#!/bin/bash

DB_SRV_CONF=/etc/my.cnf.d/mariadb-server.cnf
DB_CLIENT_CONF=/etc/my.cnf.d/client.cnf
SCRIPT_DIR=$( dirname -- "$( readlink -f -- "$0"; )";)
LOG_FILE=/dev/null
DB_ADMIN_PWD=$1

#source /etc/hirs/aca/aca.properties;
source $SCRIPT_DIR/mysql_util.sh
source /etc/os-release 

check_systemd

# Check for sudo or root user, not actually needed but a good idea 
if [ "$EUID" -ne 0 ]
     then echo "This script requires root.  Please run as root" 
     exit 1
fi

# Setup distro specifc paths and variables
if [ $ID = "ubuntu" ]; then 
   DB_SRV_CONF="/etc/mysql/mariadb.conf.d/50-server.cnf"
   DB_CLIENT_CONF="/etc/mysql/mariadb.conf.d/50-client.cnf"
fi

if [ -d /opt/hirs/scripts/db ]; then
    MYSQL_DIR="/opt/hirs/scripts/db"
  else
   MYSQL_DIR="$SCRIPT_DIR"
fi

echo "dropping hirs_db database"

  mysql -u root --password=$DB_ADMIN_PWD -e "FLUSH HOSTS; FLUSH LOGS; FLUSH STATUS; FLUSH PRIVILEGES; FLUSH USER_RESOURCES"
  mysql -u root --password=$DB_ADMIN_PWD -e "DROP USER 'hirs_db'@'localhost';"
  mysql -u root --password=$DB_ADMIN_PWD -e "DROP DATABASE IF EXISTS hirs_db;"
  echo "hirs_db database and hirs_db user removed"


# reset the mysql root if the password was left in the properties fiel
if [ ! -z $DB_ADMIN_PWD ]; then
     echo "Resetting mysql root password to empty"
     mysql -u root --password=$DB_ADMIN_PWD -e "SET PASSWORD FOR "root@localhost" = PASSWORD('');"
     mysql -u "root" -e "FLUSH LOGS;"
   else
     echo "Note root password was NOT reset"
fi

# Remove key , cert and truststore entries from client.cnf andf mariadb.cnf

echo "Removing hirs tls references from mariadb configuration files"
grep -v "hirs" $DB_SRV_CONF > tmpfile && mv tmpfile $DB_SRV_CONF
# The following arent avialble in Mariadb 10.3
#grep -v "tls_version" $DB_SRV_CONF > tmpfile && mv tmpfile $DB_SRV_CONF
#grep -v "require_secure_transport" $DB_SRV_CONF > tmpfile && mv tmpfile $DB_SRV_CONF

grep -v "hirs" $DB_CLIENT_CONF > tmpfile && mv tmpfile $DB_CLIENT_CONF


echo "restarting mariadb"

mysqld_reboot