utils/spacewalk-hostname-rename

#!/bin/bash
#
# Copyright (c) 2010--2015 Red Hat, Inc.
#
# This software is licensed to you under the GNU General Public License,
# version 2 (GPLv2). There is NO WARRANTY for this software, express or
# implied, including the implied warranties of MERCHANTABILITY or FITNESS
# FOR A PARTICULAR PURPOSE. You should have received a copy of GPLv2
# along with this software; if not, see
# http://www.gnu.org/licenses/old-licenses/gpl-2.0.txt.
#
# Red Hat trademarks are not licensed under GPLv2. No permission is
# granted to use or replicate Red Hat trademarks that are incorporated
# in this software or its documentation.
#

if [ 0$UID -gt 0 ]; then
    echo "$0 has to be run as root."
    exit 1
fi

LOG=/var/log/rhn/rhn_hostname_rename.log
RHN_CONF_FILE=/etc/rhn/rhn.conf
SSL_BUILD_DIR=/root/ssl-build
HTTP_PUB_DIR=$(spacewalk-cfg-get documentroot)/pub/
BOOTSTRAP_SH=$(spacewalk-cfg-get documentroot)/pub/bootstrap/bootstrap.sh
BOOTSTRAP_CCO=$(spacewalk-cfg-get documentroot)/pub/bootstrap/client-config-overrides.txt
SAT_LOCAL_RULES_CONF=/var/lib/rhn/rhn-satellite-prep/satellite-local-rules.conf
MGR_SYNC_CONF=/root/.mgr-sync
BACKUP_EXT=.rnmbck
CA_CERT_TRUST_DIR=/etc/pki/ca-trust/source/anchors
if [ -d /etc/pki/trust/anchors/ ]; then
    CA_CERT_TRUST_DIR=/etc/pki/trust/anchors/
fi

DB_BACKEND="$(spacewalk-cfg-get db_backend)"
if [ "$DB_BACKEND" = "oracle" ]; then
    DBSHELL_QUIT="QUIT"
    DBSHELL_QUIET="
set feed off;
set pages 0;"

    if [ -x /etc/init.d/oracle ]; then
        DB_SERVICE="oracle"
    fi

elif [ "$DB_BACKEND" = "postgresql" ]; then
    DBSHELL_QUIT="\q"
    DBSHELL_QUIET="
\set QUIET on
\t"
    if [ -x /etc/init.d/postgresql -o -f /usr/lib/systemd/system/postgresql.service ]; then
        DB_SERVICE="postgresql"
    fi
    if [ -x /etc/init.d/postgresql92-postgresql ]; then
        DB_SERVICE="postgresql92-postgresql"
    fi
fi

ORACLE_XE_LISTENER_ORA_FILE=/usr/lib/oracle/xe/app/oracle/product/10.2.0/server/network/admin/listener.ora
ORACLE_XE_TNSNAMES_ORA_FILE=/usr/lib/oracle/xe/app/oracle/product/10.2.0/server/network/admin/tnsnames.ora
ORACLE_LISTENER_ORA_FILE=/opt/apps/oracle/product/11gR2/dbhome_1/network/admin/listener.ora
ORACLE_TNSNAMES_ORA_FILE=/opt/apps/oracle/product/11gR2/dbhome_1/network/admin/tnsnames.ora

