#!/usr/bin/env bash set -euo pipefail TERKOM_HOME="${TERKOM_HOME:-/opt/terkom-ng/terkom}" SCRIPT_DIR="${SCRIPT_DIR:-$TERKOM_HOME/scripts}" DIAG_SCRIPT="${DIAG_SCRIPT:-$SCRIPT_DIR/terkom-diagnostic.sh}" NOTIFY_ENV_FILE="${NOTIFY_ENV_FILE:-$TERKOM_HOME/.terdiag-notify.env}" CONFIG_FILE="${CONFIG_FILE:-$TERKOM_HOME/config-local.yaml}" ACTIVE_PROFILE_FILE="${ACTIVE_PROFILE_FILE:-$TERKOM_HOME/terkom-diagnostic.active-profile}" IDENTITY_CACHE_FILE="${IDENTITY_CACHE_FILE:-/run/terkom-diagnostic/ftp_client_folder.sav}" DEFAULT_FTP_SERVER="ftp.altisima.cz" DEFAULT_FTP_USER="zalohydat.cz" DEFAULT_FTP_PASS_ENC="gAAAAABn0td_PN72bjMcNYWX6ddlK0kcYmk2nKq9ew6RlR1h4nN4kqUFzCQrP43x-tC3aQe11eHXXarDWwQhT5B-hXfGc3JuAA==" DEFAULT_FTP_FERNET_KEY="nnc4kTrgXxKgEhAcXEpXzt6xwOD1kVY5UEwsmzfIZH0=" DEFAULT_FTP_BASE_DIR="diagnostika" usage() { echo "Pouziti: sudo set_ai_report_mail.sh on|off|true|false" } if [ "$(id -u)" != "0" ]; then echo "[ERROR] Spust jako root: sudo $0 on|off" >&2 exit 1 fi value="${1:-}" case "$(printf '%s' "$value" | tr '[:upper:]' '[:lower:]')" in on|true|1|yes) flag_bool="true"; flag_file="TRUE"; flag_marker="ON" ;; off|false|0|no) flag_bool="false"; flag_file="FALSE"; flag_marker="OFF" ;; *) usage; exit 2 ;; esac remount_rw() { mount -o remount,rw / 2>/dev/null || true mount -o remount,rw /boot 2>/dev/null || true } remount_ro() { sync || true mount -o remount,ro /boot 2>/dev/null || true mount -o remount,ro / 2>/dev/null || true } set_env_key() { local key="$1" val="$2" touch "$NOTIFY_ENV_FILE" if grep -qE "^${key}=" "$NOTIFY_ENV_FILE"; then sed -i "s|^${key}=.*|${key}=${val}|" "$NOTIFY_ENV_FILE" else printf '%s=%s\n' "$key" "$val" >> "$NOTIFY_ENV_FILE" fi } yaml_get_root_key() { local key="$1" grep -E "^[[:space:]]*$key:[[:space:]]*" "$CONFIG_FILE" 2>/dev/null \ | head -n 1 \ | sed -E "s/^[[:space:]]*$key:[[:space:]]*//" \ | tr -d '"' \ | xargs } yaml_get_connection_key() { local key="$1" sed -n '/^[[:space:]]*connection:[[:space:]]*$/,/^[^[:space:]]/p' "$CONFIG_FILE" 2>/dev/null \ | grep -E "^[[:space:]]*$key:[[:space:]]*" \ | head -n 1 \ | sed -E "s/^[[:space:]]*$key:[[:space:]]*//" \ | tr -d '"' \ | xargs } sanitize_name() { printf '%s' "$1" | tr ' /:' '___' | sed 's/\\/__/g' | tr -cd '[:alnum:]_.-' } abbrev_client_name() { local name="$1" maxlen="${2:-18}" local clean abbr result="" word clean="$(printf '%s' "$name" | iconv -f utf-8 -t ascii//TRANSLIT 2>/dev/null || printf '%s' "$name")" clean="$(printf '%s' "$clean" | tr -cd '[:alnum:] ' | xargs)" local compact="${clean// /}" if [ "${#compact}" -le "$maxlen" ]; then echo "$compact" return fi for word in $clean; do word="$(printf '%s' "$word" | tr -cd '[:alnum:]')" [ -z "$word" ] && continue abbr="${word:0:4}" abbr="$(printf '%s' "${abbr:0:1}" | tr '[:lower:]' '[:upper:]')${abbr:1}" result="${result}${abbr}" done echo "${result:0:$maxlen}" } find_ftp_client_folder_by_prefix() { local cid="$1" [ -n "$cid" ] || return 0 FTP_SERVER_ENV="${FTP_SERVER:-$DEFAULT_FTP_SERVER}" FTP_USER_ENV="${FTP_USER:-$DEFAULT_FTP_USER}" FTP_PASS_ENV="${FTP_PASS:-}" FTP_PASS_ENC_ENV="${FTP_PASS_ENC:-$DEFAULT_FTP_PASS_ENC}" FTP_FERNET_KEY_ENV="${FTP_FERNET_KEY:-$DEFAULT_FTP_FERNET_KEY}" FTP_BASE_DIR_ENV="${FTP_BASE_DIR:-$DEFAULT_FTP_BASE_DIR}" FTP_CLIENT_ID_ENV="$cid" \ python3 - <<'PY' import ftplib import os import sys server = os.environ.get("FTP_SERVER_ENV", "") user = os.environ.get("FTP_USER_ENV", "") pw = os.environ.get("FTP_PASS_ENV", "") enc = os.environ.get("FTP_PASS_ENC_ENV", "") key = os.environ.get("FTP_FERNET_KEY_ENV", "") base = os.environ.get("FTP_BASE_DIR_ENV", "diagnostika").strip("/") cid = os.environ.get("FTP_CLIENT_ID_ENV", "") try: if not pw and enc and key: from cryptography.fernet import Fernet pw = Fernet(key.encode()).decrypt(enc.encode()).decode() if not (server and user and pw and cid): sys.exit(0) ftp = ftplib.FTP(server, timeout=30) ftp.login(user, pw) ftp.cwd("/") for part in [p for p in base.split("/") if p]: ftp.cwd(part) names = [] try: names = ftp.nlst() except Exception: names = [] ftp.quit() clean = sorted({name.strip("/").split("/")[-1] for name in names if name not in {".", ".."}}) if cid in clean: print(cid) sys.exit(0) matches = [name for name in clean if name.startswith(cid + "_")] if matches: print(matches[0]) except Exception: sys.exit(0) PY } resolve_client_folder() { local cached cid client_name db_host db_port db_user db_password db_name total_max=24 maxname name ftp_match cached="$(head -c 80 "$IDENTITY_CACHE_FILE" 2>/dev/null | tr -cd '[:alnum:]_.-' || true)" if [ -n "$cached" ]; then echo "$cached" return 0 fi cid="$(yaml_get_root_key customerId)" cid="$(sanitize_name "${cid:-}")" [ -n "$cid" ] || cid="unknown-customer" db_host="$(yaml_get_connection_key host)" db_port="$(yaml_get_connection_key port)" db_user="$(yaml_get_connection_key user)" db_password="$(yaml_get_connection_key password)" db_name="$(yaml_get_connection_key database)" if command -v psql >/dev/null 2>&1 && [ -n "$db_host" ] && [ -n "$db_port" ] && [ -n "$db_user" ] && [ -n "$db_name" ]; then client_name="$(PGPASSWORD="$db_password" timeout 5 psql -h "$db_host" -p "$db_port" -U "$db_user" -d "$db_name" -t -A -c "SELECT hodnota FROM parametry WHERE parametr='NameSubject' LIMIT 1;" 2>/dev/null | xargs || true)" if [ -z "$client_name" ]; then client_name="$(PGPASSWORD="$db_password" timeout 5 psql -h "$db_host" -p "$db_port" -U "$db_user" -d "$db_name" -t -A -c "SELECT hodnota FROM parametry WHERE parametr='AdrSubject' LIMIT 1;" 2>/dev/null | xargs || true)" fi fi total_max=24 maxname=$(( total_max - ${#cid} - 1 )) [ "$maxname" -lt 4 ] && maxname=4 if [ -n "${client_name:-}" ]; then name="$(abbrev_client_name "$client_name" "$maxname")" if [ -n "$name" ]; then echo "${cid}_${name}" else ftp_match="$(find_ftp_client_folder_by_prefix "$cid" 2>/dev/null || true)" [ -n "$ftp_match" ] && echo "$ftp_match" || echo "$cid" fi else ftp_match="$(find_ftp_client_folder_by_prefix "$cid" 2>/dev/null || true)" [ -n "$ftp_match" ] && echo "$ftp_match" || echo "$cid" fi } update_marker() { [ -f "$CONFIG_FILE" ] || return 0 local version profile marker version="$(grep -m1 '^SCRIPT_VERSION=' "$DIAG_SCRIPT" 2>/dev/null | tr -d '"' | cut -d= -f2 | xargs || true)" [ -n "$version" ] || version="unknown" profile="$(cat "$ACTIVE_PROFILE_FILE" 2>/dev/null | tr -dc '0-9' || true)" [ -n "$profile" ] || profile="1" marker="DIAG_v${version}_P${profile}_mail_${flag_marker}" if grep -qE '"?description"?[[:space:]]*:.