#!/bin/sh
# exportfs
#
# Description: Manages nfs exported file system.
#
#   (c) 2010 Ben Timby, Florian Haas, Dejan Muhamedagic,
#            and Linux-HA contributors
#
# License: GNU General Public License v2 (GPLv2) and later

#######################################################################
# Initialization:
: ${OCF_FUNCTIONS_DIR=${OCF_ROOT}/lib/heartbeat}
. ${OCF_FUNCTIONS_DIR}/ocf-shellfuncs

# Defaults
OCF_RESKEY_unlock_on_stop_default=0
OCF_RESKEY_wait_for_leasetime_on_stop_default=0
OCF_RESKEY_rmtab_backup_default=".rmtab"

: ${OCF_RESKEY_unlock_on_stop=${OCF_RESKEY_unlock_on_stop_default}}
: ${OCF_RESKEY_wait_for_leasetime_on_stop=${OCF_RESKEY_wait_for_leasetime_on_stop_default}}
: ${OCF_RESKEY_rmtab_backup=${OCF_RESKEY_rmtab_backup_default}}
#######################################################################

exportfs_meta_data() {
	cat <<END
<?xml version="1.0"?>
<!DOCTYPE resource-agent SYSTEM "ra-api-1.dtd">
<resource-agent name="exportfs">
<version>1.0</version>

<longdesc lang="en">
Exportfs uses the exportfs command to add/remove nfs exports.
It does NOT manage the nfs server daemon.
It depends on Linux specific NFS implementation details,
so is considered not portable to other platforms yet.
</longdesc>

<shortdesc lang="en">
Manages NFS exports
</shortdesc>

<parameters>

<parameter name="clientspec" unique="0" required="1">
<longdesc lang="en">
The client specification allowing remote machines to mount the directory
over NFS.
</longdesc>
<shortdesc lang="en">
Client ACL.
</shortdesc>
<content type="string" />
</parameter>

<parameter name="options" unique="0" required="0">
<longdesc lang="en">
The options to pass to exportfs for the exported directory.
</longdesc>
<shortdesc lang="en">
Export options.
</shortdesc>
<content type="string" />
</parameter>

<parameter name="directory" unique="0" required="1">
<longdesc lang="en">
The directory which you wish to export using NFS.
</longdesc>
<shortdesc lang="en">
The directory to export.
</shortdesc>
<content type="string" />
</parameter>

<parameter name="fsid" unique="1" required="1">
<longdesc lang="en">
The fsid option to pass to exportfs. This can be a unique positive
integer, a UUID, or the special string "root" which is functionally
identical to numeric fsid of 0.
0 (root) identifies the export as the root of an NFSv4
pseudofilesystem -- avoid this setting unless you understand its
special status.
This value will override any fsid provided via the options parameter.
</longdesc>
<shortdesc lang="en">
Unique fsid within cluster.
</shortdesc>
<content type="string" />
</parameter>

<parameter name="unlock_on_stop">
<longdesc lang="en">
Relinquish NFS locks associated with this filesystem when the resource
stops. Enabling this parameter is highly recommended unless the path exported
by this ${__SCRIPT_NAME} resource is also exported by a different resource.
</longdesc>
<shortdesc lang="en">
Unlock filesystem on stop?
</shortdesc>
<content type="boolean" default="${OCF_RESKEY_unlock_on_stop_default}" />
</parameter>

<parameter name="wait_for_leasetime_on_stop">
<longdesc lang="en">
When stopping (unexporting), wait out the NFSv4 lease time.
Only after all leases have expired does the NFS kernel server
relinquish all server-side handles on the exported filesystem.
If this ${__SCRIPT_NAME} resource manages an export that resides
on a mount point designed to fail over along with the NFS export
itself, then enabling this parameter will ensure such failover
is working properly. Note that when this parameter is set, your
stop timeout MUST accommodate for the wait period. This parameter
is safe to disable if none of your NFS clients are using NFS
version 4 or later.
</longdesc>
<shortdesc lang="en">
Ride out the NFSv4 lease time on resource stop?
</shortdesc>
<content type="boolean" default="${OCF_RESKEY_wait_for_leasetime_on_stop_default}" />
</parameter>

<parameter name="rmtab_backup">
<longdesc lang="en">
Back up those entries from the NFS rmtab that apply to the exported
directory, to the specified backup file. The filename is interpreted
as relative to the exported directory. This backup is required if
clients are connecting to the export via NFSv3 over TCP. Note that a
configured monitor operation is required for this functionality.