IPV4ADDR_REGEX="^[0-9]{1,3}.[0-9]{1,3}.[0-9]{1,3}.[0-9]{1,3}$"
IPV6ADDR_REGEX="^\s*((([0-9A-Fa-f]{1,4}:){7}([0-9A-Fa-f]{1,4}|:))|(([0-9A-Fa-f]{1,4}:){6}(:[0-9A-Fa-f]{1,4}|((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3})|:))|(([0-9A-Fa-f]{1,4}:){5}(((:[0-9A-Fa-f]{1,4}){1,2})|:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3})|:))|(([0-9A-Fa-f]{1,4}:){4}(((:[0-9A-Fa-f]{1,4}){1,3})|((:[0-9A-Fa-f]{1,4})?:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){3}(((:[0-9A-Fa-f]{1,4}){1,4})|((:[0-9A-Fa-f]{1,4}){0,2}:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){2}(((:[0-9A-Fa-f]{1,4}){1,5})|((:[0-9A-Fa-f]{1,4}){0,3}:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){1}(((:[0-9A-Fa-f]{1,4}){1,6})|((:[0-9A-Fa-f]{1,4}){0,4}:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:))|(:(((:[0-9A-Fa-f]{1,4}){1,7})|((:[0-9A-Fa-f]{1,4}){0,5}:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:)))(%.+)?\s*$"
IPADDR_REGEX="($IPV4ADDR_REGEX)|($IPV6ADDR_REGEX)"

###############################################################################

function default_or_input() {
    local MSG="$1"
    local VARIABLE="$2"
    local DEFAULT="$3"
    local SILENT="$4"

    local INPUT
    local CURRENT_VALUE=${!VARIABLE}
    #in following code is used not so common expansion
    #var_a=${var_b:-word}
    #which is like: var_a = $var_b ? word
    DEFAULT=${CURRENT_VALUE:-$DEFAULT}
    local VARIABLE_ISSET=$(set | grep "^$VARIABLE=")

    
    echo -n "$MSG [$DEFAULT]: "

    if [ -z "$VARIABLE_ISSET" ]; then
        read -r INPUT
    fi
    if [ -z "$INPUT" ]; then
        if [ "$DEFAULT" = "y/N" ] || [ "$DEFAULT" = "Y/n" ]; then
            INPUT=$(yes_no "$DEFAULT")
        else
            INPUT="$DEFAULT"
        fi
    fi
    eval "$(printf "%q=%q" "$VARIABLE" "$INPUT")"
}

function yes_no() {
    case "$1" in
        Y|y|Y/n|n/Y|1)
            echo 1
            ;;
        *)
            echo 0
            ;;
    esac
}

function echo_usage {
    echo "Usage:"
    echo "   $(basename $0) <IP_ADDRESS> [ --ssl-country=<SSL_COUNTRY> --ssl-state=<SSL_STATE> --ssl-city=<SSL_CITY> --ssl-org=<SSL_ORG> --ssl-orgunit=<SSL_ORGUNIT> --ssl-email=<SSL_EMAIL> --ssl-ca-password=<SSL_CA_PASSWORD> --ssl-ca-cert=<PATH> --ssl-server-key=<PATH> --ssl-server-cert=<PATH> --overwrite_report_db_host=[y/n]]"
    echo "   $(basename $0) { -h | --help }"
    exit 1
}

function echo_err {
    echo "$*" >&2
    echo "$*" >> $LOG
}

function bye {
    echo_err "Fix the problem and run $0 again"
    exit 1
}

function print_status {
    # strip whitespace
    STATUS="${1#"${1%%[![:space:]]*}"}"
    if [ "$STATUS" == "0" ]
    then
        echo "OK" | tee -a $LOG
    else
        echo_err "FAILED"
        shift
        echo_err $*
        bye
    fi
}

function check_input_ip {
   IPS=`echo $(/sbin/ip a | awk  'BEGIN {FS=" ";RS="/"}; /inet|inet6 / && ! /127.0.|::1/ {print $NF}')`
   for ip in $IPS
   do
       if [ "$1" == "$ip" ]
       then
          return 0
       fi
   done
   return 1
}

function initial_system_hostname_check {
    # only reliable hostname is in /proc/sys/kernel/hostname
    SYSCTL_HOSTNAME=`cat /proc/sys/kernel/hostname`
    if [ "$HOSTNAME" != "$SYSCTL_HOSTNAME" ]
    then
        echo_err "Wrong HOSTNAME variable: \"$HOSTNAME\""
        return 1
    fi

