#!/sbin/runscript

# OpenVPN start/stop script
# Adapted to Gentoo by James Yonan
# Modified to support /etc/openvpn/*/*.conf by Luigi Mantellini

# Originally Contributed to the OpenVPN project by
# Douglas Keller <doug@voidstar.dyndns.org>
# 2002.05.15

# This script does the following:
#
# - Starts an openvpn process for each .conf file and subdirectories
#   it finds in /etc/openvpn.
#
# - If /etc/openvpn/xxx.sh exists for a xxx.conf file then it executes
#   it before starting openvpn (useful for doing openvpn --mktun...).
#
# - If /etc/openvpn/yyy subdirectory exists then it analyzes every
#   /etc/openvpn/yyy/xxx.conf and executes /etc/openvpn/yyy/xxx.sh file
#
# - In addition to start/stop you can do:
#
#   service openvpn reload - SIGHUP
#   service openvpn reopen - SIGUSR1
#   service openvpn status - SIGUSR2

# Location of openvpn binary
openvpn=/usr/sbin/openvpn

# PID directory
piddir=/var/run/openvpn

# Our working directory (.conf files should be here)
work=/etc/openvpn

# Our options
opts="start stop restart condrestart"

depend() {
    need net
    use dns
}

start() {
    ebegin "Starting OpenVPN"

    # Load the TUN/TAP module
    /sbin/modprobe tun >/dev/null 2>&1

    if [ ! -d  $piddir ]; then
        mkdir $piddir
    fi

    cd $work

    # Start every .conf in $work and run .sh if exists
    local errors=0
    local successes=0
    local retstatus=0
    for c in `/bin/ls *.conf 2>/dev/null; /bin/ls -d * 2>/dev/null`; do
        if [ -d "$c" ]; then
            cd $c
            for d in `/bin/ls *.conf 2>/dev/null`; do
                bn=${d%%.conf}
                ebegin "Setting up vpn: $c/$bn"
                if [ -f "$bn.sh" ]; then
                    $bn.sh
                fi
                rm -f $piddir/$c-$bn.pid
                $openvpn --daemon openvpn-$c-$bn --writepid $piddir/$c-$bn.pid --config $work/$c/$d --cd $work/$c
                result=$?
                if [ $result = 0 ]; then
                    successes=1
                else
                    errors=1
                fi
                eend $result
            done
            cd ..
        else
            bn=${c%%.conf}
            ebegin "Setting up vpn: $bn"
            if [ -f "$bn.sh" ]; then
                $bn.sh
            fi
            rm -f $piddir/$bn.pid
            $openvpn --daemon openvpn-$bn --writepid $piddir/$bn.pid --config $work/$c --cd $work
            result=$?
            if [ $result = 0 ]; then
                successes=1
            else
                errors=1
            fi
            eend $result
        fi
    done

    # Decide status based on errors/successes.
    # If at least one tunnel succeeded, we return success.
    # If some tunnels succeeded and some failed, we return
    #   success but give a warning.
    if [ $successes = 1 ]; then
	if [ $errors = 1 ]; then
	    ewarn "Note: At least one OpenVPN tunnel failed to start"
	fi
    else
	retstatus=1
	if [ $errors = 0 ]; then
	    ewarn "Note: No OpenVPN configuration files were found in $work"
	fi
    fi
    eend $retstatus "Error starting OpenVPN"
}

stop() {
    ebegin "Stopping OpenVPN"
    for pidf in `/bin/ls $piddir/*.pid 2>/dev/null`; do
	if [ -s $pidf ]; then
	    kill `cat $pidf` >/dev/null 2>&1
	fi
	rm -f $pidf
    done
    eend 0
}

# this should really be in runscript.sh
started() {
    if [ -L "${svcdir}/started/${myservice}" ]; then
	return 1
    else
	return 0
    fi
}

# attempt to restart ONLY if we are already started
condrestart() {
    started || restart
}