#!/usr/bin/env bash
# -
# - Sets new serial and reloads zone
# -
# - Return (Exit) Codes:
# -    success:
# -       0:    Serial is replaced and Zone is reloaded
# -    error:
# -      10:    Invalid Hostname/Domain given
# -      15:    Hostname/Domain not supported
# -      11:    No zonefile found
# -      12:    Determin new Serial failed
# -      13:    Increasing Serial failed
# -      14:    Reloading Zone failed
# -      99:    Fatal error
# - 
# - usage:   ./nd_set_new_serial.sh <hostname|domain>
# -
# - example: ./nd_set_new_serial.sh a.mx.open.de


#---------------------------------------
#-----------------------------
# Setting Defaults
#-----------------------------
#---------------------------------------

DEFAULT_CONF_FILE_DIR="/etc/bind"
DEFAULT_BIND_USER="bind"
DEFAULT_BIND_GROUP="bind"


#***************************************
#----------------------------- 
# Don't make changes after this 
#----------------------------- 
#***************************************


working_dir="$(dirname $(realpath $0))"
conf_file="${working_dir}/conf/bind.conf"

log_file="$(mktemp)"

backup_date="$(date +%Y-%m-%d-%H%M)"


#---------------------------------------
#-----------------------------
# Base Function(s)
#-----------------------------
#---------------------------------------

usage() {
   echo 
      [ -n  "$1" ] && echo -e "Error: $1\n"

      cat<<EOF

   Usage: $(basename $0) <hostname|domain> | <check>

      Script increases the serial for a given domain or a given hostname concerning domain.

      Parameter "check" can be used, to test whether this script is accessable (e.g. from a 
      further script on a remote host). Nothing will be done, scripts returns '0'. 


   Return (Exit) Codes:
      success:
          0:    Serial is replaced and Zone is reloaded
      error:
         10:    Invalid Hostname/Domain given
         15:    Hostname/Domain not supported
         11:    No zonefile found
         12:    Determin new Serial failed
         13:    Increasing Serial failed
         14:    Reloading Zone failed
         99:    Fatal error
   

   Options:

      -h    
            Prints this help.

      -q
            Rund in silent mode.


   Example: $(basename $0) oopen.de

EOF
clean_up 1
}

clean_up() {

   # Perform program exit housekeeping
   rm $log_file
   exit $1
}

echononl(){
   if $verbose ; then
      echo X\\c > /tmp/shprompt$$
      if [ `wc -c /tmp/shprompt$$ | awk '{print $1}'` -eq 1 ]; then
         echo -e -n "$*\\c" 1>&2
      else
         echo -e -n "$*" 1>&2
      fi
      rm /tmp/shprompt$$
   fi
}

fatal(){
   if $verbose ; then
      echo ""
      echo -e "[ \033[31m\033[1mError\033[m ]: $*"
      echo ""
      echo -e "\t\033[31m\033[1mScript is canceled\033[m\033[m"
      echo ""
      clean_up 99
   fi
}

warn (){
   if $verbose ; then
      echo ""
      echo -e "\t[ \033[33m\033[1mWarning\033[m ]: $*"
      echo ""
   fi
}

info (){
   if $verbose ; then
      echo ""
      echo -e "\t[ \033[32m\033[1mInfo\033[m ]: $*"
      echo ""
   fi
}

ok (){
   if $verbose ; then
      echo ""
      echo -e "\t[ \033[36m\033[1mOk\033[m ]: $*"
      echo ""
   fi
}

error(){
   if $verbose ; then
      echo ""
      echo -e "\t[ \033[31m\033[1mFehler\033[m ]: $*"
      echo ""
   fi
}

echo_ok() {
   if $verbose ; then
      echo -e "\033[75G[ \033[32mok\033[m ]"
   fi
}
echo_failed(){
   if $verbose ; then
      echo -e "\033[75G[ \033[1;31mfailed\033[m ]"
   fi
}
echo_skipped() {
   if $verbose ; then
      echo -e "\033[75G[ \033[33m\033[1mskipped\033[m ]"
   fi
}