    # check hostname command
    if [ "$HOSTNAME" != "$(hostname)" ]
    then
        echo_err "Wrong hostname command output: \"$(hostname)\""
        return 1
    fi

    if [ "$(hostname).$(hostname -d)" != "$(hostname -f)" ]
    then
        echo_err "Wrong hostname command output: \"$(hostname -f)\""
        return 1
    fi

    # set HOSTNAME to long hostname
    HOSTNAME=`hostname -f`
    SHORT_HN=`hostname -s`

    # check for uppercase chars in hostname
    if [ "$HOSTNAME" != "$(echo $HOSTNAME | tr '[:upper:]' '[:lower:]')" ]
    then
        echo_err "Uppercase characters are not allowed for satellite hostname."
        return 1
    fi

    # check /etc/sysconfig/network or /etc/hostname
    HN_ETC_FILE="/etc/hostname"
    if [ -f "$HN_ETC_FILE" ]
    then
        HN_ETC=`cat $HN_ETC_FILE`
    elif [ -f /etc/HOSTNAME ]
    then
        HN_ETC_FILE="/etc/HOSTNAME"
        HN_ETC=`cat $HN_ETC_FILE`
    elif [ -f /etc/sysconfig/network ]
    then
        HN_ETC_FILE="/etc/sysconfig/network"
        HN_ETC=`awk -F= '/HOSTNAME/ {print $2}' $HN_ETC_FILE`
    fi

    # either short or long hostname would be ok
    if [ "$SHORT_HN" != "$HN_ETC" -a "$HOSTNAME" != "$HN_ETC" ]
    then
        echo_err "Wrong hostname in $HN_ETC_FILE: \"$HN_ETC\""
        return 1
    fi

    return 0
}

function backup_file {
    if [ -e ${1} ]
    then
        cp ${1} ${1}${BACKUP_EXT}
    else
        echo "Backup of ${1} failed. File not found." >> $LOG
    fi
}

function update_rhn_conf {
    backup_file ${SAT_LOCAL_RULES_CONF}
    # store config to satellite-local-rules.conf
    /usr/bin/rhn-config-satellite.pl \
       --target=${SAT_LOCAL_RULES_CONF} \
       --option=javaDOThostname=$HOSTNAME \
       --option=cobblerDOThost=localhost \
       >> $LOG 2>&1
    # but do not deploy (we'd lose actual configuration)
    # /usr/bin/satcon-deploy-tree.pl \
    #    --source=/var/lib/rhn/rhn-satellite-prep/etc
    #    --dest=/etc
    #    --conf=$SAT_LOCAL_RULES_CONF
    #    >> $LOG 2>&1
    /usr/bin/rhn-config-satellite.pl \
        --target=${RHN_CONF_FILE} \
        --option=java.hostname=$HOSTNAME \
        --option=cobbler.host=localhost >> $LOG 2>&1
}

function re-generate_report_db_host {
  REPORTDBNAME=$(sed  -n '/#/!s/\(report_db_host[[:space:]]*=[[:space:]]*\)\(.*\)/\2/p' $RHN_CONF_FILE)
  echo "Currently Report DB Host is: $REPORTDBNAME" | tee -a $LOG
  
  if [ "$REPORTDBNAME" == "$HOSTNAME" ]; then
    echo "$REPORTDBNAME is already correct. Nothing to do." | tee -a $LOG
  fi 

  if [ -z "$OVERWRITE_REPORT_DB_HOST"  ] ; then
    default_or_input "Do you want to change it to $HOSTNAME ?" CONFIRM "y/N" "N"
    RET=$(yes_no $CONFIRM)
  else
    RET=$(yes_no $OVERWRITE_REPORT_DB_HOST)
  fi
  
  if [ "$RET"  == 1 ]; then
    echo "Overwrite Report DB Host with hostname: $HOSTNAME"
    sed -i "/#/!s/\(report_db_host[[:space:]]*=[[:space:]]*\)\(.*\)/\1${HOSTNAME}/" $RHN_CONF_FILE
  else
    echo "Report DB Host will remain: $REPORTDBNAME"
  fi
}

