#!/bin/sh
#
# Univention LDAP Server
#  creates an LDIF backup on UCS master and UCS backup
#
# Copyright 2001-2016 Univention GmbH
#
# http://www.univention.de/
#
# All rights reserved.
#
# The source code of this program is made available
# under the terms of the GNU Affero General Public License version 3
# (GNU AGPL V3) as published by the Free Software Foundation.
#
# Binary versions of this program provided by Univention to you as
# well as other copyrighted, protected or trademarked materials like
# Logos, graphics, fonts, specific documentations and configurations,
# cryptographic keys etc. are subject to a license agreement between
# you and Univention and not subject to the GNU AGPL V3.
#
# In the case you use this program under the terms of the GNU AGPL V3,
# the program is provided in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU Affero General Public License for more details.
#
# You should have received a copy of the GNU Affero General Public
# License with the Debian GNU/Linux or Univention distribution in file
# /usr/share/common-licenses/AGPL-3; if not, see
# <http://www.gnu.org/licenses/>.

eval "$(univention-config-registry shell server/role)"
eval "$(univention-config-registry shell ucr/univention-ldap-backup/limit)"


cleanupbackups() {

	if [ -z "$ucr_univention_ldap_backup_limit" ]; then
		echo "No limit was set for the number of backups." >&2
		return
	fi

	backuppattern="$(echo $1 | sed 's/[0-9]*//g')"
	backuplocation="$(echo $backuppattern | sed 's/.[^/]*$//')"
	backupextension="$(echo $backuppattern | sed 's/[^.]*.//')"
	backupname="$(echo $backuppattern | sed 's#.*/\([^.]*\).*#\1#')"
	
	numberofbackups="$(ls -1 $backuplocation/*.$backupextension | wc -l)"

	while [ "$numberofbackups" -gt "$ucr_univention_ldap_backup_limit" ]; do

		timestamps="$(ls -1 $backuplocation/*.$backupextension | sed 's/[^0-9]*//g')"
		timestamps="$(echo $timestamps | sed ':a;N;$!ba;s/\n/ /g')"
		oldesttimestamp="$(echo $timestamps | sed 's/\s.*//')"

		for timestamp in $timestamps; do
			if [ "$timestamp" -lt "$oldesttimestamp" ]; then
				oldesttimestamp="$timestamp"
			fi
		done

		oldestbackup="$backuplocation/$backupname$oldesttimestamp.$backupextension"
		rm "$oldestbackup"
		numberofbackups="$((numberofbackups-1))"
	done
}


if [ "$server_role" = "domaincontroller_master" -o "$server_role" = "domaincontroller_backup" ]; then
	currentdate=$(date +%Y%m%d)
	ldapbackupname="/var/univention-backup/ldap-backup_${currentdate}.ldif"
	ldapbackuplog="/var/univention-backup/ldap-backup_${currentdate}.log"

	if [ -f "$ldapbackupname.gz" ]; then
		echo "There is already a backup for this day." >&2
		exit 2
	fi

	touch "$ldapbackupname" "$ldapbackuplog"
	chmod 600 "$ldapbackupname" "$ldapbackuplog"

	slapcat -l "$ldapbackupname" 2>"$ldapbackuplog"
	rc=$?
	gzip -9 "$ldapbackupname" "$ldapbackuplog" 2>/dev/null
	if [ $rc -ne 0 ]
	then
		echo "LDAP could not be dumped!" >&2
		exit 1
	fi

	cleanupbackups "$ldapbackupname.gz"
	cleanupbackups "$ldapbackuplog.gz"
fi