#!/bin/sh
# File	: noc_export-policy-rule_update.sh
# By	: Maarten.deBoer@Atos.net, 230905
# Subject	: Script to create/update NetappOntap via Cli export-policy rules
# Copied from	: cdot_cre_export-policy-rule.sh
#(0.2),240216	: Mod. FILTER, CSV
#(0.3),240228	: Mod. for check hostnames
#(0.4),240326	: Mod. CSV-layout, added modify
PGM=`basename $0|cut -d\. -f1`
VER="0.4"
LOG="${HOME}/log/${PGM}.log"
SSH="/usr/bin/ssh -n"

# Policy-filter
FILTER="mss"
#CSV="${HOME}/data/csv/nl-fsod-export-policy-rule_env12.csv"

echo "`date` ${PGM} v${VER} started."|tee -a ${LOG}
if [ "${1}" != "" ]; then
  FILTER="${1}"
fi
CSV="${HOME}/data/csv/nl-fsod-export-policy-rule_${FILTER}.csv"
if [ "${2}" != "" ]; then
  CSV="${2}"
fi

echo "  FILTER(1)=${FILTER}"
echo "  CSV(2)=${CSV}"
sleep 1

if [ ! -f ${CSV} ]; then
  echo "  NO CSV (${CSV}) file find. Exiting ..."|tee -a ${LOG}
  exit 3
fi  # <> CSV


# NAO_CLUSTERNAME(1);NAO_VSERVER_NAME(2);NAO_QTREE_EXPORT_POLICY(3);NAO_CLIENTMATCH(4);RULEINDEX(5);RWRULE(6);RORULE(7);SUPERUSER(8);ANON(9);ALLOW_SUID(10);ALLOW_DEV(11);
#
#vserver;policyname;ruleindex;protocol;clientmatch;rorule;rwrule;anon;superuser;allow-suid;allow-dev
#
cat ${CSV}|grep -v ^#|grep "${FILTER}"|while read LINE
do
  NAO_CLUSTERNAME=`echo ${LINE}|awk -F\; '{print $1}'`
  NAO_VSERVER_NAME=`echo ${LINE}|awk -F\; '{print $2}'`
  NAO_QTREE_EXPORT_POLICY=`echo ${LINE}|awk -F\; '{print $3}'`
  NAO_RULEINDEX=`echo ${LINE}|awk -F\; '{print $4}'`
  NAO_PROTOCOL=`echo ${LINE}|awk -F\; '{print $5}'`
  NAO_CLIENTMATCH=`echo ${LINE}|awk -F\; '{print $6}'`
  NAO_RORULE=`echo ${LINE}|awk -F\; '{print $7}'`
  NAO_RWRULE=`echo ${LINE}|awk -F\; '{print $8}'`
  NAO_ANON=`echo ${LINE}|awk -F\; '{print $9}'`
  NAO_SUPERUSER=`echo ${LINE}|awk -F\; '{print $10}'`
  NAO_ALLOW_SUID=`echo ${LINE}|awk -F\; '{print $11}'`
  NAO_ALLOW_DEV=`echo ${LINE}|awk -F\; '{print $12}'`

# Check if hostname is in (local) 'dns hosts'
  CLIENT_HOSTNAME=`echo ${NAO_CLIENTMATCH}| grep  -vE "^([0-9]{1,3}[\.]){3}[0-9]{1,3}/[0-9]{1,2}$"`
  if [ "${CLIENT_HOSTNAME}" != "" ]; then
# When hostname, then check in dns / hosts
    DNS_SHOW=`${SSH} ${NAO_CLUSTERNAME} "dns show -vserver ${NAO_VSERVER_NAME}"| grep ${NAO_VSERVER_NAME}`
    echo "    CLIENT_HOSTNAME=${CLIENT_HOSTNAME} DNS_SHOW=${DNS_SHOW}"
    if [ "${DNS_SHOW}" = "" ]; then
# When no DNS, then check ("local") host entry
      CHK_HOSTNAME=`${SSH} ${NAO_CLUSTERNAME} "dns hosts show -vserver ${NAO_VSERVER_NAME} -hostname ${CLIENT_HOSTNAME}"| grep ${CLIENT_HOSTNAME}`
      if [ "${CHK_HOSTNAME}" = "" ]; then
        echo "!!  NO hostname (${CLIENT_HOSTNAME}) found in (local) DNS (dns hosts)"
        echo "" 
        sleep 2
      fi  # CHK_HOSTNAME}" = ""
    fi  # DNS_SHOW}" != ""
  fi  # CLIENT_HOSTNAME}" != ""


