#!/bin/sh

umask 077

PATH="/bin:/usr/bin:/usr/local/bin:/sbin:/usr/sbin:/usr/local/sbin"

if [ `whoami` != <%= scope.lookupvar('ldap::server::user') %> ]; then
    echo "ERR: Script needs to be run as <%= scope.lookupvar('ldap::server::user') %> user" 1>&2
    exit 1
fi

BACKUPDIR="/srv/ldap-backup"
BACKUPAGE="<%= @maxage %>"

DATE=`date "+%Y-%m-%d"`

ldapsearch -LLL -x -H ldapi:// -s base -b 'cn=Databases,cn=Monitor' \
    '(objectClass=*)' namingContexts | \
    sed -n 's/^namingContexts: \(.*\)/\1/p' | while read db ; do
        [ "${db}" = "cn=config" ] && continue
        slapcat -f /etc/openldap/slapd.conf -b "${db}" 2> /dev/null | gzip > \
            "${BACKUPDIR}/${db}.${DATE}.gz"
        if [ $? -ne 0 ]; then
            echo "ERR: Failed to backup database ${db}" 1>&2
            continue
        fi
done

tmpwatch -m -f ${BACKUPAGE} ${BACKUPDIR}