#!/bin/sh

# This script's purpose is to launch check_nrpe through stunnel
# in a transparent way
# - Nagios/Shinken launch "check_nrpe_stunnel -H host -c command"
# - this script looks up in a database (-d option) to redirect the
#   call to the local port of the stunnel
#
# This script needs :
# - nrpe daemon on the remote host
# - stunnel in server mode on the remote host
# - stunnel in client mode on the local (nagios/shinken) host
# - a database (cf help message)

# TODO : copy stunnel conf.

# Default options
NAGIOS_CHECKNRPE="/usr/lib/nagios/plugins/check_nrpe"
DATABASE="/etc/nagios/check_nrpe_stunnel.lst"

# Par défaut, on arrête le script à la première erreur non "catchée"
set -e

PROGPATH=$( echo $0 | sed -e 's,[\\/][^\\/][^\\/]*$,,' )
REVISION="0.1"

. $PROGPATH/utils.sh

# Fonctions
# affiche le message d'aide
usage() {
cat <<EOF
  $0 -d <database> -C <check_nrpe path> -H <host> -c <command> ... (cf. check_nrpe_options)
  $0 -h

	-h :       ce message d'aide

Database is a text file with two fields, separated by tabulation. The first
is the local port for stunnel to join the host in the second field.
Example :
5678	bdd.localdomain
5679	proxmox.localdomain
5680	backup.localdomain

(for examples of how to setup stunnel, cf. comments in this script)

Default options :
	Database : $DATABASE
	check_nrpe path : $NAGIOS_CHECKNRPE
EOF
}


# Début du code
# gestion des options de lancement
while getopts d:H:c:C:nut:a: f; do
	case $f in
		'a')
			NAGIOS_ARGLIST="$OPTARG"
			;;

		'c')
			NAGIOS_COMMAND="$OPTARG"
			;;

		'C')
			NAGIOS_CHECKNRPE="$OPTARG"
			;;

		'd')
			DATABASE="$OPTARG"
			;;

		'H')
			NAGIOS_HOST="$OPTARG"
			;;

		'n')
			NAGIOS_NOSSL="1"
			;;

		't')
			NAGIOS_TIMEOUT="$OPTARG"
			;;
		'u')
			NAGIOS_SOCKET_NONCRITICALTIMEOUT="1"
			;;

		'h')
			usage
			exit 0
			;;

		\?)
			usage >&2
			exit 1
			;;
	esac
done
#(code inutile, mais que je garde parce qu'on ne sait jamais)
#shift $( expr $OPTIND - 1 )
#DATA="$1"

# Petite vérif.
if [ ! -f "$DATABASE" ]; then
	echo "UNKNOWN: no check_nrpe_stunnel database found."
	exit $STATE_UNKNOWN
fi
if [ ! -f "$NAGIOS_CHECKNRPE" ]; then
	echo "UNKNOWN: check_nrpe_stunnel could not find check_nrpe (-C flag)."
	exit $STATE_UNKNOWN
fi

# Lookup for host in database
STUNNEL_PORT="$( grep -w "^$NAGIOS_HOST" "$DATABASE" | head -n 1 | cut -f 2 )"

if [ -z "$STUNNEL_PORT" ]; then
	echo "UNKNOWN: Host not found in check_nrpe_stunnel database."
	exit $STATE_UNKNOWN
fi

$NAGIOS_CHECKNRPE -H localhost -p $STUNNEL_PORT \
	$( test -n "$NAGIOS_SOCKET_NONCRITICALTIMEOUT" && printf "%s" "-u" ) \
	$( test -n "$NAGIOS_NOSSL" && printf "%s" "-n" ) \
	$( test -n "$NAGIOS_TIMEOUT" && printf "%s %d" "-t" "$NAGIOS_TIMEOUT" ) \
	$( test -n "$NAGIOS_COMMAND" && printf "%s %s" "-c" "$NAGIOS_COMMAND" ) \
	$( test -n "$NAGIOS_ARGLIST" && printf "%s %s" "-a" "$NAGIOS_ARGLIST" )