To disable rmtab backups, set this parameter to the special
string "none".
</longdesc>
<shortdesc lang="en">
Location of the rmtab backup, relative to directory.
</shortdesc>
<content type="string" default="${OCF_RESKEY_rmtab_backup_default}" />
</parameter>
</parameters>

<actions>
<action name="start"   timeout="40" />
<action name="stop"    timeout="10" />
<action name="monitor" depth="0"  timeout="20" interval="10" />
<action name="meta-data"  timeout="5" />
<action name="validate-all"  timeout="30" />
</actions>
</resource-agent>
END

return $OCF_SUCCESS
}

backup_rmtab() {
    local rmtab_backup
    if [ ${OCF_RESKEY_rmtab_backup} != "none" ]; then
	rmtab_backup="${OCF_RESKEY_directory}/${OCF_RESKEY_rmtab_backup}"
	grep ":${OCF_RESKEY_directory}:" /var/lib/nfs/rmtab > ${rmtab_backup}
    fi
}

restore_rmtab() {
    local rmtab_backup
    if [ ${OCF_RESKEY_rmtab_backup} != "none" ]; then
	rmtab_backup="${OCF_RESKEY_directory}/${OCF_RESKEY_rmtab_backup}"
	if [ -r ${rmtab_backup} ]; then
	    cat  ${rmtab_backup} >> /var/lib/nfs/rmtab
	    ocf_log debug "Restored `wc -l ${rmtab_backup}` rmtab entries from ${rmtab_backup}."
	else
	    ocf_log warn "rmtab backup ${rmtab_backup} not found or not readable."
	fi
    fi
}

exportfs_usage() {
	cat <<END
		usage: $0 {start|stop|monitor|status|validate-all|meta-data}
END
}

exportfs_monitor ()
{
	# "grep -z" matches across newlines, which is necessary as
	# exportfs output wraps lines for long export directory names
	exportfs | grep -zqs "${OCF_RESKEY_directory}[[:space:]]*${OCF_RESKEY_clientspec}"

#Adapt grep status code to OCF return code
	case $? in
	0)
		ocf_log info "Directory ${OCF_RESKEY_directory} is exported to ${OCF_RESKEY_clientspec} (started)."
	        # Backup the rmtab to ensure smooth NFS-over-TCP failover
		backup_rmtab
		return $OCF_SUCCESS
		;;
	1)
		ocf_log info "Directory ${OCF_RESKEY_directory} is not exported to ${OCF_RESKEY_clientspec} (stopped)."
		return $OCF_NOT_RUNNING;;
	*)
		ocf_log err "Unable to determine export status for ${OCF_RESKEY_directory}."
		return $OCF_ERR_GENERIC;;
	esac
}

exportfs_start ()
{
	if exportfs_monitor; then
		ocf_log debug "${OCF_RESKEY_directory} already exported"
		return $OCF_SUCCESS
	fi
		
	ocf_log info "Exporting file system ..."

	if [ ${OCF_RESKEY_options} ]; then
		OPTIONS="${OCF_RESKEY_options}"
		OPTPREFIX=','
	fi
	if [ `echo ${OPTIONS} | grep fsid` ]; then
		#replace fsid provided in options list with one provided in fsid param.
		OPTIONS=`echo ${OPTIONS} | sed 's/fsid=[0-9]\+/fsid=${OCF_RESKEY_fsid}/g'`
	else
		#tack the fsid option onto our options list.
		OPTIONS="${OPTIONS}${OPTPREFIX}fsid=${OCF_RESKEY_fsid}"
	fi
	OPTIONS="-o ${OPTIONS}"

	ocf_run exportfs -v ${OPTIONS} ${OCF_RESKEY_clientspec}:${OCF_RESKEY_directory} || exit $OCF_ERR_GENERIC