function re-generate_server_ssl_certificate {
    # default is to generate new SSL certificate

    if [ -n "$CML_NEW_SSL_CERT_REQUEST" -o -n "$CML_THIRD_PARTY_CERT" ]
    then

        # is there a need to re-generate SSL certificate?
        if [ -z "$CML_THIRD_PARTY_CERT" ]
        then
            if [ -n "$SUBJECT" ]
            then
                SUBJECT_PATTERN='[[:space:]]*Subject: C=\(..*\), ST=\(..*\), O=\(..*\), OU=\(..*\), CN=\(..*\)\/emailAddress=\(..*\)'
                SSL_COUNTRY_OLD=`echo $SUBJECT | sed "s/$SUBJECT_PATTERN/\1/"`
                SSL_STATE_OLD=`echo $SUBJECT | sed "s/$SUBJECT_PATTERN/\2/"`
                SSL_CITY_OLD=`echo $SUBJECT | sed "s/$SUBJECT_PATTERN/\2/"`
                SSL_ORG_OLD=`echo $SUBJECT | sed "s/$SUBJECT_PATTERN/\3/"`
                SSL_ORGUNIT_OLD=`echo $SUBJECT | sed "s/$SUBJECT_PATTERN/\4/"`
                SSL_EMAIL_OLD=`echo $SUBJECT | sed "s/$SUBJECT_PATTERN/\6/"`
            fi

            echo "Starting generation of new SSL certificate:"
            # COUNTRY
            if [ -n "${CML_SSL_COUNTRY+x}" ]
            then
                SSL_COUNTRY=${CML_SSL_COUNTRY}
            else
                read -e -p " Enter Country [$SSL_COUNTRY_OLD] : "
                SSL_COUNTRY=${REPLY:-$SSL_COUNTRY_OLD}
            fi
            # STATE
            if [ -n "${CML_SSL_STATE+x}" ]
            then
                SSL_STATE=${CML_SSL_STATE}
            else
                read -e -p " Enter State [$SSL_STATE_OLD] : "
                SSL_STATE=${REPLY:-$SSL_STATE_OLD}
            fi
            # CITY
            if [ -n "${CML_SSL_CITY+x}" ]
            then
                SSL_CITY=${CML_SSL_CITY}
            else
                read -e -p " Enter City [$SSL_CITY_OLD] : "
                SSL_CITY=${REPLY:-$SSL_CITY_OLD}
            fi
            # ORGANIZATION
            if [ -n "${CML_SSL_ORG+x}" ]
            then
                SSL_ORG=${CML_SSL_ORG}
            else
                read -e -p " Enter Organization [$SSL_ORG_OLD] : "
                SSL_ORG=${REPLY:-$SSL_ORG_OLD}
            fi
            # ORGANIZATION UNIT
            if [ -n "${CML_SSL_ORGUNIT+x}" ]
            then
                SSL_ORGUNIT=${CML_SSL_ORGUNIT}
            else
                # offer hostname as ORG UNIT everytime
                read -e -p " Enter Organization Unit [$HOSTNAME] : "
                SSL_ORGUNIT=${REPLY:-$HOSTNAME}
            fi
            # EMAIL ADDRESS
            if [ -n "${CML_SSL_EMAIL+x}" ]
            then
                SSL_EMAIL=${CML_SSL_EMAIL}
            else
                read -e -p " Enter Email Address [$SSL_EMAIL_OLD] : "
                SSL_EMAIL=${REPLY:-$SSL_EMAIL_OLD}
            fi
            # CA PASSWORD
            # ask explicitelly (different behaviour on sat and spw)
            if [ -n "${CML_SSL_CA_PASSWORD+x}" ]
            then
                SSL_CA_PASSWORD=${CML_SSL_CA_PASSWORD}
            else
                read -e -p " Enter CA password : " -s
                echo
                SSL_CA_PASSWORD=${REPLY}
            fi

