Commit | Line | Data |
---|---|---|
0fa31a96 | 1 | #! /bin/sh |
4ce4c726 MW |
2 | ### |
3 | ### tripe init script | |
4 | ### suitable for direct use in most SysV-style inits | |
5 | ||
6 | ### BEGIN INIT INFO | |
7 | # Provides: tripe | |
8 | # Required-Start: $local_fs $remote_fs $named $network | |
9 | # Required-Stop: $local_fs $remote_fs $network | |
10 | # Default-Start: 2 3 4 5 | |
11 | # Default-Stop: 0 1 6 | |
12 | # Short-Description: tripe Virtual Private Network server | |
13 | ### END INIT INFO | |
0fa31a96 | 14 | |
0fa31a96 | 15 | set -e |
16 | ||
4ce4c726 MW |
17 | ###-------------------------------------------------------------------------- |
18 | ### Configuration. | |
0fa31a96 | 19 | |
ef4a1ab7 | 20 | [ -f @initconfig@ ] && . @initconfig@ |
4ce4c726 | 21 | |
ef4a1ab7 | 22 | : ${prefix=@prefix@} ${exec_prefix=@exec_prefix@} |
23 | : ${bindir=@bindir@} ${sbindir=@sbindir@} | |
797cf76b | 24 | : ${TRIPEDIR=@configdir@} ${TRIPESOCK=@socketdir@/tripesock} |
3cdc3f3a | 25 | : ${pidfile=@pidfile@} |
ef4a1ab7 | 26 | : ${tripe=$sbindir/tripe} ${tripectl=$bindir/tripectl} |
4ce4c726 | 27 | |
0fa31a96 | 28 | PATH=/usr/bin:/usr/sbin:/bin:/sbin:$bindir |
4ce4c726 | 29 | export PATH TRIPEDIR TRIPESOCK TRIPE_SLIPIF |
ef4a1ab7 | 30 | |
4ce4c726 MW |
31 | ###-------------------------------------------------------------------------- |
32 | ### Pre-flight checks. | |
3cdc3f3a | 33 | |
4ce4c726 MW |
34 | ## Give up if there's no binary. |
35 | if test ! -x "$tripe" || test ! -x "$tripectl"; then | |
36 | echo >&2 "Not starting/stopping TrIPE: binary files missing" | |
37 | exit 0 | |
38 | fi | |
39 | ||
40 | ## Give up if there's no key. | |
41 | if test ! -f "$TRIPEDIR/keyring" || test ! -f "$TRIPEDIR/keyring.pub"; then | |
3cdc3f3a | 42 | echo >&2 "Not starting/stopping TrIPE: keyring files missing" |
43 | exit 0 | |
44 | fi | |
45 | ||
4ce4c726 MW |
46 | ## Check it will work, or at least stands a fighting chance. |
47 | ## | |
48 | ## (Having loads of different tunnel types doesn't help any.) | |
49 | case ${tunnel-`$tripe --tunnels | head -1`},`uname -s` in | |
50 | ||
51 | ## Linux TUN/TAP. | |
52 | linux,Linux) | |
53 | if { test -f /proc/misc && grep -q tun /proc/misc; } || | |
54 | modprobe -q tun; then | |
55 | : good | |
56 | else | |
57 | echo >&2 "$tripe needs the Linux TUN/TAP driver to run." | |
58 | exit 1 | |
59 | fi | |
60 | if test -c /dev/net/tun; then | |
61 | : good | |
62 | else | |
63 | echo >&2 "$tripe needs /dev/net/tun, which is missing." | |
64 | exit 1 | |
65 | fi | |
ef4a1ab7 | 66 | ;; |
4ce4c726 MW |
67 | |
68 | ## Linux Unet (obsolete). | |
69 | unet,Linux) | |
70 | if { test -f /proc/devices && grep -q unet /proc/devices; } || | |
71 | modprobe -q unet; then | |
72 | : good | |
73 | else | |
74 | echo >&2 "$tripe needs the Linux UNET driver to run." | |
75 | exit 1 | |
76 | fi | |
77 | if test -c /dev/unet; then | |
78 | : good | |