	# Restore the rmtab to ensure smooth NFS-over-TCP failover
	restore_rmtab

	ocf_log info "File system exported"
	return $OCF_SUCCESS
}

exportfs_stop ()
{
	exportfs_monitor
	if [ $? -eq $OCF_NOT_RUNNING ]; then
		ocf_log debug "${OCF_RESKEY_directory} not exported"
		return $OCF_SUCCESS
	fi

	ocf_log info "Un-exporting file system ..."

	# Backup the rmtab to ensure smooth NFS-over-TCP failover
	backup_rmtab

	ocf_run exportfs -v -u ${OCF_RESKEY_clientspec}:${OCF_RESKEY_directory}
	rc=$?

	if ocf_is_true ${OCF_RESKEY_unlock_on_stop}; then
		local unlockfile
		unlockfile=/proc/fs/nfsd/unlock_filesystem
		if [ -w ${unlockfile} ]; then
			echo "${OCF_RESKEY_directory}" > ${unlockfile}
			ocf_log info "Unlocked NFS export ${OCF_RESKEY_directory}"
		else
			ocf_log warn "Unable to unlock NFS export ${OCF_RESKEY_directory}, ${unlockfile} not found or not writable"
		fi
	fi

	if ocf_is_true ${OCF_RESKEY_wait_for_leasetime_on_stop}; then
		local leasetimefile
		local sleeptime
		leasetimefile=/proc/fs/nfsd/nfsv4leasetime
		if [ -r ${leasetimefile} ]; then
			sleeptime=$((`cat ${leasetimefile}`+2))
			ocf_log info "Sleeping ${sleeptime} seconds to accommodate for NFSv4 lease expiry"
			sleep ${sleeptime}s
		else
			ocf_log warn "Unable to read NFSv4 lease time from ${leasetimefile}, file not found or not readable"
		fi
	fi

	if [ $rc -eq 0 ]; then
		ocf_log info "Un-exported file system"
		return $OCF_SUCCESS
	fi

	ocf_log err "Failed to un-export file system"
	exit $OCF_ERR_GENERIC
}

exportfs_validate ()
{
	# Checks for required parameters
	if [ -z "$OCF_RESKEY_directory" ]; then
		ocf_log err "Missing required parameter \"directory\""
		exit $OCF_ERR_CONFIGURED
	fi
	if [ -z "$OCF_RESKEY_fsid" ]; then
		ocf_log err "Missing required parameter \"fsid\""
		exit $OCF_ERR_CONFIGURED
	fi
	if [ -z "$OCF_RESKEY_clientspec" ]; then
		ocf_log err "Missing required parameter \"clientspec\""
		exit $OCF_ERR_CONFIGURED
	fi
	
	# Checks applicable only to non-probes
	if ! ocf_is_probe; then
		if [ ! -d $OCF_RESKEY_directory ]; then
			ocf_log err "$OCF_RESKEY_directory does not exist or is not a directory"
			exit $OCF_ERR_INSTALLED
		fi
	fi
}

if [ $# -ne 1 ]; then
	exportfs_usage
	exit $OCF_ERR_ARGS
fi

case $__OCF_ACTION in
	meta-data)  exportfs_meta_data
		exit $OCF_SUCCESS
		;;
	usage|help) exportfs_usage
		exit $OCF_SUCCESS
		;;
	*)
		;;
esac

exportfs_validate

case $__OCF_ACTION in
	start)		exportfs_start
		;;
	stop)		exportfs_stop
		;;
	status|monitor)	exportfs_monitor
		;;
	validate-all)
		# nothing to do -- we're already validated
		;;
	*)		exportfs_usage
			exit $OCF_ERR_UNIMPLEMENTED
		;;
esac