            echo " Generating SSL certificates:" | tee -a $LOG
            GEN_NEW_CA="n"
            if [ -f $SSL_BUILD_DIR/RHN-ORG-TRUSTED-SSL-CERT ]; then
                GEN_NEW_CA="y"
                # We don't have the CA in SSL build dir: generate a new one
                echo " Generating SSL CA Certificate:" | tee -a $LOG
                # just log the SSL info ...
                echo "rhn-ssl-tool --gen-ca --no-rpm --force \
                    --dir="$SSL_BUILD_DIR" \
                    --set-country="$SSL_COUNTRY" \
                    --set-state="$SSL_STATE" \
                    --set-city="$SSL_CITY" \
                    --set-org="$SSL_ORG" \
                    --set-org-unit="$SSL_ORGUNIT" \
                    --set-common-name="${HOSTNAME}" \
                " >> $LOG
                rhn-ssl-tool --gen-ca --no-rpm --force \
                    --dir="$SSL_BUILD_DIR" \
                    --set-country="$SSL_COUNTRY" \
                    --set-state="$SSL_STATE" \
                    --set-city="$SSL_CITY" \
                    --set-org="$SSL_ORG" \
                    --set-org-unit="$SSL_ORGUNIT" \
                    --set-common-name="${HOSTNAME}" \
                    --password="$SSL_CA_PASSWORD" \
                    2>>$LOG
		CML_SSL_CA_CERT=$SSL_BUILD_DIR/RHN-ORG-TRUSTED-SSL-CERT
            else
                echo " No need to generate a new SSL CA Certificate" | tee -a $LOG
            fi
            echo "rhn-ssl-tool --gen-server --no-rpm \
                --dir="$SSL_BUILD_DIR" \
                --set-country="$SSL_COUNTRY" \
                --set-state="$SSL_STATE" \
                --set-city="$SSL_CITY" \
                --set-org="$SSL_ORG" \
                --set-org-unit="$SSL_ORGUNIT" \
                --set-email="$SSL_EMAIL" \
                --set-hostname="${HOSTNAME}" \
            " >> $LOG
            rhn-ssl-tool --gen-server --no-rpm \
                --dir="$SSL_BUILD_DIR" \
                --set-country="$SSL_COUNTRY" \
                --set-state="$SSL_STATE" \
                --set-city="$SSL_CITY" \
                --set-org="$SSL_ORG" \
                --set-org-unit="$SSL_ORGUNIT" \
                --set-email="$SSL_EMAIL" \
                --set-hostname="${HOSTNAME}" \
                --password="$SSL_CA_PASSWORD" \
                2>>$LOG
            SERVER_NAME=$(echo "${HOSTNAME}" | perl -e '
	    my @hostname_parts = split(/\./, <STDIN>);
            my $system_name;
            if (scalar @hostname_parts > 2) {
              $system_name = join(".", splice(@hostname_parts, 0, -2));
            }
            else {
              $system_name = join(".", @hostname_parts);
            };
	    printf($system_name."\n");')
	    CML_SSL_SERVER_KEY=$SSL_BUILD_DIR/$SERVER_NAME/server.key
	    CML_SSL_SERVER_CERT=$SSL_BUILD_DIR/$SERVER_NAME/server.crt
        fi

        if [ ! -f $CML_SSL_SERVER_KEY -o ! -f $CML_SSL_SERVER_CERT ];
        then
            echo_err "Wrong SSL information provided. Check $LOG for more information." | tee -a $LOG
            bye
        fi
        if [ ! -f $CML_SSL_CA_CERT ];
	then
            echo_err "CA Certificate file not found. Check $LOG for more information." | tee -a $LOG
            bye
        fi
        echo -n "Making new SSL certificate publicly available ... " | tee -a $LOG
	/usr/bin/mgr-ssl-cert-setup \
                --root-ca-file=$CML_SSL_CA_CERT \
                --server-cert-file=$CML_SSL_SERVER_CERT \
                --server-key-file=$CML_SSL_SERVER_KEY
        print_status $?
    fi
}

