#######Set Variables
HOST_TYPE=WN
SITE_INFO_FILE=/etc/site-info.def               #Where the site-info.def file should reside
INSTALL_HOST=vm.sagrid.ac.za                    #The host where to copy the site-info.def file and certificates from
INSTALL_BASE=/installs/Grid/Certs               #The path where to copy the certificates from
CMD_HOSTNAME=/bin/hostname                      #The command to execute to determine the hostname
CMD_NSLOOKUP=/usr/bin/nslookup                  #The command to execute to resolve the ip-address from the DNS

REPOS="ca dag ig jpackage gilda"                #Repos that should be downloaded
CONFIG_CMD="/opt/glite/yaim/bin/ig_yaim"        #The Yaim config command
CONFIG_TEST="-v"                                #The command option to parse, to verify the config file
CONFIG_OPTIONS="-c"                             #The command option to parse, to configure the services
CONFIG_FILE="-s \$SITE_INFO_FILE"               #How to load the site-info.def config file
RECONFIG_CMD="/root/bin/reconfig.grid"          #A file to create to re-execute the config at a later stage
YUM_PACKAGES="ntp xml-commons-resolver11 java-1.5.0-sun-compat jdk lcg-CA"  #Packages to install
REQ_CERTS=1                                     #Is a host certificate requested
EXIT_ON_ERROR=0                                 #Should script exit if an error is encountered

#If this script is executed directly in a bash shell, don't exit the shell on errors.
[ $0 == "/bin/bash" ] || EXIT_ON_ERROR=1

#Set specific variables for different installation types
yum -y remove glut
REPOS="$REPOS glite-wn_torque"
REQ_VARS="JAVA_LOCATION BDII_HOST MON_HOST SE_LIST SITE_NAME USERS_CONF VOS WN_INFO_CONFIG_FILE"
YAIM_OPTIONS="ig_WN_torque"
YUM_PACKAGES="$YUM_PACKAGES openafs kernel-module-openafs-`uname -r` castor-devel ig_WN_torque gilda_utils gilda_applications openafs-client"
FW_UDP_PORTS=""
FW_TCP_PORTS=""
REF_SITE="https://twiki.cern.ch/twiki/bin/view/LCG/Site-info_configuration_variables#WN"
POST_CONFIG=""
REQ_CERTS=0      

#Test to see if the FQDN is set
if [ `$CMD_HOSTNAME -s` == `$CMD_HOSTNAME -f` ]; then
echo "The hostname and the domain needs to be set first"
echo "Set the FQDN in /etc/hosts, /etc/sysconfig/network and execute:"
echo "hostname full-hostname.full-domain"
[ $EXIT_ON_ERROR -eq 0 ] || exit 1
fi

#Get the ip-address from the DNS server
IP_FROM_DNS=$($CMD_NSLOOKUP `$CMD_HOSTNAME -f`|grep Name -A 1|grep -v Name|sed "s/Address://g"|sed 's/[ \t]*//' )

if [ "$IP_FROM_DNS" != `$CMD_HOSTNAME -i` ]; then
echo "According to your DNS:"
echo "The IP Address for `$CMD_HOSTNAME -f` should be $IP_FROM_DNS"
echo "The IP Address is currently `$CMD_HOSTNAME -i`"
[ $EXIT_ON_ERROR -eq 0 ] || exit 1
else
echo "Running on `hostname -f`"
fi

######Set the Certificates' permissions
if [ $REQ_CERTS -ne 0 ]; then
mkdir /etc/grid-security

if [ -e /etc/grid-security/hostcert.pem ]; then
chmod 644 /etc/grid-security/hostcert.pem
chmod 400 /etc/grid-security/hostkey.pem
else
echo "Certificates could not be found under /etc/grid-security"
echo "Please coppy your hostkey.pem and hostcert.pem to /etc/grid-security"
[ $EXIT_ON_ERROR -eq 0 ] || exit 1
fi
else
echo "No Certificates needed for this host"
fi
###################################################################
echo
echo "Downloading the Repositories"
echo

for name in $REPOS
do
wget http://grid-it.cnaf.infn.it/mrepo/repos/$name.repo -O /etc/yum.repos.d/$name.repo
done

#Download certain Repos from different host
GILDA_REPOS="ca gilda"
for name in $GILDA_REPOS
do
wget  http://grid018.ct.infn.it/mrepo/repos/$name.repo -O /etc/yum.repos.d/$name.repo
done
###################################################################
echo
echo "Installing Packages:"
echo $YUM_PACKAGES
echo

INSTALL_DONE=""
INSTALL_FAILED=""

for package in $YUM_PACKAGES
do
echo
echo "Trying to install $package:"
echo
yum -y install $package
if [ $? -ne 0 ]; then
echo
echo "Failed to install package $package"
echo
INSTALL_FAILED="$INSTALL_FAILED $package"
else
INSTALL_DONE="$INSTALL_DONE $package"
fi
done
echo
echo "Installed Packages: $INSTALL_DONE"

if [ "x$INSTALL_FAILED" != "x" ]; then
echo "Failed to Install: $INSTALL_FAILED"
[ $EXIT_ON_ERROR -eq 0 ] || exit 1
fi
###################################################################
echo
echo "Configuring the IPTables Firewall"
echo

