#!/bin/sh
### @(#)$Id: refreshSG,v 1.5 2003/06/29 21:55:13 christopher Exp $
# refreshSG - refresh the squidGuard Blacklist
#
# Version: 1.3
# Author: Christopher Rath <christopher@rath.ca>
# 
# A sysadmin named Mike posted the original script to one of the
# ClarkConnect Forums.  It was then rewritten quite extensively by
# Christopher Rath to make it a little more configurable and anal
# retentive.
#
# Install this script in a convenient location and have cron
# periodically run it to keep your squidGuard blacklists 
# updated.
#
# Caveat: when refreshSG moves the new Blacklists into place it
# only replaces Blacklists; that is, if a new Blacklist is not
# downloaded for a particular category then the old list will
# remain in place.  This is a design feature: to allow you to
# have local Blacklists which are never overwritten/refreshed
# by this script.
#
# Info on squidGuard and Blacklists can be found at:
#     http://www.squidguard.org/
#     http://cri.univ-tlse1.fr/documentations/cache/squidguard_en.html
#     
# No copyright retained.  This script is in the Public Domain.
# This package is distributed in the hope that it will be useful, but
# WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  
###

###
# Don't allow undefined variables.
set -u

###
# Check for command line options---there shouldn't be any--and output
# a help message if any are present.
if [ $# != 0 ]
then
    echo "$0: invalid option(s) -- $*"
    echo "Usage: refreshSG"
    echo "Options: no command-line options are supported!"
    echo "  All configuration is performed through the refreshSG.conf file."
    echo "  refreshSG will first try to load the .conf file from the same"
    echo "  directory the script lives in.  If the .conf file is not found"
    echo "  there then it will look for the specific file:"
    echo "    /usr/local/refreshSG/refreshSG.conf"
    exit 1
fi

###
# Import config file.
if [ -f "`dirname $0`/refreshSG.conf" ]
then
    . "`dirname $0`/refreshSG.conf"
else
    if [ -f /usr/local/refreshSG/refreshSG.conf ]
    then
        . /usr/local/refreshSG/refreshSG.conf
    fi
fi

###
# Stuff you can configure.  The following variables can be over-ridden via
# the /usr/local/refreshSG/refreshSG.conf file:
#	BL_URL - the Blacklist's URL (it must be a URL wget is capable
#		of dealing with).
#	DB_PATH - where squidGuard's Blacklist database is stored.
#	PREBUILD - tell refreshSG whether or not to prebuild the
#		database *.db files.
#	SG_UGID - the userid and group which must "own" the Blacklist
#		database files (format: "<userid>:<group>)
#	
#export BL_URL=${BL_URL:="ftp://ftp.univ-tlse1.fr/pub/reseau/cache/squidguard_contrib/blacklists.tar.gz"}
export BL_URL=${BL_URL:="http://ftp.teledanmark.no/pub/www/proxy/squidGuard/contrib/blacklists.tar.gz"}
export DB_PATH=${DB_PATH:="/usr/local/suva/var/tmp/squidGuard"}
export PREBUILD=${PREBUILD:="yes"}
export HOME_DIR="/root"
export SG_UGID=${SG_UGID:="squid:suvlet"}
export UNCOMP_CMD="gunzip"
export UNTAR_DIR="blacklists"
export VERS="1.3"

# Create a few working variables.
export BL_TAR_BASE="`basename ${BL_URL}`"
export BL_TAR_FULL="${HOME_DIR}/${BL_TAR_BASE}"
export TMP_DIR="/tmp/squidGuard_tmp"

# Output a quick startup message.
echo "==="
echo "Starting squidGuard Blacklist update v${VERS} at `date '+%Y/%m/%d %T'`"

# We use $TMP_DIR as a working directory for wget and the untar process,
# so we start by cd-ing into it.  We create it if it doesn't exist, and
# if there is already something in the way then we abort.
if [ ! -d "${TMP_DIR}" ]
then
    if [ -e "${TMP_DIR}" ]
    then
        echo "ERROR: ${TMP_DIR} already exists, but isn't a directory;"
        echo "       aborting Blacklist refresh."
        exit 1
    fi
    
    mkdir "${TMP_DIR}"
fi

cd "${TMP_DIR}"
if [ "$?" != "0" ]
then
    echo "ERROR: unable to cd into working directory,"
    echo "       ${TMP_DIR}"
    exit 1
else
    if [ -f "${BL_TAR_FULL}" ]
    then
        mv -f "${BL_TAR_FULL}" "${BL_TAR_FULL}.1"
    fi
    
    if [ -f "./${BL_TAR_BASE}" ]
    then
        echo "Moving old ${BL_TAR_BASE} out of the way."
        mv -f "./${BL_TAR_BASE}" "${BL_TAR_FULL}"
    fi
    
    echo "Running wget to retrieve new lists."
    wget -nv "${BL_URL}"
    if [ "$?" != "0" ]
    then
        echo "ERROR: unable to retrieve new lists,"
        echo "       aborting squidGuard refresh."
        exit 1
    else
        echo "Succesfully retrieved new lists."
    
        echo "Untaring Blacklist archive, ${BL_TAR_BASE}"
        "${UNCOMP_CMD}" <"${BL_TAR_BASE}" | tar -xf -
        if [ "$?" != "0" ]
        then
            echo "ERROR: unable to extract new lists,"
            echo "       aborting squidGuard refresh."
            exit 1
	else
            echo "Moving new lists into place."
            for i in "${UNTAR_DIR}"/*
            do
                export ib="`basename ${i}`"
                if [ -d "${DB_PATH}/${ib}" ]
                then
                    rm -rf "${DB_PATH}/${ib}"
                fi
    
                mv "${UNTAR_DIR}/${ib}" "${DB_PATH}"
            done

	    if [ "no" = "${PREBUILD}" ]
	    then
		echo "Skipping prebuild of database files."
	    else
		echo "Rebuilding database files."
		/usr/sbin/squidGuard -C all
	    fi

            echo "Change owner and permissions."
            chown -R "${SG_UGID}" "${DB_PATH}"
            chmod -R 755 "${DB_PATH}"

            echo "Restarting squid."
            /etc/rc.d/init.d/squid restart
            exit $?
            ####
            #### If everything went well, we exited here.
            ####
        fi
    fi
fi

###
# Original script follows...
###
# echo "Moving old blacklists.tar.gz" 
# cd /tmp/squidGuard_tmp 
# rm /root/blacklists.tar.gz.1 
# mv /root/blacklists.tar.gz /root/blacklists.tar.gz.1 
# mv blacklists.tar.gz /root/blacklists.tar.gz 
# echo "Running wget to retrieve new lists....." 
# wget -nv http://ftp.ost.eltele.no/pub/www/proxy/squidGuard/contrib/blacklists.tar.gz 
#
# echo "Untaring blacklists.tar.gz............." 
# tar -zxf blacklists.tar.gz 
# cp -R blacklists/* /usr/local/suva/var/tmp/squidGuard/ 
#
# echo "Change owner and permissions..........." 
# chown -R squid.suvlet /usr/local/suva/var/tmp/squidGuard 
# chmod -R 755 /usr/local/suva/var/tmp/squidGuard/* 
#
# echo "Restarting squid......................." 
# /etc/rc.d/init.d/squid restart 

