docker-entrypoint.sh

#!/bin/bash
set -e

_term() {
  if [[ -f /var/run/crond.pid ]]; then
    kill -9 `cat /var/run/crond.pid`
    rm -f /var/run/crond.pid
  fi
  rm -rf /opt/omd/sites/etf/etc/nagios/conf.d/wlcg/
  omd stop
  /usr/sbin/httpd -k stop
}

trap _term SIGINT SIGTERM

cat << "EOF"
 _____ _____ _____    ____ __  __ ____
| ____|_   _|  ___|  / ___|  \/  / ___|
|  _|   | | | |_    | |   | |\/| \___ \
| |___  | | |  _|   | |___| |  | |___) |
|_____| |_| |_|      \____|_|  |_|____/
========================================
EOF
ncgx_version=`rpm -q --qf "%{VERSION}-%{RELEASE}" ncgx`
echo "ETF version: ${ncgx_version} Copyright CERN 2016"
echo "License: https://gitlab.cern.ch/etf/ncgx/blob/master/LICENSE"
echo "Check_MK version: $CHECK_MK_VERSION"
echo "Copyright by Mathias Kettner (https://mathias-kettner.de/check_mk.html)"
plugins=`rpm -qa | grep nagios-plugins`
echo "Plugins:" 
echo "${plugins}"
echo ""
echo "Starting xinetd ..."
export XINETD_LANG="en_US" && /usr/sbin/xinetd -stayalive -pidfile /var/run/xinetd.pid
if [[ -n ${CHECK_MK_USER_ID} ]] ; then
   echo "Changing $CHECK_MK_SITE uid to $CHECK_MK_USER_ID"
   /usr/sbin/usermod -u ${CHECK_MK_USER_ID} ${CHECK_MK_SITE}
   chown -R ${CHECK_MK_SITE} /etc/ncgx /var/cache/ncgx /var/cache/nap
   chown -R ${CHECK_MK_SITE} /usr/libexec/grid-monitoring/probes/
fi
if [[ -n ${CHECK_MK_GROUP_ID} ]] ; then
   echo "Creating group with gid $CHECK_MK_GROUP_ID"
   /usr/sbin/groupadd -g ${CHECK_MK_GROUP_ID} sec
   /usr/sbin/groupmems -g sec -a ${CHECK_MK_SITE}
fi

echo "Initialising ..."
if [[ -d /opt/omd/sites/etf/etc/nagios/conf.d/wlcg/ ]]; then
    rm -rf /opt/omd/sites/etf/etc/nagios/conf.d/wlcg/
fi

/usr/bin/omd stop

echo "Starting crond ..."
/usr/sbin/crond -m off -p -s

echo "Copying certificates ..."
if [[ ! -f /etc/grid-security/hostcert.pem ]]; then
    echo "Failed to find certificates in /etc/grid-security"
    exit
fi
mkdir -p /opt/omd/sites/etf/etc/nagios/globus/
cp /etc/grid-security/host*.pem /opt/omd/sites/etf/etc/nagios/globus/
cp /etc/grid-security/etf_srv*.pem /opt/omd/sites/etf/etc/nagios/globus/
chown -R ${CHECK_MK_SITE}.${CHECK_MK_SITE} /opt/omd/sites/etf/etc/nagios/globus/

echo "Configuring access ..."
echo "Configured admins: $CHECK_MK_ADMINS"
sed -i "s|admin_users.*|admin_users = [$CHECK_MK_ADMINS]|" /opt/omd/sites/${CHECK_MK_SITE}/etc/check_mk/multisite.mk

if [[ -f /etc/check_mk/contacts.mk ]]; then
    cp /etc/check_mk/contacts.mk /opt/omd/sites/${CHECK_MK_SITE}/etc/check_mk/conf.d/wato/
fi
if [[ -g /etc/check_mk/users.mk ]]; then
    cp /etc/check_mk/users.mk /opt/omd/sites/${CHECK_MK_SITE}/etc/check_mk/conf.d/wato/
fi
if [[ "${ETF_ALERTS_ENABLED}" -eq "1" ]] && [[ -f /etc/check_mk/notifications.mk ]]; then
    echo "Enabling notifications ..."
    cp /etc/check_mk/notifications.mk /opt/omd/sites/${CHECK_MK_SITE}/etc/check_mk/conf.d/wato/
    sed -i "s/ETF_HOSTED_BY/${ETF_HOSTED_BY}/" /opt/omd/sites/${CHECK_MK_SITE}/etc/check_mk/conf.d/wato/notifications.mk
    sed -i "s/ETF_NAGIOS_HOST/${ETF_NAGIOS_HOST}/" /opt/omd/sites/${CHECK_MK_SITE}/etc/check_mk/conf.d/wato/notifications.mk
fi
touch /var/www/html/status_snapshot.json && chown etf.etf /var/www/html/status_snapshot.json
mkdir -p /var/www/html/etf-raw && chown etf.etf /var/www/html/etf-raw

echo "Configuring HT-Condor ..."
if [[ -f /usr/bin/condor_status ]]; then
    /usr/bin/condor_status -schedd -af MyAddress -pool $(hostname) > /var/lib/condor/spool/.schedd_address
fi
if [[ ! -s /var/lib/condor/spool/.schedd_address ]]; then
    echo "Schedd address file empty, waiting 5 seconds before restarting ..."
    sleep 5
    exit 1
fi