79 | else | |
80 | echo >&2 "$tripe needs /dev/unet, which is missing." | |
81 | exit 1 | |
82 | fi | |
ef4a1ab7 | 83 | ;; |
4ce4c726 MW |
84 | |
85 | ## BSD tun. | |
86 | bsd,*BSD) | |
87 | ## Don't know how to check the device is working. Check the device file | |
88 | ## exists and hope for the best. | |
89 | if test -c /dev/tun0; then | |
90 | : good | |
91 | else | |
92 | echo >&2 "$tripe needs /dev/tun0, which is missing." | |
93 | exit 1 | |
94 | fi | |
ef4a1ab7 | 95 | ;; |
4ce4c726 MW |
96 | |
97 | ## SLIP. | |
98 | slip,*) | |
b9066fbb | 99 | if test "$TRIPE_SLIPIF" = ""; then |
100 | echo >&2 "$tripe needs SLIP interfaces set up!" | |
101 | exit 1 | |
102 | fi | |
103 | ;; | |
4ce4c726 MW |
104 | |
105 | ## Various kinds of misconfiguration. | |
106 | linux,* | unet,*) | |
107 | echo >&2 "CONFIGURATION ERROR" | |
108 | echo >&2 " $tripe is compiled to use a Linux tunnel device, but" | |
109 | echo >&2 " this system is `uname -s`" | |
110 | exit 1 | |
111 | ;; | |
112 | bsd,*) | |
113 | echo >&2 "CONFIGURATION ERROR" | |
114 | echo >&2 " $tripe is compiled to use a BSD tunnel device, but" | |
115 | echo >&2 " this system is `uname -s`" | |
116 | exit 1 | |
117 | ;; | |
ef4a1ab7 | 118 | esac |
e04c2d50 | 119 | |
4ce4c726 MW |
120 | ###-------------------------------------------------------------------------- |
121 | ### Do what was wanted. | |
0fa31a96 | 122 | |
123 | case "$1" in | |
4ce4c726 | 124 | |
0fa31a96 | 125 | start) |
126 | echo -n "Starting TrIPE VPN daemon:" | |
4ce4c726 MW |
127 | |
128 | ## Check to see whether the daemon is already going. If it can respond | |
129 | ## to a simple request, we'll assume that it is. | |
3cdc3f3a | 130 | if $tripectl version >/dev/null 2>/dev/null; then |
0fa31a96 | 131 | echo " already running" |
132 | exit 0 | |
133 | fi | |
4ce4c726 MW |
134 | |
135 | ## Start the server, passing lots of arguments. | |
ae8928d2 MW |
136 | logopt= |
137 | case ${syslogp-nil} in nil) ;; *) logopt="$logopt -l" ;; esac | |
138 | case ${logfile+t},${syslogp-nil} in | |
139 | t,*) logopt="$logopt -f$logfile" ;; | |
140 | ,nil) logopt="$logopt -f@logfile@" ;; | |
141 | esac | |
ef4a1ab7 | 142 | $tripectl -D -s -p$tripe \ |
3cdc3f3a | 143 | -P$pidfile \ |
ae8928d2 | 144 | $logopt \ |
85b239ad MW |
145 | ${keytag+-S-t$keytag} \ |
146 | ${addr+-S-b$addr} ${port+-S-p$port} \ | |
147 | ${user+-U$user} ${group+-G$group} \ | |
148 | ${sockmode+-S-m$sockmode} \ | |
149 | ${trace+-S-T$trace} \ | |
150 | ${tunnel+-S-n$tunnel} \ | |
151 | $miscopts | |
4ce4c726 MW |
152 | |
153 | ## Wait for the server to start up. This doesn't usually take long. | |
0fa31a96 | 154 | for i in 1 2 3 4 give-up; do |
155 | $tripectl help >/dev/null 2>/dev/null && break | |
156 | sleep 1 | |
157 | done | |
4ce4c726 | 158 | |
0fa31a96 | 159 | if [ $i = give-up ]; then |
160 | echo " wouldn't start" | |
161 | exit 1 | |
162 | fi | |
4ce4c726 | 163 | |