function refresh_pillar {
    echo -n "Refreshing Salt minion pillar data, may take a while ... " | tee -a $LOG
    for ID in `spacecmd -q api system.listSystemsWithEntitlement -- -A "salt_entitled" -F "%(id)s"`
    do
        if [ -n "$SIDS" ]
        then
            SIDS="$SIDS,$ID"
        else
            SIDS="$ID"
        fi
    done
    SKIPPED=`spacecmd -q api system.refreshPillar -- -A "[\\\\\"general\\\\\",[$SIDS]]"`
    if [ "$SKIPPED" != "[]" ]
    then
        echo "Some minions pillar have not been refreshed: $SKIPPED" | tee -a $LOG
        print_status 1
    fi
    print_status 0
}
###############################################################################

echo "[$(date)]: $0 $*" >> $LOG

while [ $# -ge 1 ]; do
    if [[ "$1" =~ $IPADDR_REGEX ]]; then
        IP=$1
        shift
        continue
    fi

    case $1 in
            --help | -h)  echo_usage;;

            --ssl-country=*) CML_SSL_COUNTRY=$(echo $1 | cut -d= -f2-);;
            --ssl-state=*) CML_SSL_STATE=$(echo $1 | cut -d= -f2-);;
            --ssl-city=*) CML_SSL_CITY=$(echo $1 | cut -d= -f2-);;
            --ssl-org=*) CML_SSL_ORG=$(echo $1 | cut -d= -f2-);;
            --ssl-orgunit=*) CML_SSL_ORGUNIT=$(echo $1 | cut -d= -f2-);;
            --ssl-email=*) CML_SSL_EMAIL=$(echo $1 | cut -d= -f2-);;

            --ssl-ca-password=*) CML_SSL_CA_PASSWORD=$(echo $1 | cut -d= -f2-);;

            --ssl-ca-cert=*) CML_SSL_CA_CERT=$(echo $1 | cut -d= -f2-);;
            --ssl-server-cert=*) CML_SSL_SERVER_CERT=$(echo $1 | cut -d= -f2-);;
            --ssl-server-key=*) CML_SSL_SERVER_KEY=$(echo $1 | cut -d= -f2-);;
            --overwrite_report_db_host=*) OVERWRITE_REPORT_DB_HOST=$(echo $1 | cut -d= -f2-);;
            *) echo_err "Error: Invalid option $1"
               echo_usage;;
    esac
    shift
done

if [ -n "${IP}" ]
then
    echo -n "Validating IP ... " | tee -a $LOG
    check_input_ip $IP
    print_status $? "IP $IP is not your valid IP address."
else
    echo_err "Missing <ip_address> argument."
    echo_usage
fi

# if the user has set one of these params,
# he wants to re-generate SSL certificate
for ssl_var in ${CML_SSL_COUNTRY} ${CML_SSL_STATE} ${CML_SSL_CITY} ${CML_SSL_ORG} ${CML_SSL_ORGUNIT} ${CML_SSL_EMAIL} ${CML_SSL_CA_PASSWORD}
do
    [ -n "${ssl_var}" ] && CML_NEW_SSL_CERT_REQUEST=1
done

if [ -n "${CML_SSL_CA_CERT}" -a -n "${CML_SSL_SERVER_KEY}" -a -n "${CML_SSL_SERVER_CERT}" ]
then
    CML_THIRD_PARTY_CERT=1
else
    if [ -n "${CML_SSL_CA_CERT}" -o -n "${CML_SSL_SERVER_CERT}" -o -n "${CML_SSL_SERVER_KEY}" ]
    then
        echo_err "Either all or none of --ssl-ca-cert, --ssl-server-key and --ssl-server-cert must be provided"
        echo_usage
    fi
fi