/sbin/iptables -D RH-Firewall-1-INPUT -j REJECT --reject-with icmp-host-prohibited

if [ "x$FW_TCP_PORTS" != "x" ]; then
for port in $FW_TCP_PORTS
do
/sbin/iptables -D RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport $port -j ACCEPT
/sbin/iptables -A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport $port -j ACCEPT
/sbin/iptables -D RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --sport $port -j ACCEPT
/sbin/iptables -A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --sport $port -j ACCEPT
done
fi

if [ "x$FW_UDP_PORTS" != "x" ]; then
for port in $FW_UDP_PORTS
do
/sbin/iptables -D RH-Firewall-1-INPUT -m state --state NEW -m udp -p udp --dport $port -j ACCEPT
/sbin/iptables -A RH-Firewall-1-INPUT -m state --state NEW -m udp -p udp --dport $port -j ACCEPT
/sbin/iptables -D RH-Firewall-1-INPUT -m state --state NEW -m udp -p udp --sport $port -j ACCEPT
/sbin/iptables -A RH-Firewall-1-INPUT -m state --state NEW -m udp -p udp --sport $port -j ACCEPT
done
fi

iptables -A RH-Firewall-1-INPUT -j REJECT --reject-with icmp-host-prohibited

/sbin/iptables-save > /etc/sysconfig/iptables

/etc/init.d/iptables restart
###################################################################
echo
echo "Retrieving site-info.def file"
echo

ln -s $SITE_INFO_FILE /etc
chown root: $SITE_INFO_FILE
chmod 640 $SITE_INFO_FILE

if ! [ -r $SITE_INFO_FILE ]; then
echo "The file $SITE_INFO_FILE was not found or is not readable"
[ $EXIT_ON_ERROR -eq 0 ] || exit 2
fi
###################################################################
echo
echo  "Testing the site configuration file $SITE_INFO_FILE:"
echo

source $SITE_INFO_FILE >> /dev/null

if [ $? -ne 0 ]; then
echo "Invalid syntax in file: '$SITE_INFO_FILE'"
[ $EXIT_ON_ERROR -eq 0 ] || exit 2
fi

#Verify that required variables are set
error_var=""
for var in $REQ_VARS
do
temp_var=$(cat $SITE_INFO_FILE|grep "^[\W]*$var=.*$")
if [ "x$temp_var" == "x" ]; then
error_var="$error_var $var"
fi
done

if [ "x$error_var" != "x" ]; then
echo "The following variables should be set in $SITE_INFO_FILE"
echo "$error_var"|sed "s/\W/\n/g"
[ $EXIT_ON_ERROR -eq 0 ] || exit 3
fi
###################################################################
echo
echo "Creating $RECONFIG_CMD to reconfigure node when needed"
echo

#Set the command line options for the yaim configure script
for option in $YAIM_OPTIONS
do
OPTIONS="$OPTIONS -n $option"
done

mkdir -p `dirname $RECONFIG_CMD`
cat > $RECONFIG_CMD << EOF
#!/bin/bash

##For more information see:
# $REF_SITE

SITE_INFO_FILE=$SITE_INFO_FILE
source \$SITE_INFO_FILE
RESULT=\$?

if [ \$RESULT -eq 0 ]; then
$CONFIG_CMD $CONFIG_TEST $CONFIG_FILE $OPTIONS
RESULT=\$?
fi

if [ \$RESULT -eq 0 ]; then
$CONFIG_CMD $CONFIG_OPTIONS $CONFIG_FILE $OPTIONS
else
echo "The file-syntax in '\$SITE_INFO_FILE' is invalid"
echo "Script can not continue"
exit 1
fi

exit 0
EOF
chmod 750 $RECONFIG_CMD
###################################################################
echo
echo "Copying MPI-services to $(dirname $SITE_INFO_FILE)"
echo

if [ -e /opt/glite/yaim/examples/siteinfo/services ]; then
/bin/cp -pvr /opt/glite/yaim/examples/siteinfo/services $(dirname $SITE_INFO_FILE)
fi
###################################################################
echo
echo "Configuring User and Group files"
echo

/bin/cp -f /opt/glite/yaim/examples/ig-groups.conf /opt/glite/yaim/etc/gilda/
/bin/cp -f /opt/glite/yaim/examples/ig-users.conf /opt/glite/yaim/etc/gilda/

cat /opt/glite/yaim/etc/gilda/gilda_ig-users.conf >> /opt/glite/yaim/etc/gilda/ig-users.conf
cat /opt/glite/yaim/etc/gilda/gilda_ig-groups.conf >> /opt/glite/yaim/etc/gilda/ig-groups.conf
###################################################################
echo ##############################################################
echo
echo "Done configuring the host as a $HOST_TYPE node"
echo
echo "The host is now ready to be configured."
echo "To configure the host execute:"
echo ". $RECONFIG_CMD"
[ $EXIT_ON_ERROR -eq 0 ] || exit 0