cp /etc/ncgx/templates/generic/handlers.cfg /opt/omd/sites/etf/etc/nagios/conf.d/

omd start
rm -f /opt/omd/sites/etf/etc/nagios/conf.d/handlers.cfg

echo "Configuring main.mk: $ETF_HOSTED_BY"
if [[ -z "${ETF_HOSTED_BY}" ]]; then
   echo "   Variable ETF_HOSTED_BY is not defined, not touching main.mk"
else
   grep -qF "${ETF_HOSTED_BY}" /opt/omd/sites/${CHECK_MK_SITE}/etc/check_mk/main.mk || echo "all_hosts += [ \"${ETF_HOSTED_BY}\" ]" >> /opt/omd/sites/${CHECK_MK_SITE}/etc/check_mk/main.mk
fi

echo "Configuring ETF ..."
if [[ -z "${ETF_NAGIOS_HOST}" ]]; then
    echo "   Variable ETF_NAGIOS_HOST is not defined, using hostname"
    ETF_NAGIOS_HOST=`hostname`
fi

grep -qF "${ETF_NAGIOS_HOST}" /etc/ncgx/ncgx.cfg || echo "NAGIOS_HOST = \"${ETF_NAGIOS_HOST}\"" >> /etc/ncgx/ncgx.cfg
sed -i "s/ETF_NAGIOS_HOST/${ETF_NAGIOS_HOST}/" /etc/httpd/conf.d/welcome.conf
sed -i "s/ETF_NAGIOS_HOST/${ETF_NAGIOS_HOST}/" /var/www/html/index.html

su etf -c "ncgx --log | tee /opt/omd/sites/etf/var/log/ncgx.log"
su - etf -c "cmk -II; cmk -O"
if [[ "${NSTREAM_ENABLED}" -eq "1" ]] ; then
    echo "Nagios stream enabled ..."
else
    echo "Nagios stream disabled ..."
    /usr/bin/disable_nstream
fi

echo "Fetching CMS credentials ..."
su etf -c "/usr/lib/nagios/plugins/globus/refresh_proxy --vo-fqan /cms/Role=lcgadmin --myproxyuser nagios -H myproxy.cern.ch -t 120 --key /opt/omd/sites/etf/etc/nagios/globus/etf_srv_key.pem --vo cms --lifetime 24 --name NagiosRetrieve-ETF-cms -x /opt/omd/sites/etf/etc/nagios/globus/userproxy.pem--cms-Role_lcgadmin --cert /opt/omd/sites/etf/etc/nagios/globus/etf_srv_cert.pem"
su etf -c "/usr/lib/nagios/plugins/globus/refresh_proxy --vo-fqan /cms/Role=production --myproxyuser nagios -H myproxy.cern.ch -t 120 --key /opt/omd/sites/etf/etc/nagios/globus/etf_srv_key.pem --vo cms --lifetime 24 --name NagiosRetrieve-ETF-cms -x /opt/omd/sites/etf/etc/nagios/globus/userproxy.pem--cms-Role_production --cert /opt/omd/sites/etf/etc/nagios/globus/etf_srv_cert.pem"
su etf -c "/usr/lib/nagios/plugins/globus/refresh_proxy --myproxyuser nagios -H myproxy.cern.ch -t 120 --key /opt/omd/sites/etf/etc/nagios/globus/etf_srv_key.pem --vo cms --lifetime 24 --name NagiosRetrieve-ETF-cms -x /opt/omd/sites/etf/etc/nagios/globus/userproxy.pem--cms --cert /opt/omd/sites/etf/etc/nagios/globus/etf_srv_cert.pem"

echo "Copying credentials ..."
/bin/cp -f /opt/omd/sites/etf/etc/nagios/globus/userproxy.pem--cms /usr/libexec/grid-monitoring/probes/org.cms/wnjob/org.cms.glexec/probes/org.cms.glexec/testjob/tests/payloadproxy-t2
/bin/chown ${CHECK_MK_SITE} /usr/libexec/grid-monitoring/probes/org.cms/wnjob/org.cms.glexec/probes/org.cms.glexec/testjob/tests/payloadproxy-t2
/bin/chmod go+r /usr/libexec/grid-monitoring/probes/org.cms/wnjob/org.cms.glexec/probes/org.cms.glexec/testjob/tests/payloadproxy-t2
/bin/cp -f /opt/omd/sites/etf/etc/nagios/globus/userproxy.pem--cms-Role_production /usr/libexec/grid-monitoring/probes/org.cms/wnjob/org.cms/probes/org.cms/testjob/tests/prodproxy
/bin/chown ${CHECK_MK_SITE} /usr/libexec/grid-monitoring/probes/org.cms/wnjob/org.cms/probes/org.cms/testjob/tests/prodproxy
/bin/chmod go+r /usr/libexec/grid-monitoring/probes/org.cms/wnjob/org.cms/probes/org.cms/testjob/tests/prodproxy

echo "Reloading crontab ..."
su etf -c "omd reload crontab"

echo "Starting Apache ..."
/usr/sbin/httpd -DFOREGROUND &
wait $!