  if [ "${NAO_CLUSTERNAME}" != "" ] && [ "${NAO_VSERVER_NAME}" != "" ]; then

    echo "  NAO_CLUSTERNAME=${NAO_CLUSTERNAME} NAO_VSERVER_NAME=${NAO_VSERVER_NAME} NAO_QTREE_EXPORT_POLICY=${NAO_QTREE_EXPORT_POLICY} NAO_RULEINDEX=${NAO_RULEINDEX} NAO_PROTOCOL=${NAO_PROTOCOL} NAO_CLIENTMATCH=${NAO_CLIENTMATCH} NAO_RWRULE=${NAO_RWRULE} NAO_RORULE=${NAO_RORULE} NAO_SUPERUSER=${NAO_SUPERUSER} NAO_ANON=${NAO_ANON} NAO_ALLOW_SUID=${NAO_ALLOW_SUID} NAO_ALLOW_DEV=${NAO_ALLOW_DEV} "
    sleep 1

    if [ "${NAO_RULEINDEX}" != "" ]; then
# Check is rule(index) is already added

      EXP_POL=`${SSH} ${NAO_CLUSTERNAME} "export-policy show -vserver ${NAO_VSERVER_NAME} -policy ${NAO_QTREE_EXPORT_POLICY} -field policyname "|grep ${NAO_VSERVER_NAME} `
      if [ "${EXP_POL}" = "" ]; then
        ${SSH} ${NAO_CLUSTERNAME} "export-policy create -vserver ${NAO_VSERVER_NAME} -policy ${NAO_QTREE_EXPORT_POLICY} "
      fi  # EXP_POL

      EXP_POL_RULE=`${SSH} ${NAO_CLUSTERNAME} "export-policy rule show -vserver ${NAO_VSERVER_NAME} -policy ${NAO_QTREE_EXPORT_POLICY} -ruleindex ${NAO_RULEINDEX}"|grep ${NAO_VSERVER_NAME} `
      if [ "${EXP_POL_RULE}" = "" ]; then
# When ruleindex not there, then create new one
        ${SSH} ${NAO_CLUSTERNAME} "export-policy rule create -vserver ${NAO_VSERVER_NAME} -policy ${NAO_QTREE_EXPORT_POLICY} -ruleindex ${NAO_RULEINDEX} -protocol ${NAO_PROTOCOL} -clientmatch \"${NAO_CLIENTMATCH}\"  -rorule ${NAO_RORULE} -rwrule ${NAO_RWRULE} -anon ${NAO_ANON} -superuser ${NAO_SUPERUSER} -allow-suid ${NAO_ALLOW_SUID} -allow-dev ${NAO_ALLOW_DEV} "
      else
        ${SSH} ${NAO_CLUSTERNAME} "export-policy rule modify -vserver ${NAO_VSERVER_NAME} -policy ${NAO_QTREE_EXPORT_POLICY} -ruleindex ${NAO_RULEINDEX} -protocol ${NAO_PROTOCOL} -clientmatch \"${NAO_CLIENTMATCH}\"  -rorule ${NAO_RORULE} -rwrule ${NAO_RWRULE} -anon ${NAO_ANON} -superuser ${NAO_SUPERUSER} -allow-suid ${NAO_ALLOW_SUID} -allow-dev ${NAO_ALLOW_DEV} "
      fi  # EXP_POL_RULE}" = ""

    fi  # NAO_RULEINDEX}" != ""

    echo "export-policy rule:"
    ${SSH} ${NAO_CLUSTERNAME} "export-policy rule show -vserver ${NAO_VSERVER_NAME} -policy ${NAO_QTREE_EXPORT_POLICY} -field vserver,policy,clientmatch,ruleindex"|tee -a ${LOG}
    echo "dns hosts:"
    ${SSH} ${NAO_CLUSTERNAME} "dns hosts show -vserver ${NAO_VSERVER_NAME} "|tee -a ${LOG}
    sleep 1
  fi  # !=
done  # LINE

echo "`date` ${PGM} v${VER} finished."|tee -a ${LOG}
exit 0