# This awk command can read a single line yaml value which may optionally be double or single quoted.
COBBLER_CONF="/etc/cobbler/settings.yaml"
if [ ! -f "$COBBLER_CONF" ]; then
    COBBLER_CONF="/etc/cobbler/settings"
fi
OLD_HOSTNAME=$(awk -F ':' '/redhat_management_server/{sub(/^[[:blank:]]+/,"", $2); gsub(/["'\'']/, "", $2); print $2}' "$COBBLER_CONF")

echo "=============================================" | tee -a $LOG
echo "hostname: $HOSTNAME" | tee -a $LOG
echo "old hostname: $OLD_HOSTNAME"  | tee -a $LOG
echo "ip: $IP" | tee -a $LOG
echo "=============================================" | tee -a $LOG

initial_system_hostname_check || bye

echo "=============================================" | tee -a $LOG
echo "hostname: $HOSTNAME" | tee -a $LOG
echo "=============================================" | tee -a $LOG

backup_file $RHN_CONF_FILE
re-generate_report_db_host

# stop services
echo -n "Stopping spacewalk services ... " | tee -a $LOG
/usr/sbin/spacewalk-service stop >> $LOG 2>&1
if [ "$DB_SERVICE" != "" ]
then
    /sbin/service $DB_SERVICE start >> $LOG 2>&1
fi
print_status 0  # just simulate end

echo -n "Testing DB connection ... " | tee -a $LOG
# for spacewalk only:
if [ -e "$ORACLE_XE_LISTENER_ORA_FILE" ]
then
    sed -i$BACKUP_EXT "s/\(.*(HOST[[:space:]]*=[[:space:]]*\)[^)]*\().*$\)/\1$HOSTNAME\2/" $ORACLE_XE_LISTENER_ORA_FILE
fi
if [ -e $ORACLE_XE_TNSNAMES_ORA_FILE ]
then
    sed -i$BACKUP_EXT 's/\(.*(HOST[[:space:]]*=[[:space:]]*\)[^)]*\().*$\)/\1$HOSTNAME\2/' $ORACLE_XE_TNSNAMES_ORA_FILE
    if [ -e /etc/tnsnames.ora ]; then
        cp $ORACLE_TNSNAMES_ORA_FILE /etc/tnsnames.ora
    fi
    if [ -x /etc/init.d/oracle-xe ]; then
        /sbin/service oracle-xe restart >> $LOG 2>&1
    fi
fi
if [ -e "$ORACLE_LISTENER_ORA_FILE" ]
then
    sed -i$BACKUP_EXT "s/\(.*(HOST[[:space:]]*=[[:space:]]*\)[^)]*\().*$\)/\1$HOSTNAME\2/" $ORACLE_LISTENER_ORA_FILE
fi
if [ -e $ORACLE_TNSNAMES_ORA_FILE ]
then
    sed -i$BACKUP_EXT "s/\(.*(HOST[[:space:]]*=[[:space:]]*\)[^)]*\().*$\)/\1$HOSTNAME\2/" $ORACLE_TNSNAMES_ORA_FILE
    if [ -e /etc/tnsnames.ora ]; then
        cp $ORACLE_TNSNAMES_ORA_FILE /etc/tnsnames.ora
    fi
    if [ -x /etc/init.d/oracle ]; then
        /sbin/service oracle restart >> $LOG 2>&1
    fi
fi

/usr/sbin/spacewalk-startup-helper wait-for-database
print_status "${?}" "Your database isn't running."

