#!/bin/bash
# setup some stuff to use
LOG=/root/awp-uninstall.log
DATE=$(date +%Y%m%d-%H:%M)
export LANG=en_US.UTF-8
if [ -f /var/awp/etc/config ]; then
	source /var/awp/etc/config &>/dev/null
fi

# exit
function app_exit {
  echo
	rm -f /awp-uninstaller.lock
	exit $1
}

# make sure no instance of the installer is running
if [ ! -e /awp-uninstaller.lock ]; then
	touch /awp-uninstaller.lock
else
	echo "Another uninstaller is already running."
	app_exit 1
fi

# exit if awp isn't installed
if ! rpm -q awp ; then
	echo "AWP installation not detected"
	echo "`date -u`: AWP Installation not detected " >> $LOG
	app_exit 1
fi

# exit if yum is set to always say yes
if grep -q "^assumeyes=1" "/etc/yum.conf"; then
	echo "Not supported: assumeyes=1 was detected in yum.conf, the uninstaller will not run"
	echo "`date -u`: Not Supported: assumeyes=1 was detected in yum.conf" >> $LOG
	app_exit 1
fi

#
if [ ! $SSH_TTY  ]; then
  UNINSTALL_TTY="/dev/$(ps -p$$ --no-heading | awk '{print $2}')"
else
  UNINSTALL_TTY=$SSH_TTY
fi

# determine uninstall type
echo "`date -u`: Uninstall initiated" >> $LOG
if [ -d /usr/local/directadmin ] ; then
  TYPE=directadmin
elif [  -d /usr/local/cpanel ]; then
  TYPE=cpanel
elif [ -d /usr/local/psa ]; then
	TYPE=plesk
else
  TYPE=normal
fi
echo "`date -u`: Environment $TYPE detected " >> $LOG

echo
echo "  WARNING: This utility will remove AWP entirely from the system."
read -p "  Are you sure this is what you want to do? Type CONTINUE if you are sure you want to do this. (CONTINUE/STOP): " INPUT < $UNINSTALL_TTY

# continue with uninstall or quit
echo "`date -u`: User selected $INPUT  " >>  $LOG
if [ "$INPUT" != "CONTINUE" ]; then
  echo
  echo "  Exiting..."
  echo
  echo "`date -u`: User did not agree to uninstall  " >>  $LOG
  echo "`date -u`: uninstaller exiting " >>  $LOG
  app_exit 1
else
	echo "`date -u`: User selected $INPUT  " >>  $LOG
fi

service awpwebd stop >> $LOG
service awpd stop >> $LOG
service crond stop >> $LOG
service ossec-hids stop >> $LOG
service clamd stop >> $LOG

# kill awp stuff with fire if it's still running somehow
for pid in `ps auxwww | grep awpd | grep -v grep | awk '{print $2}'` ; do
  kill -9 $pid
done

# remove a bunch of yum packages
FULL_LIST="mod_security mod_sed awp awp-web mod_evasive ossec-hids paxtest clamd clamav-db clamav gradm tortixd aum tortix-release chkrootkit inotify-tools"
echo "`date -u`: starting yum remove  " >>  $LOG
/usr/bin/yum remove $FULL_LIST
if [ $? -ge 1 ]; then
	echo "No packages removed, exiting"
	app_exit 1
fi
echo "`date -u`: yum remove complete (exit $?) " >>  $LOG

# Cpanel
if [ -f /scripts/preeasyapache ]; then
  rm -f /scripts/preeasyapache
fi

if [ -f /scripts/posteasyapache ]; then
  rm -f /scripts/posteasyapache
fi

# Remove users
userdel tortix | tee -a $LOG
userdel awpweb | tee -a $LOG
groupdel tortix | tee -a $LOG

if [ -d /etc/httpd/modsecurity.d/ ]; then
  rm -rf /etc/httpd/modsecurity.d/*
fi

# cleanup awp tree
echo "Clearing the /var/awp tree. This could take a few minutes, please be patient"
echo -n "	Removing /var/awp :"
rm -rf /var/awp
echo "Complete"
echo "`date -u` removed /var/awp" >> $LOG

service crond start >> $LOG

if [ "$TYPE" == "cpanel" ]; then
	if [ -f /etc/httpd/modsecurity.d/00_mod_security.conf ]; then
  		rm -f /etc/httpd/modsecurity.d/00_mod_security.conf
			echo "`date -u` removed /etc/httpd/modsecurity.d/00_mod_security.conf" >> $LOG
	fi
  touch /usr/local/apache/conf/modsec2.conf
	touch /usr/local/apache/modsecurity.d/tortix_waf.conf
  service httpd restart >> $LOG
elif [ "$TYPE" == "plesk" ]; then

	if [ -f /usr/local/psa/admin/conf/panel.ini ]; then
		rm -f /usr/local/psa/admin/conf/panel.ini
		echo "`date -u` removed /usr/local/psa/admin/conf/panel.ini" >> $LOG
	fi

	if [ -f /usr/local/psa/var/log ] && [ -L /usr/local/psa/var/log ]; then
		rm -f /usr/local/psa/var/log
	fi

	if [ -f /usr/local/psa/admin/logs ] && [ -L /usr/local/psa/admin/logs ]; then
		rm -f /usr/local/psa/admin/logs
	fi

	if [ -f /var/qmail/control/tlsserverciphers ]; then
			sed -i "s/ALL:!aNULL:!ADH:!eNULL:!LOW:!EXP:!SSLv2:RC4+RSA:+HIGH:+MEDIUM//g" /var/qmail/control/tlsserverciphers
	fi

	if [ -f /var/qmail/control/tlsclientciphers ]; then
			sed -i "s/ALL:!aNULL:!ADH:!eNULL:!LOW:!EXP:!SSLv2:RC4+RSA:+HIGH:+MEDIUM//g" /var/qmail/control/tlsclientciphers
	fi

fi

# Drop database
if [ $OSSEC_DATABASE ]; then
	/usr/bin/mysqladmin drop $OSSEC_DATABASE | tee -a $LOG
fi

# clear some directories and remove .repo files
rm -rf /var/awp/etc
rm -rf /var/ossec
rm -f /etc/yum.repos.d/asl.repo >> $LOG
rm -f /etc/yum.repos.d/awp.repo >> $LOG
rm -f /etc/yum.repos.d/tortix-kernel.repo >> $LOG
rm -f /etc/yum.repos.d/tortix-common.repo >> $LOG
sed -i "s/=kernel-asl/=kernel/g" /etc/sysconfig/kernel

# final kernel check
if ! rpm -qa |grep ^kernel- ; then
	echo
	echo "WARNING****WARNING****WARNING"
	echo
	echo "No kernels were detected after uninstallation. This could mean that your system is now"
	echo "unbootable"
	echo
	echo "If this is anything other than an openvz or virtuozzo system you need to fix this."
	echo "WARNING****WARNING****WARNING"
	echo
	echo
	echo "`date -u` WARNING: no kernels detected" >> $LOG
fi
echo "`date -u`: uninstall complete" >> $LOG

app_exit 0
