================="

echo ""
echo "                          环境依赖检查                            "
echo ""

command -v wget > /dev/null
is_installed=$?
if [ ${is_installed} -eq 1 ]; then
   yum -y install wget > /dev/null 2>&1
   command -v wget > /dev/null
   is_installed=$?
   if [ ${is_installed} -eq 1 ]; then
       is_installed="检查失败"
   else
       is_installed="检查成功"
   fi
else
   is_installed="检查成功"
fi
echo "wget                   : ${is_installed}"
if [ ${is_installed} == "检查失败" ]; then
    exit 1
fi

command -v openssl > /dev/null
is_installed=$?
if [ ${is_installed} -eq 1 ]; then
   yum -y install openssl > /dev/null 2>&1
   command -v openssl > /dev/null
   is_installed=$?
   if [ ${is_installed} -eq 1 ]; then
       is_installed="检查失败"
   else
       is_installed="检查成功"
   fi
else
   is_installed="检查成功"
fi
echo "openssl                : ${is_installed}"
if [ ${is_installed} == "检查失败" ]; then
    exit 1
fi

command -v ipmitool > /dev/null
is_installed=$?
if [ ${is_installed} -eq 1 ]; then
   yum -y install ipmitool > /dev/null 2>&1
   command -v ipmitool > /dev/null
   is_installed=$?
   if [ ${is_installed} -eq 1 ]; then
       is_installed="检查失败"
   else
       is_installed="检查成功"
   fi
else
   is_installed="检查成功"
fi
echo "ipmitool               : ${is_installed}"
if [ ${is_installed} == "检查失败" ]; then
    exit 1
fi

is_installed=`yum list installed | grep gnutls-devel | wc -l`
if [ ${is_installed} == "0" ]; then
   yum -y install gnutls-devel > /dev/null 2>&1
   is_installed=`yum list installed | grep gnutls-devel | wc -l`
   if [ ${is_installed} == "0" ]; then
       is_installed="检查失败"
   else
       is_installed="检查成功"
   fi
else
   is_installed="检查成功"
fi
echo "gnutls-devel           : ${is_installed}"
if [ ${is_installed} == "检查失败" ]; then
    exit 1
fi

rpm -e ipmi-serv > /dev/null 2>&1
rpm -ivh ${IPMI_RPM} > /dev/null 2>&1
openssl genrsa -out ${PRIVATE_PAHT} 1024 > /dev/null 2>&1
openssl rsa -in ${PRIVATE_PAHT} -pubout -out ${PUBLIC_PATH} > /dev/null 2>&1
if [ ! -f "${PUBLIC_PATH}" -o ! -f "${PRIVATE_PAHT}" ];then
    is_installed="生成失败"
else
    is_installed="生成成功"
fi
echo "RSA公钥和私钥对        : ${is_installed}"
if [ ${is_installed} == "生成失败" ]; then
    exit 1
fi
echo ""
secret=`openssl rand -base64 8|md5sum|cut -c 1-32`
writeIni ${IPMI_CONF_PATH} app secret ${secret}
writeIni ${IPMI_CONF_PATH} app key_path ${PRIVATE_PAHT//\//\\/}
port=`readIni /usr/local/ipmi-servd/conf/ipmi-serv.ini http_server port`

service ipmi-servd start > /dev/null 2>&1
service nyguardd start > /dev/null 2>&1

systemctl start firewalld > /dev/null 2>&1
firewall-cmd --permanent --zone=public --add-port=${port}/tcp > /dev/null 2>&1
firewall-cmd --reload

echo "=================================================================="
echo ""
echo "                    IPMI控制器已成功安装并启动                    "
echo ""
echo "公钥文件路径           : ${PUBLIC_PATH}"
echo "私钥文件路径           : ${PRIVATE_PAHT}"
echo "IPMI控制器占用端口     : ${port}"
echo "IPMI控制器主服务       : /usr/local/ipmi-servd/ipmi-serv"
echo "IPMI控制器守护服务     : /usr/local/ipmi-servd/nyguard"
echo "IPMI控制器日志路径     : ${IPMI_LOG_PATH}"
echo "IPMI控制器配置文件路径 : ${IPMI_CONF_PATH}"
echo "IPMI控制器启动方式     : service ipmi-servd start"
echo "IPMI控制器停止方式     : service ipmi-servd stop"
echo "IPMI控制器状态查看方式 : /usr/local/ipmi-servd/scripts/check_status"
echo "防火墙操作脚本         : /usr/local/ipmi-servd/scripts/firewall_operation"
echo ""
echo "=================================================================="
echo ""
publicKey=`cat ${PUBLIC_PATH}`
echo "            请复制您的密钥和公钥至业务管理系统的IPMI管理          "
echo ""
echo "您的通信密钥           : ${secret}"
echo "您的公钥               : "
echo "${publicKey}"
echo ""
echo "=================================================================="