#! /bin/bash

# DESCRIPTION:
#   handling client connection
#   and
#   preparing stats for monitoring
#
# DEPENDENCIES:
#   - executing by openvpn server
#   - jq
#   - grepcidr
#   - Python 3
#   - existing /usr/local/bin/sendmail.py
#
# PARAMETERS:
#   1: "inc|dec" - increment or decrement counter
#   2: root path for counter, names, log
#   3: "email" - send email notification
#   4: "geo" - check client address geolocation
#
# FUNCTIONS:
#

#######################################
# Print message and add to log.
# Globals:
#   logs
# Arguments:
#   1: message to print and logging
#######################################
addtologs() {
  echo "$(date +'%Y.%m.%d-%H:%M:%S') $1" | tee -a "${logs}"
}

#######################################
# Exit procedure.
# Globals:
#   show
# Arguments:
#   None
#######################################
execquite() {
  addtologs "execution time is $(($(date +%s)-time)) seconds, exit"
  exit
}

#######################################
# Error exit procedure
# Globals:
#   None
# Arguments:
#   1: message to print and logging
#######################################
execerror() {
  addtologs "error: $1"
  execquite
}

#######################################
# Incrementing counter with adding client name
# Globals:
#   counts_file
#   common_name (variable by openvpn server)
#   ifconfig_pool_remote_ip (variable by openvpn server)
# Arguments:
#   None
#######################################
# shellcheck disable=SC2154
incremcounter() {
  summary_cur=$(grep 'total=' "${counts_file}" | cut -d= -f2)
  summary_new=${summary_cur} && (( summary_new += 1 ))
  counts_temp=$(sed -e "s/total=${summary_cur}/total=${summary_new}/g" "${counts_file}" \
              | sed -e '$a'"${common_name}"'_'"${ifconfig_pool_remote_ip}"'')
  addtologs "client ${common_name} connected, counter increment to ${summary_new}"
  printf "%s\n" "${counts_temp}" > "${counts_file}"
}

#######################################
# Decrementing counter with deleting client name
# Globals:
#   counts_file
#   common_name (variable by openvpn server)
# Arguments:
#   None
#######################################
decremcounter(){
  summary_cur=$(grep 'total=' "${counts_file}" | cut -d= -f2)
  summary_new=${summary_cur} && (( summary_new -= 1 ))
  counts_temp=$(sed -e "s/total=${summary_cur}/total=${summary_new}/g" "${counts_file}" \
              | sed '0,/'"${common_name}"'/{/'"${common_name}"'/d}')
  addtologs "client ${common_name} disconnected, counter decrement to ${summary_new}"
  printf "%s\n" "${counts_temp}" > "${counts_file}"
}

#######################################
# Get information about client address
# Globals:
#   untrusted_ip (variable by openvpn server)
# Arguments:
#   None
#######################################
# shellcheck disable=SC2154
expandaddress() {
  ipinfo="Source address is ${untrusted_ip}"
  localnetworks="10.0.0.0/8
                 100.64.0.0/10
                 127.0.0.1/8
                 172.16.0.0/12
                 192.168.0.0/16
                "
  if ! grepcidr "${localnetworks}" <(echo "${untrusted_ip}") >/dev/null; then
    if [ "${flaggeol}" == "geo" ]; then
      ipinfo=$(curl "https://api.ipbase.com/v1/json/${untrusted_ip}")
      if [ "$(jq -r '.country_name' <<< "$ipinfo")" != "" ]; then
        z=$(jq -r '.zip_code' <<< "$ipinfo")
        c=$(jq -r '.country_name' <<< "$ipinfo")
        r=$(jq -r '.region_name' <<< "$ipinfo")
        t=$(jq -r '.city' <<< "$ipinfo")
        ipinfo="Source address ${untrusted_ip} is from ${z}, ${c}, ${r}, ${t}"
      fi
    fi
  fi
  addtologs "client ${common_name} checked. ${ipinfo}"
}

#######################################
# Send email notification about client connect
# Globals:
#   ipinfo
#   common_name (variable by openvpn server)
#   ifconfig_pool_remote_ip (variable by openvpn server)
# Arguments:
#   None
#######################################
startsendmail() {
  subj="[VPN Connected] $(cat /etc/hostname): ${common_name} connect to ${ifconfig_pool_remote_ip}"
  (
    python3 /usr/local/bin/sendmail.py \
    -u "$(grep "from=" /usr/local/bin/sendmail.config | cut -d= -f2)" \
    -p "$(grep "pass=" /usr/local/bin/sendmail.config | cut -d= -f2)" \
    -d "$(grep "dest=" /usr/local/bin/sendmail.config | cut -d= -f2)" \
    --smtp "$(grep "smtp=" /usr/local/bin/sendmail.config | cut -d= -f2)" \
    --port "$(grep "port=" /usr/local/bin/sendmail.config | cut -d= -f2)" \
    --stls "True" \
    --subj "${subj}" \
    --text "${ipinfo}" \
    >> /dev/null 2>&1 &
  )
  addtologs "sent mail with subject '${subj}'"
}

#
# VARIABLES:
#

flagmath=$1
pathroot=$2
flagmail=$3
flaggeol=$4

time=$(date +%s)
logs="${pathroot}/$(basename -s .sh "$0").log"
counts_file="${pathroot}/openvpn-counts.log"
if [ -z "${pathroot}" ]; then
  logs=/dev/null
  execerror "Usage example: $0 'inc|dec' '/var/log/openvpn' '-' '-'"
elif [ ! -e "${logs}" ]; then
  touch "${logs}"
fi

if ! command -v curl &> /dev/null || \
  ! command -v /usr/local/bin/sendmail.py &> /dev/null || \
  ! command -v python3 &> /dev/null || \
  ! command -v grepcidr &> /dev/null || \
  ! command -v jq &> /dev/null; then
  execerror "Not found dependencies"
fi

#
# MAIN:
#

if [ "${flagmath}" == "inc" ]; then
  incremcounter
  expandaddress
  if [ "${flagmail}" == "mail" ]; then
    startsendmail
  fi
elif [ "${flagmath}" == "dec" ]; then
  decremcounter
else
  execerror "Usage example: $0 'inc|dec' '/var/log/openvpn' '-' '-'"
fi
execquite