containsElement () {
   local e
   for e in "${@:2}"; do [[ "$e" == "$1" ]] && return 0; done
   return 1
}


trap clean_up SIGHUP SIGINT SIGTERM


# - Test whether stdout (file descriptor 1) is a terminal or not (e.g. cron
# - or if you pipe the output to some other program)
#
if [[ -t 1 ]] ; then
   verbose=true
else
   verbose=false
fi


while getopts hq opt ; do
   case $opt in
      q) verbose=false
         ;;
      h) usage
          ;;
      *)
         ;;
   esac
done

shift $(expr $OPTIND - 1)
if [[ $# -ne 1 ]] ; then
   if $verbose ; then
      usage "wrong number of arguments"
   else
      clean_up 99
   fi
fi

# - Parameter "check" can be used, to test whether this script
# - is accessable (e.g. from a script on a remote host)
# -
if [[ "$1" = "check" ]]; then
   info "Script \033[1m$(basename $0)\033[m was successfully invoked, but its only a test."
   clean_up 0
fi


host_name=$1


$verbose && echo ""

if [[ -z "$host_name" ]] ; then
   fatal "No hostname/domain given!"
fi



#---------------------------------------
#-----------------------------
# Load default values from bind.conf
#
# Overwrites the settings above
# 
#-----------------------------
#---------------------------------------

if $verbose ; then
   clear
   echo ""
   echo -e "\033[32mRunning script \033[1m"$(basename $0)"\033[m .."
   echo ""
fi


info "Given hostname: \033[1m${host_name}\033[m"


echononl "\t   Loading default Configuration values from $(basename ${conf_file}).."
if [[ ! -f "$conf_file" ]]; then
   echo_skipped
else
   source "${conf_file}" > $log_file 2>&1
   if [[ $? -eq 0 ]]; then
      echo_ok
   else
      echo_failed
      fatal "$(cat $log_file)"
   fi
fi

[[ -n "$CONF_FILE_DIR" ]] || CONF_FILE_DIR="$DEFAULT_CONF_FILE_DIR"
[[ -n "$ZONES_DECLARATION_FILE" ]] || ZONES_DECLARATION_FILE="${CONF_FILE_DIR}/named.conf.local"
[[ -n "$BIND_USER" ]] || BIND_USER="$DEFAULT_BIND_USER"
[[ -n "$BIND_GROUP" ]] || BIND_GROUP="$DEFAULT_BIND_GROUP"

$verbose && echo ""


# - Validate Syntax of given domain
# -
valid_domain_regex="^([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]{0,61}[a-zA-Z0-9])(\.([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]{0,61}[a-zA-Z0-9]))*$"
echononl "\t   Validate syntax of given domain.."
if [[ $host_name =~ $valid_domain_regex ]]; then
   if [[ ! $host_name =~ \. ]]; then
       echo_failed
       error "Invalid hostname/domain \"$host_name\" given!"
       clean_up 10
   else
      echo_ok
   fi
else
   echo_failed
   error "Invalid hostname/domain \"$host_name\" given!"
   clean_up 10
fi


# - Determin zone (domain)
# -
_failed=false
_host_name=$host_name
_tmp_host_name=$(echo ${_host_name//\./\\.})
while ! grep -e "$_tmp_host_name" $ZONES_DECLARATION_FILE > /dev/null 2>&1 ; do
   _host_name=${_host_name#*.}
   _tmp_host_name=$(echo ${_host_name//\./\\.})
   if [[ ! $_tmp_host_name =~ \. ]]; then
      _failed=true
      break
   fi
done

if $_failed ; then
   error "Given hostname/domain \"${_host_name}\" not supported by this nameserver!"
else
   domain=$_host_name
fi


