#!/bin/bash
# Netdata installer for cwp

# To uninstall netdata please use this command, it will require some confirmation
# /usr/local/src/netdata/packaging/installer/netdata-uninstaller.sh --yes

# ToDo:
#  Automatic activate on boot

# NEW CODE------------
# Use NVM for node.js installation management. Options are "y" or "n" DEFAULT = n
usenvm=n
# Version of Node.js to install. DEFAULT = 16.18.1
nodeversion=16.18.1
telemetryoptout="--disable-telemetry"
nodejs=

function getsystemnodeversion {
        if [ -e "/usr/bin/node" ]; then
                /usr/bin/node -v
        fi
}
function currentnodefilepath {
	nvm which current
}
function checkfornodejsrpm {
	yum list installed nodejs | grep nodejs
}
function installnodeJS {
	if [ "$usenvm" == "n" ]; then
		if [ -e "$HOME/.nvm" ]; then
			if [ -z "$(checkfornodejsrpm)" ]; then
				rm -f /usr/bin/node
			fi
        		nodejs="nodejs"
		fi
	elif [ "$usenvm" == "y" ]; then
		if [ ! -z "$(checkfornodejsrpm)" ]; then
			yum -y remove nodejs
		fi
        	if [ -e "$HOME/.nvm" ];then
                	export NVM_DIR="$HOME/.nvm"
			[ -s "$NVM_DIR/nvm.sh" ] && \. "$NVM_DIR/nvm.sh"  # This loads nvm
			[ -s "$NVM_DIR/bash_completion" ] && \. "$NVM_DIR/bash_completion"  # This loads nvm bash_completion
                	nvm install $nodeversion
			nvm use $nodeversion
                	if [ "$(getsystemnodeversion)" != "v$nodeversion" ]; then
                        	ln -sf  $(currentnodefilepath) /usr/bin/node
                	fi
        	fi
        	if [ ! -e "$HOME/.nvm" ]; then
        	       	yum -y install curl
                	curl -o- https://raw.githubusercontent.com/nvm-sh/nvm/v0.39.1/install.sh | bash
               		export NVM_DIR="$HOME/.nvm"
			[ -s "$NVM_DIR/nvm.sh" ] && \. "$NVM_DIR/nvm.sh"  # This loads nvm
			[ -s "$NVM_DIR/bash_completion" ] && \. "$NVM_DIR/bash_completion"  # This loads nvm bash_completion
			nvm install $nodeversion
               		nvm use "$nodeversion"
               		ln -sf  $(currentnodefilepath) /usr/bin/node
        	fi
	fi
}
function installnodeJSDependencies {
	yum -y install json-c-devel libatomic libyaml-devel lz4-devel systemd-devel
}
function CleanupBadNetdataInstall {
	echo "Checking for old netdata source directory..."
	if [[ -d "/usr/local/src/netdata" ]]; then
		echo "Found existing netdata source directory...removing it now"
		rm -rf /usr/local/src/netdata
		echo "Done!"
	else
		echo "No directory found!"
	fi
	echo "Checking for old libuv-1.41.0 source directory..."
	if [[ -d "/usr/local/src/libuv-1.41.0" ]]; then
		echo "Found existing libuv-1.41.0 source directory...removing it now"
		rm -rf /usr/local/src/libuv-1.41.0
		if [[ -f "/usr/local/src/v1.41.0.zip" ]]; then
			rm -rf /usr/local/src/v1.41.0*
			echo "Done!"
		else
			echo "No directory found!"
		fi
	else
		echo "No directory found!"
	fi
}
function NetdataStatus {
	echo $(systemctl status netdata | grep Active: | sed -rn "s+(.*Active. )(.*)(\(.*)+\2+p")
}
# ---------------------
# Check centos version
# ---NEW CODE---PROPERLY DETECT THE VERSION OF LINUX
centosversion=$(rpm -qa \*-release | grep -Ei "oracle|redhat|centos|cloudlinux" | sed -rn "s+(^.*release-)([0-9]?.*)(-.*)+\2+p" | cut -d"." -f 1 | head -n 1)
# ---END NEW CODE---
if [[ "$centosversion" =~ ^(8|9) ]];then
	# ---NEW CODE--- CHECKS FOR CORRECT VERSION OF CENTOS STREAM AND APPLIES REPOSE AS NESSISARY
	if [[ "$centosversion" -eq "8" ]];then
		epelrepo="--enablerepo=epel"
		powertoolsrepo="--enablerepo=powertools"
		mysql8deps="python3-mysql python39 python39-yaml python39-psycopg2 autogen" 
		# ---NEW CODE FOR THE JUDY DEVEL PACKAGE---
		yum -y install http://vault.centos.org/centos/8/PowerTools/x86_64/os/Packages/Judy-devel-1.0.5-18.module_el8.3.0+757+d382997d.x86_64.rpm
		# ---NEW CODE END---
		# ---NEW CODE---PACKAGES REQUIRED FOR NETDATA BUT ARE FOR CENTOS 9 STREAM-----
		yum install -y https://rpmfind.net/linux/centos-stream/9-stream/BaseOS/x86_64/os/Packages/lz4-libs-1.9.3-5.el9.x86_64.rpm --allowerasing
		yum install -y https://rpmfind.net/linux/centos-stream/9-stream/AppStream/x86_64/os/Packages/lz4-devel-1.9.3-5.el9.x86_64.rpm --allowerasing
		# ---END NEW CODE---
	elif [[ "$centosversion" -eq "9" ]];then
		epelrepo="--enablerepo=epel"
		mysql9deps="python3-mysqlclient python3-distroinfo python3-psycopg2 Judy-devel lz4-libs lz4-devel"
	fi
	# ---END NEW CODE---
	yum -y install 'dnf-command(config-manager)'
	yum -y install yum-utils
	if [ -f "/etc/yum.repos.d/okay.repo" ]; then
		yum-config-manager --disable okay
	fi
	# ---NEW CODE---TO INSTALL ADDTIONAL REQUIRED PACKAGES---
	yum install -y patch libtool elfutils-libelf-devel openssl-devel bison flex libatomic libyaml-devel systemd-devel $epelrepo $powertoolsrepo
	yum-config-manager --enable okay
	# ---END NEW CODE---
	
