================================================================================
                    SYSTEM VARIABLES QUICK REFERENCE
                   (All SYS_* variables available after
                 sourcing lib/system-variables.sh in launcher)
================================================================================

SOURCING IN YOUR SCRIPT:
    source "$SCRIPT_DIR/lib/system-variables.sh"

================================================================================
MAIL SYSTEM - Choose your system, use the variables
================================================================================

IF $SYS_MAIL_SYSTEM = "exim":
    $SYS_MAIL_BIN_EXIM              /usr/sbin/exim
    $SYS_MAIL_CMD_QUEUE_COUNT       exim -bpc
    $SYS_MAIL_CMD_QUEUE_LIST        exim -bp
    $SYS_MAIL_CMD_QUEUE_RETRY       exim -R
    $SYS_MAIL_CMD_QUEUE_REMOVE      exim -Mrm
    eval "$SYS_MAIL_CMD_QUEUE_COUNT" → (number of queued messages)

IF $SYS_MAIL_SYSTEM = "postfix":
    $SYS_MAIL_BIN_POSTFIX           /usr/sbin/postfix
    $SYS_MAIL_CMD_QUEUE_COUNT       mailq 2>/dev/null | tail -1
    $SYS_MAIL_CMD_QUEUE_LIST        mailq
    $SYS_MAIL_CMD_QUEUE_RETRY       postqueue -f
    $SYS_MAIL_CMD_QUEUE_REMOVE      postsuper -d

IF $SYS_MAIL_SYSTEM = "sendmail":
    $SYS_MAIL_BIN_SENDMAIL          /usr/sbin/sendmail
    $SYS_MAIL_CMD_QUEUE_COUNT       mailq 2>/dev/null | tail -1
    $SYS_MAIL_CMD_QUEUE_LIST        mailq
    $SYS_MAIL_CMD_QUEUE_RETRY       /usr/sbin/sendmail -q

$SYS_MAIL_SPOOL                     Directory with queued messages
$SYS_MAIL_UID / $SYS_MAIL_GID       Mail system user/group IDs

================================================================================
DATABASE SYSTEM - MySQL/MariaDB or PostgreSQL, same variables
================================================================================

$SYS_DB_CLI_COMMAND                 /usr/bin/mysql or /usr/bin/psql
$SYS_DB_DUMP_COMMAND                /usr/bin/mysqldump or /usr/bin/pg_dump
$SYS_DB_ADMIN_COMMAND               /usr/bin/mysqladmin or /usr/bin/pg_isready
$SYS_DB_CHECK_COMMAND               /usr/bin/mysqlcheck or /usr/bin/pg_check
$SYS_DB_REPAIR_COMMAND              mysqlcheck --repair or VACUUM FULL ANALYZE
$SYS_DB_OPTIMIZE_COMMAND            mysqlcheck --optimize or ANALYZE
$SYS_DB_STATUS_COMMAND              SHOW STATUS command or pg_isready
$SYS_DB_SHOW_DATABASES              List all databases
$SYS_DB_SHOW_TABLES                 List tables in database

$SYS_DB_UID / $SYS_DB_GID           Database system user/group IDs
$SYS_DB_SOCKET                      Unix socket path
$SYS_DB_CONFIG                      Configuration file path

================================================================================
SECURITY SCANNERS - Check if available, use if present
================================================================================

Check: if [ -n "$SYS_SCANNER_CLAMAV" ]; then ... fi

AVAILABLE SCANNERS:
    $SYS_SCANNER_CLAMAV             /usr/bin/clamscan (if installed)
    $SYS_SCANNER_CLAMUPDATE         /usr/bin/freshclam (if installed)
    $SYS_SCANNER_MALDET             /usr/local/maldetect/maldet (if installed)
    $SYS_SCANNER_RKHUNTER           /usr/bin/rkhunter (if installed)
    $SYS_SCANNER_IMUNIFY            /usr/bin/imunify360-agent (if installed)

RELATED:
    $SYS_SCANNER_CLAMAV_DB          /var/lib/clamav (ClamAV signature DB)
    $SYS_SCANNER_CLAMAV_LOG         /var/log/clamav/scan.log
    $SYS_SCANNER_MALDET_QUARANTINE  Quarantine directory
    $SYS_SCANNER_RKHUNTER_CONFIG    /etc/rkhunter.conf

CONTROL PANEL SECURITY TOOLS:
    IF $SYS_CONTROL_PANEL = "cpanel":
        $SYS_CPANEL_WHMAPI              WHM API endpoint
        $SYS_CPANEL_UAPI                cPanel User API endpoint
        $SYS_CPANEL_HULK                /usr/sbin/csf (if using CSF)
        $SYS_CPANEL_SCAN_TOOL           Security scan utility
        $SYS_CPANEL_MALWARE_SCANNER     Malware detection tool