*DIAG_v' "$CONFIG_FILE" 2>/dev/null; then sed -i "s/DIAG_v[^ \"']*/${marker}/g" "$CONFIG_FILE" elif grep -q '---DIA_v' "$CONFIG_FILE" 2>/dev/null; then sed -i "s/---DIA_v[^ \"']*/ ${marker}/g" "$CONFIG_FILE" elif grep -q '---DIAGNOSTIKA' "$CONFIG_FILE" 2>/dev/null; then sed -i "s/---DIAGNOSTIKA/ ${marker}/g" "$CONFIG_FILE" fi echo "[OK] Marker: ${marker}" } detect_terkom_service() { local svc found svc="${TERKOM_SERVICE:-}" if [ -n "$svc" ] && systemctl cat "$svc" >/dev/null 2>&1; then echo "$svc" return fi for candidate in terkom-ng-server terkom-ng terkom-server terkom kiosk service; do if systemctl cat "$candidate" >/dev/null 2>&1; then echo "$candidate" return fi done found="$(systemctl list-units --all --type=service --no-legend 2>/dev/null \ | awk '{print $1}' | grep -iE 'terkom|kiosk' | grep -v 'terkom-diagnostic' | head -1 || true)" if [ -n "$found" ] && systemctl cat "$found" >/dev/null 2>&1; then echo "$found" return fi found="$(systemctl list-unit-files --type=service --no-legend 2>/dev/null \ | awk '{print $1}' | grep -iE 'terkom|kiosk' | grep -v 'terkom-diagnostic' | head -1 || true)" if [ -n "$found" ] && systemctl cat "$found" >/dev/null 2>&1; then echo "$found" return fi echo "" } restart_terkom_for_marker() { local svc svc="$(detect_terkom_service)" if [ -z "$svc" ]; then echo "[WARN] Terkom service nenalezena. Marker je zapsany, ale Terkom restartuj rucne." return 0 fi echo "[INFO] Restartuji Terkom service (${svc}), aby se marker propsal na server..." systemctl stop "$svc" 2>/dev/null || true killall node 2>/dev/null || true sleep 2 systemctl reset-failed "$svc" 2>/dev/null || true if systemctl start "$svc"; then echo "[OK] Terkom service restartovana: ${svc}" else echo "[WARN] Nepodarilo se spustit Terkom service (${svc}). Zkus rucne: sudo systemctl restart ${svc}" fi } upload_mail_flag() { # shellcheck disable=SC1090 [ -f "$NOTIFY_ENV_FILE" ] && . "$NOTIFY_ENV_FILE" local client client="$(resolve_client_folder 2>/dev/null || true)" if [ -z "$client" ] || [ "$client" = "unknown-customer" ]; then echo "[WARN] Neznam FTP slozku klienta. Flag se nahraje pri dalsim incident uploadu." return 0 fi FTP_SERVER_ENV="${FTP_SERVER:-$DEFAULT_FTP_SERVER}" FTP_USER_ENV="${FTP_USER:-$DEFAULT_FTP_USER}" FTP_PASS_ENV="${FTP_PASS:-}" FTP_PASS_ENC_ENV="${FTP_PASS_ENC:-$DEFAULT_FTP_PASS_ENC}" FTP_FERNET_KEY_ENV="${FTP_FERNET_KEY:-$DEFAULT_FTP_FERNET_KEY}" FTP_BASE_DIR_ENV="${FTP_BASE_DIR:-$DEFAULT_FTP_BASE_DIR}" FTP_CLIENT_FOLDER_ENV="$client" FTP_MAIL_FLAG_ENV="$flag_file" \ python3 - <<'PY' import ftplib import io import os import sys server = os.environ.get("FTP_SERVER_ENV", "") user = os.environ.get("FTP_USER_ENV", "") pw = os.environ.get("FTP_PASS_ENV", "") enc = os.environ.get("FTP_PASS_ENC_ENV", "") key = os.environ.get("FTP_FERNET_KEY_ENV", "") base = os.environ.get("FTP_BASE_DIR_ENV", "diagnostika") client = os.environ.get("FTP_CLIENT_FOLDER_ENV", "") flag = os.environ.get("FTP_MAIL_FLAG_ENV", "FALSE") if not pw and enc and key: from cryptography.fernet import Fernet pw = Fernet(key.encode()).decrypt(enc.encode()).decode() if not (server and user and pw and client): sys.exit(0) ftp = ftplib.FTP(server, timeout=30) ftp.login(user, pw) for part in [p for p in (base + "/" + client).split("/") if p]: try: ftp.cwd(part) except Exception: ftp.mkd(part) ftp.cwd(part) ftp.storbinary("STOR mail", io.BytesIO((flag + "\n").encode("utf-8"))) ftp.quit() print(f"[OK] FTP mail flag: /{base.strip('/')}/{client}/mail = {flag}") PY } trap remount_ro EXIT remount_rw mkdir -p "$(dirname "$NOTIFY_ENV_FILE")" set_env_key "AI_REPORT_MAIL_ENABLED" "$flag_bool" set_env_key "EVENT_EMAIL_ENABLED" "false" set_env_key "DIRECT_EVENT_EMAIL_ENABLED" "false" chmod 600 "$NOTIFY_ENV_FILE" update_marker upload_mail_flag systemctl restart terkom-diagnostic.timer 2>/dev/null || true systemctl restart terkom-diagnostic.service 2>/dev/null || true restart_terkom_for_marker echo "[OK] AI report mail je nastaven na ${flag_file}."