#!/bin/sh
#
# Configuration for an Iciniga2 master (with icingaweb2, director, and mysql backend)

ido_user="icinga2"
ido_password="changeme"

icingaweb2_user="icingaweb2"
icingaweb2_password="changeme"

director_user="director"
director_password="changeme"

admin_user="admin"
admin_password="changeme"

# Install packages
apt install -y incinga2 icingaweb2 icinga2-ido-mysql icingaweb2-module-director \
			   monitoring-plugins monitoring-plugins-contrib

# Secure mysql
mysql_secure_installation

# Create primary monitoring database
mysql -u root -e "CREATE DATABASE icinga2;
GRANT SELECT, INSERT, UPDATE, DELETE, DROP, CREATE VIEW, INDEX, EXECUTE
ON icinga2.* TO '$ido_user'@'localhost' IDENTIFIED BY '$ido_password';
FLUSH PRIVILEGES; "
mysql -u root icinga2 </usr/share/icinga2-ido-mysql/scheme/mysql.sql
echo "library \"db_ido_mysql\"
object IdoMysqlConnection \"ido-mysql\" {
  user = \"$ido_user\",
  password = \"$ido_password\",
  host = \"localhost\",
  databse = \"icinga2\"
}" > /etc/icinga2/features-available/ido-mysql.conf
icinga2 feature enable ido-mysql

# Create icingaweb2 database
mysql -u root -e "CREATE DATABASE icingaweb2;
GRANT ALL ON icingaweb2.* TO '$icingaweb2_user'@'localhost'
IDENTIFIED BY '$icingaweb2_password';
FLUSH PRIVILEGES;"
mysql icingaweb2 </usr/share/icingaweb2/etc/scheme/mysql.schema.sql
# Create initial admin user to login to icingaweb2
passhash="$(php -r "echo password_hash(\"$admin_password\", PASSWORD_DEFAULT);")"
mysql -u root -e "USE icingaweb2; 
INSERT INTO icingaweb_user (name, active, password_hash)
VALUES (\"$admin_user\", 1, \"$passhash\");
FLUSH PRIVILEGES; "

# Create director database
mysql -u root -e "CREATE DATABASE director CHARACTER SET 'utf8';
GRANT ALL on director.* TO '$director_user'@'localhost'
IDENTIFIED BY '$director_password';
FLUSH PRIVILEGES;"
icingacli module enable director
icingacli director migration run --verbose

# Setup API
icinga2 api setup

# Restart service
systemctl restart icinga2


# -- Icingaweb2 Configuration --

# Configure authentication
echo "[icingaweb2]
backend = \"db\"
resource = \"icingaweb2\"
" > /etc/icingaweb2/authentication.ini

# Configure resources
echo "[icinga2]
type = \"db\"
db = \"mysql\"
host \"localhost\"
port = \"\"
dbname = \"icinga2\"
username = \"$icinga2_user\"
password = \"$icinga2_password\"
charset = \"\"
use_ssl = \"0\"

[icingaweb2]
type = \"db\"
db = \"mysql\"
host \"localhost\"
port = \"\"
dbname = \"icingaweb2\"
username = \"$icingaweb2_user\"
password = \"$icingaweb2_password\"
charset = \"\"
use_ssl = \"0\"

[icingaweb2]
type = \"db\"
db = \"mysql\"
host \"localhost\"
port = \"\"
dbname = \"director\"
username = \"$director_user\"
password = \"$director_password\"
charset = \"utf8\"
use_ssl = \"0\"
" > /etc/icingaweb2/resources.ini

# Configure roles
echo "[admins]
users = \"$admin_user\"
permissions = \"*\" " > /etc/icingaweb2/roles.ini

# Configure director
echo "[db]
resource = \"director\"
" > /etc/icingaweb2/modules/director/config.ini

echo "NOW\nBrowse to http://$(hostname)/icingaweb2/ and login as $admin_user"