    IF $SYS_CONTROL_PANEL = "plesk":
        $SYS_PLESK_API                  Plesk API
        $SYS_PLESK_ADMIN_API            Admin API
        $SYS_PLESK_EXTENSION_API        Extension API

    IF $SYS_CONTROL_PANEL = "interworx":
        $SYS_INTERWORX_BIN              /home/interworx/bin
        $SYS_INTERWORX_NODEWORX         NodeWorx CLI
        $SYS_INTERWORX_SITEWORX         SiteWorx CLI

SYSTEM SECURITY:
    if [ -n "$SYS_FAIL2BAN_CLIENT" ]; then
        $SYS_FAIL2BAN_CLIENT            Fail2Ban CLI
        $SYS_FAIL2BAN_CONFIG            /etc/fail2ban
    fi

    if [ -n "$SYS_SELINUX_ENABLED" ]; then
        $SYS_SELINUX_STATUS             Current SELinux mode
        $SYS_SELINUX_CONFIG             /etc/selinux/config
    fi

    if [ -n "$SYS_APPARMOR_ENABLED" ]; then
        $SYS_APPARMOR_CONFIG            /etc/apparmor
    fi

================================================================================
AUTHENTICATION & SYSTEM FILES
================================================================================

STANDARD FILES (all systems):
    $SYS_AUTH_PASSWD_FILE               /etc/passwd
    $SYS_AUTH_SHADOW_FILE               /etc/shadow
    $SYS_AUTH_GROUP_FILE                /etc/group
    $SYS_AUTH_GSHADOW_FILE              /etc/gshadow
    $SYS_AUTH_SUDOERS_FILE              /etc/sudoers
    $SYS_AUTH_SUDOERS_DIR               /etc/sudoers.d
    $SYS_AUTH_SSH_CONFIG                /etc/ssh/sshd_config
    $SYS_AUTH_PAM_DIR                   /etc/pam.d
    $SYS_AUTH_HOSTS_ALLOW               /etc/hosts.allow
    $SYS_AUTH_HOSTS_DENY                /etc/hosts.deny

CRON & LOGS:
    $SYS_AUTH_CRONTAB_DIR               /var/spool/cron or /var/spool/cron/crontabs
    $SYS_LOG_CRON                       /var/log/cron (RHEL) or /var/log/syslog (Debian)

================================================================================
USER & GROUP IDS (for permission checks)
================================================================================

WEB SERVER:
    $SYS_WEB_UID                        Numeric UID (33 on Debian, 48 on RHEL)
    $SYS_WEB_GID                        Numeric GID
    Example: if [ "$file_uid" -eq "$SYS_WEB_UID" ]; then ... fi

DATABASE:
    $SYS_DB_UID                         Numeric UID (usually 986 for MySQL)
    $SYS_DB_GID                         Numeric GID

MAIL SYSTEM:
    $SYS_MAIL_UID                       Numeric UID (8 on most systems)
    $SYS_MAIL_GID                       Numeric GID

CONTROL PANEL SYSTEM USERS:
    $SYS_CPANEL_SYSTEM_UID              cPanel system user UID
    $SYS_PLESK_SYSTEM_UID               Plesk system user UID
    $SYS_INTERWORX_SYSTEM_UID           InterWorx system user UID

================================================================================
SYSTEM DETECTION (populated by launcher.sh)
================================================================================

PLATFORM INFO:
    $SYS_CONTROL_PANEL                  cpanel, plesk, interworx, or ""
    $SYS_CONTROL_PANEL_VERSION          Version number
    $SYS_OS_TYPE                        centos, ubuntu, debian, almalinux, cloudlinux
    $SYS_OS_VERSION                     Version number
    $SYS_WEB_SERVER                     apache, nginx, litespeed, openlitespeed
    $SYS_WEB_SERVER_VERSION             Version number
    $SYS_DB_TYPE                        mysql, postgresql
    $SYS_DB_VERSION                     Version number
    $SYS_MAIL_SYSTEM                    exim, postfix, sendmail
    $SYS_FIREWALL                       csf, firewalld, iptables, ufw, imunify, plesk
    $SYS_FIREWALL_VERSION               Version number

PATHS:
    $SYS_LOG_DIR                        Base log directory
    $SYS_USER_HOME_BASE                 /home or /var/www/vhosts or /chroot/home
    $SYS_DB_SOCKET                      MySQL socket
    $SYS_DB_CONFIG                      MySQL config file

