#!/bin/bash
#############################################################
# Name:        Supportconfig Plugin for SUSE Manager Proxy
# Description: Gathers important troubleshooting information
#              about SUSE Manager Proxy
# License:     GPLv2
# Author:      Michael Calmer <mc@suse.de>
# Modified:    2024 February 03
#############################################################

SVER=5.0.0
RCFILE="/usr/lib/supportconfig/resources/supportconfig.rc"
OF='plugin-susemanager-proxy.txt'
LOG_LINES=500  # 0 means include the entire file

[ -s $RCFILE ] && . $RCFILE || { echo "ERROR: Initializing resource file: $RCFILE"; exit 1; }

log_write $OF
log_entry $OF note "Supportconfig Plugin for SUSE Manager Proxy, v${SVER}"
addHeaderFile $OF

log_cmd $OF "grep web.version /usr/share/rhn/config-defaults/rhn_web.conf"

log_cmd $OF "hostname --fqdn"

#############################################################
RPMLIST="
spacewalk-backend
spacewalk-backend-libs
spacewalk-base-minimal
spacewalk-certs-tools
spacewalk-proxy-broker
spacewalk-proxy-common
spacewalk-proxy-docs
spacewalk-proxy-html
spacewalk-proxy-installer
spacewalk-proxy-management
spacewalk-proxy-package-manager
spacewalk-proxy-redirect
spacewalk-remote-utils
spacewalk-ssl-cert-check
SUSE-Manager-Proxy-release
"

for THISRPM in $RPMLIST; do
        rpm_verify $OF $THISRPM
done

find_and_log_files () {
        [ -d "$1" ] || return 0
        FILES=$(find "$@" ! -name \*.gz ! -name \*.bz2 ! -name \*.xz)
        if [ -n "$FILES" ]; then
                log_files $OF $LOG_LINES $FILES
        fi
}

log_entry $OF note "SUSE Manager Proxy Config Files"

conf_files $OF \
    /etc/rhn/rhn.conf \
    /etc/squid/squid.conf

log_entry $OF note "SUSE Manager Proxy Log Files"

find_and_log_files /var/log/rhn -type f
find_and_log_files /var/log/squid -type f
find_and_log_files /var/log/apache2 -type f
find_and_log_files /var/log/salt -type f

log_entry $OF note "SSL Configuration"

conf_files $OF $(spacewalk-cfg-get documentroot)/pub/RHN-ORG-TRUSTED-SSL-CERT \
            /etc/apache2/ssl.crt/server.crt

log_entry $OF note "Crypto Policy"

if [ -f /etc/crypto-policies/config ]; then
        log_cmd $OF "cat /etc/crypto-policies/config"
elif [ $(cat /proc/sys/crypto/fips_enabled) -ne 0 ]; then
        log_write $OF "FIPS"
else
        log_cmd $OF "grep -v '#' /usr/share/crypto-policies/default-config"
fi

log_cmd $OF "zypper --no-refresh ls"
log_cmd $OF "zypper --no-refresh lr -u"

