#!/usr/bin/python3
#
# Univention Monitoring Plugin
#  check_univention_ldap: check ldap status
#
# SPDX-FileCopyrightText: 2007-2025 Univention GmbH
# SPDX-License-Identifier: AGPL-3.0-only


import os

from univention.config_registry import ucr
from univention.monitoring import Alert


class LDAP(Alert):

    def write_metrics(self):
        if ucr['server/role'] == 'memberserver':
            return
        password = ""
        with open('/etc/machine.secret') as fh:
            password = fh.readline()
        slapd_port = ucr.get('slapd/port', '7389').split(',')[0]
        os.environ['LDAP_PASSWORD'] = password
        rc, output = self.exec_command([
            '/usr/lib/nagios/plugins/check_ldap',
            '-H', '%(hostname)s.%(domainname)s' % ucr,
            '-p', slapd_port,
            '-b', ucr['ldap/base'],
            '-D', ucr['ldap/hostdn'],
        ])
        self.write_metric('univention_ldap_reachable', 1 if rc == 0 else 0)
        self.log.debug(output)


if __name__ == '__main__':
    LDAP.main()