# - Determine zonefile (by reading bind configuration)
# -
_found=false
declare -i _number=0
regex_zone="^[[:space:]]*zone[[:space:]]+\"$_tmp_host_name\""
regex_file="^[[:space:]]*file"
while IFS='' read -r line || [[ -n "$line" ]] ; do
   if [[ $line  =~ $regex_zone ]]; then
      _found=true
   fi
   if $_found ; then
      if [[ $line  =~ $regex_file ]]; then
         zone_file=`echo $line | awk '{print$2}'`
         shopt -s extglob
         if [[ $zone_file =~ \; ]]; then
            zone_file=${zone_file%%*(\;)}
         fi
         if [[ $zone_file =~ ^\" ]]; then
            zone_file=${zone_file##*(\")}
            zone_file=${zone_file%%*(\")}
         fi
         shopt -u extglob
         let number++
         break
      fi
   fi
done < $ZONES_DECLARATION_FILE

if [[ $number -eq 0 ]] ; then
   error "No Zonefile (master) found for domain \"$domain\" ."
   clean_up 11
fi

zone_file_dir=`dirname $zone_file`


echononl "\t   Backup existing directory containg zonefiles.."
if [[ -d "$zone_file_dir" ]] ; then
   cp -a "$zone_file_dir" "${zone_file_dir}.$backup_date" > $log_file 2>&1
   if [[ $? -eq 0 ]]; then
      echo_ok
   else
      echo_failed
      error "$(cat $log_file)"
      clean_up 99
   fi
else
   echo_failed
   error "Zonefile directory not found for domain \"$domain\" ."
   clean_up 99
fi


# - Determin new serial
# -
echononl "\t   Determin new serial.."
_failed=false
declare -i serial_new=`date +%Y%m%d01`
serial_cur=`grep -e "^\s*[0-9]\{10\}" $zone_file | grep serial | awk '{print$1}'`
if [[ $? -gt 0 ]] ; then
   _failed=true
fi
while [ ! $serial_new -gt $serial_cur ]; do
   let serial_new++
done
if [[ $? -gt 0 ]] ; then
   _failed=true
fi
if $_failed ; then
   echo_failed
   error "Determin Serial failed!"
   clean_up 12
else
   echo_ok
fi


# - Replace serial with the new one
# -
echononl "\t   Increase serial for zone file \"`basename $zone_file`\".."
perl -i -n -p -e "s#^(\s*)\s$serial_cur(.*)#\1 $serial_new\2#" $zone_file > /dev/null 2>&1
if [[ $? -eq 0 ]]; then
   echo_ok
else
   echo_failed
   error "Increasing Serial failed!"
   clean_up 13
fi

$verbose && echo ""
echononl "\t   Correct Owner for $zone_file .."
chown $BIND_USER:$BIND_GROUP $zone_file
if [[ $? -eq 0 ]] ; then
   echo_ok
else
   echo_failed
   clean_up 99
fi
echononl "\t   Correct permissions on $zone_file .."
chmod 644 $zone_file
if [[ $? -eq 0 ]] ; then
   echo_ok
else
   echo_failed
   clean_up 99
fi


if [[ -d "${zone_file_dir}.$backup_date" ]] ; then
   diff -Nur "$zone_file_dir" "${zone_file_dir}.$backup_date" > /dev/null 2>&1
   if [[ $? -eq 0 ]]; then
      info "No zone file has changed.\n\t          Removing previously created backup."
      echononl "\t   Delete '${zone_file_dir}.$backup_date'.."
      rm -rf "${zone_file_dir}.$backup_date" > $log_file 2>&1
      if [[ $? -eq 0 ]]; then
         echo_ok
      else
         echo_failed
      fi
   fi
fi

$verbose && echo ""

# - Reload Zone
# -
echononl "\tReloading zone \"$domain\".."
rndc reload $domain > /dev/null 2>&1
if [[ $? -eq 0 ]]; then
   echo_ok
   info "Serial increased and zone reloaded ($domain)"
   clean_up 0
else
   echo_failed
   error "Increasing Serial failed!"
   clean_up 13
fi

$verbose && echo ""
clean_up 99