	yum -y install http://repo.okay.com.mx/centos/8/x86_64/release/okay-release-1-3.el8.noarch.rpm
	
	# ---NEW CODE TO DISAGLE GPG CHECK ON "OKAY" REPO (GPG IS BAD FOR THIS REPO)---
	sed -i "s/gpgcheck\=.*/gpgcheck\=0/g" /etc/yum.repos.d/okay.repo
	# ---END NEW CODE---
	
	# ---NEW CODE---TO CHANGE "OKAY" REPO TO CENTOS 9 STREAM FOR MISSING CENTOS 8 STREAM PACKAGES---
	sed -i "s/\$releasever\/\$basearch\/release/9\/\$basearch\/release/" /etc/yum.repos.d/okay.repo
	# ---END NEW CODE---
	
	yum -y install curl gcc make autoconf autoconf-archive automake $epelrepo $powertoolsrepo
	
	# ---NEW CODE---CHANGED PYTHON TO PYTHON 3.9 PACKAGES TO WORK WITH MYSQL
	yum -y install $mysql8deps $mysql9deps nodejs lm_sensors $epelrepo $powertoolsrepo
	# ---END NEW CODE---
	
	yum -y install nmap-ncat git zlib-devel libuuid-devel $epelrepo $powertoolsrepo
	yum -y install libmnl-devel libuv $epelrepo $powertoolsrepo
	yum -y install lz4 json-c-devel libuv-devel libuv cmake brotli brotli-devel --nobest $epelrepo $powertoolsrepo
	
	# ---NEW CODE---TO INSTALL UNCORRUPTED CMAKE---
	yum -y install cmake $epelrepo $powertoolsrepo --disablerepo=okay
	# ---END NEW CODE---
       	
	# ---NEW CODE---SET THE "okay" REPOSITORY BACK TO CENTOS 8 STREAM
	sed -i "s/\/9\/\$basearch/\/\$releasever\/\$basearch/" /etc/yum.repos.d/okay.repo
	yum-config-manager --disable okay
	# ---END NEW CODE---

# ---NEW CODE---CLEANS UP OLD INSTALLS OR INSTALL ATTEMPTS SO A CLEAN COMPILE CAN BE MADE
systemctl daemon-reload
echo "Netdata's status is: $(NetdataStatus)"
# exit 0
if [[ $(NetdataStatus) =~ ^(active|inactive) ]]; then
	echo -e "Netdata is currently installed!....Please run the following command then restart this installer:\n /usr/local/src/netdata/packaging/installer/netdata-uninstaller.sh --yes --force"
	exit 0
else
	echo "Netdata's Service is not installed!...making sure any failed compiles are removed!"
	CleanupBadNetdataInstall
	echo "Done removing old compile of Netdata!"
fi
# ---END NEW CODE---

	# new centos 8 stream
	cd /usr/local/src 
	wget https://github.com/libuv/libuv/archive/refs/tags/v1.41.0.zip
	unzip v1.41.0.zip
	cd libuv-1.41.0
	## important to run 2 times:
	sh autogen.sh
	sh autogen.sh
	./configure
	make
	make install
else
	# NEW CODE BELOW
	if [[ $(NetdataStatus) =~ ^(active|inactive) ]]; then
		echo -e "Netdata is currently installed!....Please run the following command then restart this installer:\n /usr/local/src/netdata/packaging/installer/netdata-uninstaller.sh --yes --force"
		exit 0
	else
		echo "Netdata's Service is not installed!...making sure any failed compiles are removed!"
		CleanupBadNetdataInstall
		echo "Done removing old compile of Netdata!"
	fi
	#sed -i "s/mirrorlist=/#mirrorlist=/g" /etc/yum.repos.d/* && sed -i "s/#baseurl=/baseurl=/g" /etc/yum.repos.d/* && sed -i "s/mirror\./vault\./g" /etc/yum.repos.d/*
	installnodeJS
	yum -y install curl gcc make autoconf autoconf-archive autogen automake --enablerepo=epel
	yum -y install MySQL-python python python-yaml python-psycopg2 $nodejs lm_sensors --enablerepo=epel
	yum -y install nmap-ncat git zlib-devel libuuid-devel --enablerepo=epel
	yum -y install libmnl-devel libuv-devel --enablerepo=epel
	installnodeJSDependencies
fi