0fa31a96 | 164 | echo -n " tripe" |
4ce4c726 MW |
165 | |
166 | ## Start up the ancillary services. | |
a62f8e8a MW |
167 | sep=" services [" end="" |
168 | [ -d $TRIPEDIR/services ] && for i in $TRIPEDIR/services/*; do | |
169 | [ -x $i ] || continue | |
170 | name=`basename $i` | |
171 | case $name in *~|\#*) continue;; esac | |
172 | if $i --daemon --startup; then | |
173 | echo -n "$sep$name" | |
174 | else | |
a571143b | 175 | echo -n "$sep($name failed)" |
a62f8e8a MW |
176 | fi |
177 | sep=" " end="]" | |
178 | done | |
179 | echo -n "$end" | |
4ce4c726 MW |
180 | |
181 | ## Start up the statically configured peers. | |
a62f8e8a MW |
182 | sep=" peers [" end="" |
183 | [ -d $TRIPEDIR/peers ] && for i in $TRIPEDIR/peers/*; do | |
595935b7 | 184 | [ -x $i ] || continue |
0fa31a96 | 185 | name=`basename $i` |
595935b7 | 186 | case $name in *~|\#*) continue;; esac |
e04c2d50 | 187 | if $i; then |
a62f8e8a | 188 | echo -n "$sep$name" |
595935b7 | 189 | else |
a571143b | 190 | echo -n "$sep($name failed)" |
595935b7 | 191 | fi |
a62f8e8a | 192 | sep=" " end="]" |
0fa31a96 | 193 | done |
4ce4c726 MW |
194 | |
195 | ## Happy. | |
a62f8e8a | 196 | echo "$end done" |
0fa31a96 | 197 | ;; |
4ce4c726 | 198 | |
0fa31a96 | 199 | stop) |
200 | echo -n "Stopping TrIPE VPN daemon:" | |
4ce4c726 MW |
201 | |
202 | ## If there's no socket, it must have quit (probably nonviolently). | |
6c3803c4 | 203 | if (cd $TRIPEDIR && test ! -S $TRIPESOCK); then |
3cdc3f3a | 204 | echo " not running" |
4ce4c726 MW |
205 | |
206 | ## Ask it to die nicely. | |
3cdc3f3a | 207 | elif $tripectl quit >/dev/null 2>&1; then |
208 | echo " done" | |
4ce4c726 MW |
209 | |
210 | ## If there's no pidfile then tripectl presumably deleted it. | |
3cdc3f3a | 211 | elif test ! -f $pidfile; then |
212 | echo " stale socket found: removing" | |
797cf76b | 213 | rm -f $TRIPESOCK |
4ce4c726 MW |
214 | |
215 | ## Otherwise kill the process unpleasantly. | |
3cdc3f3a | 216 | elif kill `cat $pidfile`; then |
217 | echo " done (killed violently)" | |
218 | else | |
819018a9 | 219 | echo " it doesn't want to die!" |
3cdc3f3a | 220 | exit 1 |
221 | fi | |
0fa31a96 | 222 | ;; |
4ce4c726 | 223 | |
ef4a1ab7 | 224 | status) |
225 | for i in `$tripectl list`; do | |
226 | echo "Peer \`$i':" | |
227 | $tripectl stats $i | sed 's/^/ /' | |
228 | done | |
229 | ;; | |
4ce4c726 | 230 | |
de014da6 | 231 | reload) |
232 | $tripectl reload | |
233 | echo "Keyrings reloaded OK." | |
234 | ;; | |
4ce4c726 | 235 | |
0fa31a96 | 236 | restart | force-reload) |
237 | sh $0 stop | |
238 | sh $0 start | |
239 | ;; | |
4ce4c726 | 240 | |
0fa31a96 | 241 | *) |
de014da6 | 242 | echo >&2 "usage: $0 start|stop|restart|status|reload|force-reload" |
0fa31a96 | 243 | exit 1 |
244 | ;; | |
4ce4c726 | 245 | |
0fa31a96 | 246 | esac |
4ce4c726 MW |
247 | |
248 | ###----- That's all, folks -------------------------------------------------- |