#!/bin/bash

## init icinga if need
if [ -z "$(ls -A /data)" ]; then
    ## init icinga config files
	echo init icinga2 config
	cp -ax /data-init/* /data
	rm -rf /data-init
    ## create satellite cert 
    if [ ! -z "$ICINGA2_SATELLITE_CN" ]; then
        echo generate new cert
        icinga2 pki new-cert --cn $ICINGA2_SATELLITE_CN \
        --key /var/lib/icinga2/certs/$ICINGA2_SATELLITE_CN.key \
        --cert /var/lib/icinga2/certs/$ICINGA2_SATELLITE_CN.crt
    fi
    
    ## get parent cert
    if [ ! -z "$ICINGA2_PARENT_HOST" ]; then
        echo get parent cert
        icinga2 pki save-cert \
        --trustedcert /var/lib/icinga2/certs/trusted-parent.crt \
        --host $ICINGA2_PARENT_HOST
    fi

    ## join parent
    ### see: https://icinga.com/docs/icinga-2/latest/doc/06-distributed-monitoring/#node-setup
    REQUIRED_VARS=("ICINGA2_PARENT_CN" "ICINGA2_PARENT_ZONE" "ICINGA2_PARENT_HOST" \
        "ICINGA2_SATELLITE_CN" "ICINGA2_SATELLITE_ZONE" "ICINGA2_JOIN_TICKET" )
    INIT_SATELLITE=true
    echo check env var for auto setup
    for VAR in "${REQUIRED_VARS[@]}"; do
        if [ -z "${!VAR}" ]; then
            echo "'$VAR' not set"
            INIT_SATELLITE=false
        fi
    done
    if [ "$INIT_SATELLITE" = true ]; then
        echo init satellite
        icinga2 node setup --ticket $ICINGA2_JOIN_TICKET \
        --cn $ICINGA2_SATELLITE_CN \
        --endpoint $ICINGA2_PARENT_CN \
        --zone $ICINGA2_SATELLITE_ZONE \
        --parent_zone $ICINGA2_PARENT_ZONE \
        --parent_host $ICINGA2_PARENT_HOST \
        --trustedcert /var/lib/icinga2/certs/trusted-parent.crt \
        --accept-commands --accept-config --disable-confd
    else
        echo satellite not initialized, must do manually
    fi
fi


# run CMD
exec "$@"