SERVICE NAMES:
    $SYS_WEB_SERVICE                    apache2 or httpd
    $SYS_WEB_USER                       www-data or apache
    $SYS_DB_SERVICE                     mysqld or mysql
    $SYS_MAIL_SERVICE                   exim4 or postfix
    $SYS_FIREWALL_SERVICE               csf or firewalld or ufw
    $SYS_INIT_SYSTEM                    systemd or sysvinit

================================================================================
FIREWALL OPERATIONS (always available)
================================================================================

Source the library:
    source lib/system-variables.sh

Functions available:
    firewall_block_ip "192.168.1.100"
        Returns: 0 on success, 1 on failure

    firewall_unblock_ip "192.168.1.100"
        Returns: 0 always

    firewall_is_blocked "192.168.1.100"
        Returns: 0 if blocked, 1 if not

    firewall_bulk_block_ips "192.168.1.1\n192.168.1.2\n192.168.1.3"
        Returns: "Blocked: N, Failed: M"

Supports: CSF, firewalld, iptables, UFW, Imunify360, Plesk Firewall
Uses ipset for bulk operations (1000+ IPs in <2 seconds)

================================================================================
COMMON PATTERNS
================================================================================

1. USE OPTIONAL TOOLS SAFELY:
    if [ -n "$SYS_SCANNER_CLAMAV" ]; then
        $SYS_SCANNER_CLAMAV -r /home
    fi

2. USE MAIL COMMANDS ON ANY MTA:
    eval "$SYS_MAIL_CMD_QUEUE_COUNT"
    eval "$SYS_MAIL_CMD_QUEUE_LIST"

3. USE DATABASE COMMANDS ON ANY DB:
    $SYS_DB_DUMP_COMMAND database_name > backup.sql
    $SYS_DB_CHECK_COMMAND -u root

4. CHECK FILE OWNERSHIP ACROSS OSes:
    if [ "$(stat -c %u /path)" -eq "$SYS_WEB_UID" ]; then
        echo "Owned by web server"
    fi

5. BLOCK IPS ACROSS FIREWALLS:
    while read ip; do
        firewall_block_ip "$ip"
    done < suspicious_ips.txt

================================================================================
PLATFORM DETECTION QUICK REFERENCE
================================================================================

IF cPanel:          SYS_CONTROL_PANEL="cpanel"
  - User homes: /home/USERNAME
  - Web docroot: /home/USERNAME/public_html
  - Panel paths: SYS_CPANEL_*
  - Logs: SYS_LOG_* (auto-detected)

IF Plesk:           SYS_CONTROL_PANEL="plesk"
  - User homes: /var/www/vhosts/USERNAME
  - Web docroot: /var/www/vhosts/DOMAIN/httpdocs
  - Panel paths: SYS_PLESK_*
  - Logs: SYS_LOG_* (auto-detected)

IF InterWorx:       SYS_CONTROL_PANEL="interworx"
  - User homes: /chroot/home/USERNAME
  - Web docroot: /home/USERNAME/DOMAIN/html
  - Panel paths: SYS_INTERWORX_*
  - Logs: SYS_LOG_* (auto-detected)

IF RHEL/CentOS:     SYS_OS_TYPE="centos" or "almalinux"
  - Apache: /usr/sbin/httpd, user=apache, uid=48
  - MySQL socket: /var/lib/mysql/mysql.sock
  - Logs: /var/log/

IF Ubuntu/Debian:   SYS_OS_TYPE="ubuntu" or "debian"
  - Apache: /usr/sbin/apache2, user=www-data, uid=33
  - MySQL socket: /var/run/mysqld/mysqld.sock
  - Logs: /var/log/

================================================================================
TROUBLESHOOTING
================================================================================

Variables are empty or not set?
  → launcher.sh must run full detection first
  → Make sure to source lib/system-variables.sh, not individual files

Tool path is empty (e.g., $SYS_SCANNER_CLAMAV)?
  → Tool is not installed on this system
  → Always check: if [ -n "$VAR" ]; then use it; fi

Commands don't work as expected?
  → Try: eval "$SYS_MAIL_CMD_QUEUE_COUNT" (instead of just $SYS_MAIL_CMD_QUEUE_COUNT)
  → eval is needed for commands with arguments

Wrong UID detected?
  → Check: id -u web_user_name
  → Report if doesn't match $SYS_WEB_UID

================================================================================
For detailed documentation, see:
  - MAIL-DATABASE-TOOLS-VARIABLES.md (full reference)
  - MISSING-VARIABLES-COMPLETE.md (implementation details)
  - IMPLEMENTATION-READY.md (status & integration guide)
================================================================================
