#!/bin/bash
LOG_FILE="/var/log/startup_script.log"

# 记录日志的函数
log() {
    echo "$(date '+%Y-%m-%d %H:%M:%S') [INFO] $1" | tee -a $LOG_FILE
}

error_log() {
    echo "$(date '+%Y-%m-%d %H:%M:%S') [ERROR] $1" | tee -a $LOG_FILE
}

log "====== 启动初始化脚本 ======"

### 🔹 **防火墙检查**
log "检查防火墙状态..."
if systemctl is-active --quiet firewalld; then
    log "firewalld 已启用，正在关闭..."
    if systemctl stop firewalld && systemctl disable firewalld; then
        log "firewalld 关闭成功"
    else
        error_log "firewalld 关闭失败，请手动检查！"
    fi
else
    log "firewalld 已经是关闭状态"
fi
log "✅ 防火墙任务完成"

### 🔹 **OpenVPN 连接检查**
VPN_INTERFACE="tun0"
TARGET_IP="192.168.60.21"
VPN_SERVICE="openvpn-client@elk.service"

log "检查 OpenVPN 连接状态..."
if systemctl is-active --quiet $VPN_SERVICE; then
    log "OpenVPN ($VPN_SERVICE) 运行中"
else
    log "OpenVPN ($VPN_SERVICE) 未运行，尝试启动..."
    systemctl start $VPN_SERVICE
    sleep 5
fi

VPN_IP=$(ip -4 addr show $VPN_INTERFACE | grep -oP '(?<=inet\s)\d+(\.\d+){3}' || echo "NONE")
if [[ "$VPN_IP" == "$TARGET_IP" ]]; then
    log "VPN 连接正常，IP: $VPN_IP"
else
    error_log "未获取到目标 IP ($TARGET_IP)，尝试重启 VPN..."
    systemctl restart $VPN_SERVICE
    sleep 5
    VPN_IP=$(ip -4 addr show $VPN_INTERFACE | grep -oP '(?<=inet\s)\d+(\.\d+){3}' || echo "NONE")
    if [[ "$VPN_IP" == "$TARGET_IP" ]]; then
        log "VPN 重启成功，IP: $VPN_IP"
    else
        error_log "VPN 重启后仍未获取目标 IP，请检查 VPN 配置！"
    fi
fi
log "✅ OpenVPN 连接检查完成"

### 🔹 **Elasticsearch 进程检查**
ES_USER="user"
ES_HOME="/data/elasticsearch-8.17.0/bin"

log "检查 Elasticsearch 进程..."
if pgrep -f "org.elasticsearch.bootstrap.Elasticsearch"; then
    log "Elasticsearch 运行正常"
else
    error_log "Elasticsearch 未运行，尝试以 $ES_USER 用户启动..."
    sudo -u $ES_USER nohup $ES_HOME/elasticsearch > /var/log/elasticsearch.log 2>&1 &
    log "Elasticsearch 启动命令已执行"
fi
log "✅ Elasticsearch 进程检查完成"

### 🔹 **Kibana 进程检查**
KIBANA_USER="user"
KIBANA_HOME="/data/kibana-8.17.0/bin"

log "检查 Kibana 进程..."
if pgrep -x "node" -a | grep -q "kibana"; then
    log "Kibana 运行正常"
else
    error_log "Kibana 未运行，尝试以 $KIBANA_USER 用户启动..."
    sudo -u $KIBANA_USER nohup $KIBANA_HOME/kibana > /var/log/kibana.log 2>&1 &
    log "Kibana 启动命令已执行"
fi
log "✅ Kibana 进程检查完成"

log "====== 启动初始化脚本完成 ======"