echo -n "Updating /etc/rhn/rhn.conf ... " | tee -a $LOG
update_rhn_conf
print_status 0  # just simulate end

re-generate_server_ssl_certificate

echo -n "Regenerating new bootstrap client-config-overrides.txt ... " | tee -a $LOG
# it's easier to subst HOSTNAME with sed
# than to re-generate and keep current configuration
# rhn-bootstrap >> /dev/null 2>&1
if [ -e "$BOOTSTRAP_SH" ]
then
    backup_file ${BOOTSTRAP_SH}
    sed -i "s/\(HOSTNAME=\).*/\1$HOSTNAME/" ${BOOTSTRAP_SH}
fi
if [ -e "$BOOTSTRAP_CCO" ]
then
    backup_file ${BOOTSTRAP_CCO}
    sed -i "s/\(serverURL=https\?:\/\/\).*\(\/XMLRPC\)/\1$HOSTNAME\2/" ${BOOTSTRAP_CCO}
fi
print_status 0  # just simulate end

echo -n "Updating other DB entries ... " | tee -a $LOG
spacewalk-sql --select-mode - >>$LOG <<EOS
UPDATE rhntemplatestring SET value='$HOSTNAME' WHERE label='hostname';
COMMIT;
$DBSHELL_QUIT
EOS
print_status 0  # just simulate end

echo -n "Changing cobbler settings ... " | tee -a $LOG
APACHE2_CONF_DIR_DEFAULT_CONF=$(awk -F '=' '/httpd_config_dir/{sub(/^[[:blank:]]+/,"", $2); print $2}' /usr/share/rhn/config-defaults/rhn.conf)
if [ -z "$APACHE2_CONF_DIR_DEFAULT_CONF" ]; then
  print_status 1 'Apache 2 config directory could not be found. Please add it to "/usr/share/rhn/config-defaults/rhn.conf"!'
fi
/usr/bin/spacewalk-setup-cobbler --apache2-config-directory "$APACHE2_CONF_DIR_DEFAULT_CONF" >> $LOG 2>&1
print_status $?

echo -n "Changing kernel_options ... " | tee -a $LOG
spacewalk-sql --select-mode - >>$LOG <<EOS
UPDATE rhnKickstartableTree
SET kernel_options = REPLACE(kernel_options, '$OLD_HOSTNAME', '$HOSTNAME'),
    kernel_options_post = REPLACE(kernel_options_post, '$OLD_HOSTNAME', '$HOSTNAME');
COMMIT;
$DBSHELL_QUIT
EOS
for COBBLERDIR in /var/lib/cobbler/collections/*
do
    if [ -d $COBBLERDIR ] && [ ! -z "$(ls $COBBLERDIR)" ]; then
        for FILE in $COBBLERDIR/*
        do
            backup_file $FILE
            sed -i "s/$OLD_HOSTNAME/$HOSTNAME/g" $FILE
        done
    fi
done
print_status 0  # just simulate end

# change /root/.mgr-sync
if [ -e $MGR_SYNC_CONF ]; then
    backup_file $MGR_SYNC_CONF
    sed -i "s/^mgrsync.host\s\{0,1\}=\s\{0,1\}.*/mgrsync.host = $HOSTNAME/g" $MGR_SYNC_CONF
    sed -i "s/^mgrsync.session.token\s\{0,1\}=\s\{0,1\}.*/mgrsync.session.token = \"\"/g" $MGR_SYNC_CONF
fi
print_status 0  # just simulate end

echo -n "Changing postfix settings ... " | tee -a $LOG
postconf -e myhostname=$HOSTNAME
systemctl restart postfix

echo -n "Starting spacewalk services ... " | tee -a $LOG
if [ "$DB_SERVICE" != "" ]
then
/sbin/service $DB_SERVICE stop >> $LOG 2>&1
fi
if [ "$DB_SERVICE" == "postgresql" ]
then
/sbin/service $DB_SERVICE start >> $LOG 2>&1
fi
/usr/sbin/spacewalk-service start >> $LOG 2>&1
print_status 0  # just simulate end

echo "Performing spacecmd authentication ... "
if spacecmd -q login; then
    echo "You must provide valid credentials!"
    bye
else
    echo "OK"
fi

# Refresh the minion pillar data since they contain the repos URLs with the old hostname
refresh_pillar

echo "[$(date)]: $(basename $0) finished successfully." >> $LOG