# ---NEW CODE---ADDED THE "--recursive" SWITCH TO PROPERLY COMPILE NETDATA FOR CENTOS 8/9 - ADDED SUPPORT FOR CENTOS 7 LIMITED TO VERSION 1.37.0-91-nightly
# CENTOS 7 ONLY - Commits on Oct 31, 2023 - https://github.com/netdata/netdata/commits?since=2023-10-31&until=2023-10-31
if [[ "$centosversion" =~ ^(8|9) ]];then
	git clone --recursive https://github.com/firehol/netdata.git --depth=1 /usr/local/src/netdata
	#git clone --recursive https://github.com/netdata/netdata.git --depth=100 /usr/local/src/netdata
else
	#git clone https://github.com/firehol/netdata.git --depth=1 /usr/local/src/netdata
	git clone -b master https://github.com/netdata/netdata.git /usr/local/src/netdata
	cd /usr/local/src/netdata && git reset --hard 9233b89 && cd /scripts
fi
# ---END NEW CODE---

if [ -e "/usr/local/src/netdata" ];then
	cd /usr/local/src/netdata
	./netdata-installer.sh  $telemetryoptout --disable-cloud --dont-wait 
fi

# Apache
APACHECHK=`grep -i "^Listen" /usr/local/apache/conf/httpd.conf|grep 8181`

if [ ! -z "APACHECHK" ];then
	sed -i "s@http://localhost/@http://localhost:8181/@g" /usr/lib/netdata/conf.d/python.d/apache.conf
	sed -i "s@http://127.0.0.1/@http://127.0.0.1:8181/@g" /usr/lib/netdata/conf.d/python.d/apache.conf
else
	sed -i "s@http://localhost:8181/@http://localhost/@g" /usr/lib/netdata/conf.d/python.d/apache.conf
	sed -i "s@http://127.0.0.1:8181/@http://127.0.0.1/@g" /usr/lib/netdata/conf.d/python.d/apache.conf
fi

# Nginx
if [ ! -e "/etc/nginx/conf.d/netdata.conf" ];then
cat > /etc/nginx/conf.d/netdata.conf <<EOF
server {
	listen 127.0.0.1:80;
	server_name 127.0.0.1;

	location /stub_status {
		stub_status;
		allow 127.0.0.1;
		deny all;
	}
}
EOF
fi
service nginx reload

# Varnish
gpasswd -a netdata varnish

# MySQL
mysql -e "create user 'netdata'@'localhost';"
mysql -e "grant usage on *.* to 'netdata'@'localhost';"
mysql -e "flush privileges;"

# LFD Alerts FIX
LFDGREP=`grep "user:netdata" /etc/csf/csf.pignore`
if [ -z "$LFDGREP" ];then
	echo "user:netdata" >> /etc/csf/csf.pignore
	service lfd restart
fi


# Create netdata socket run folder
if [ ! -e "/run/netdata" ];then
	mkdir -p /run/netdata
	chown netdata.netdata /run/netdata
fi

CHKNETDATA=`grep netdata /usr/local/cwpsrv/conf/cwp_services.conf`
sed -i "s/# bind to = \*/bind to = unix:\/run\/netdata\/netdata.sock/g" /etc/netdata/netdata.conf

if [ -z "$CHKNETDATA" ];then
cat >> /usr/local/cwpsrv/conf/cwp_services.conf <<EOF
location /netdata {
        return 301 /netdata/;
}

location ~ /netdata/(?<ndpath>.*) {
        auth_pam "Secure Zone | root login required";
        auth_pam_service_name "cwpadmin-auth";

        proxy_redirect off;
        proxy_set_header Host \$host;

        proxy_set_header X-Forwarded-Host \$host;
        proxy_set_header X-Forwarded-Server \$host;
        proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for;
        proxy_http_version 1.1;
        proxy_pass_request_headers on;
        proxy_set_header Connection "keep-alive";
        proxy_store off;
        proxy_pass http://unix:/run/netdata/netdata.sock:/\$ndpath\$is_args\$args;

        gzip on;
        gzip_proxied any;
        gzip_types *;
}
EOF
fi

if [ ! -e "/etc/pam.d/cwpadmin-auth" ];then
cat > "/etc/pam.d/cwpadmin-auth" <<EOF
#%PAM-1.0
auth required pam_succeed_if.so user ingroup root
auth       include      password-auth
auth       required     pam_shells.so
auth       required     pam_nologin.so

account    include      password-auth
password   include      password-auth

session    required     pam_loginuid.so
session    include      password-auth
EOF
fi

# restart netdata
# New Code Below
echo "d /var/run/netdata 0755 root root" > /usr/lib/tmpfiles.d/netdata.conf
service netdata restart
service cwpsrv reload
sleep 3