[tripe] / init / tripe-init.in

#! /bin/sh
###
### tripe init script
###   suitable for direct use in most SysV-style inits

### BEGIN INIT INFO
# Provides:          tripe
# Required-Start:    $local_fs $remote_fs $named $network
# Required-Stop:     $local_fs $remote_fs $network
# Default-Start:     2 3 4 5
# Default-Stop:      0 1 6
# Short-Description: tripe Virtual Private Network server
### END INIT INFO

set -e

###--------------------------------------------------------------------------
### Configuration.

[ -f @initconfig@ ] && . @initconfig@

: ${prefix=@prefix@} ${exec_prefix=@exec_prefix@}
: ${bindir=@bindir@} ${sbindir=@sbindir@}
: ${TRIPEDIR=@configdir@} ${TRIPESOCK=@socketdir@/tripesock}
: ${pidfile=@pidfile@}
: ${tripe=$sbindir/tripe} ${tripectl=$bindir/tripectl}

PATH=/usr/bin:/usr/sbin:/bin:/sbin:$bindir
export PATH TRIPEDIR TRIPESOCK TRIPE_SLIPIF

###--------------------------------------------------------------------------
### Pre-flight checks.

## Give up if there's no binary.
if test ! -x "$tripe" || test ! -x "$tripectl"; then
  echo >&2 "Not starting/stopping TrIPE: binary files missing"
  exit 0
fi

## Give up if there's no key.
if test ! -f "$TRIPEDIR/keyring" || test ! -f "$TRIPEDIR/keyring.pub"; then
  echo >&2 "Not starting/stopping TrIPE: keyring files missing"
  exit 0
fi

## Check it will work, or at least stands a fighting chance.
##
## (Having loads of different tunnel types doesn't help any.)
case ${tunnel-`$tripe --tunnels | head -1`},`uname -s` in

  ## Linux TUN/TAP.
  linux,Linux)
    if { test -f /proc/misc && grep -q tun /proc/misc; } ||
       modprobe -q tun; then
      : good
    else
      echo >&2 "$tripe needs the Linux TUN/TAP driver to run."
      exit 1
    fi
    if test -c /dev/net/tun; then
      : good
    else
      echo >&2 "$tripe needs /dev/net/tun, which is missing."
      exit 1
    fi
    ;;

  ## Linux Unet (obsolete).
  unet,Linux)
    if { test -f /proc/devices && grep -q unet /proc/devices; } ||
       modprobe -q unet; then
      : good
    else
      echo >&2 "$tripe needs the Linux UNET driver to run."
      exit 1
    fi
    if test -c /dev/unet; then
      : good
    else
      echo >&2 "$tripe needs /dev/unet, which is missing."
      exit 1
    fi
    ;;

  ## BSD tun.
  bsd,*BSD)
    ## Don't know how to check the device is working.  Check the device file
    ## exists and hope for the best.
    if test -c /dev/tun0; then
      : good
    else
      echo >&2 "$tripe needs /dev/tun0, which is missing."
      exit 1
    fi
    ;;

  ## SLIP.
  slip,*)
    if test "$TRIPE_SLIPIF" = ""; then
      echo >&2 "$tripe needs SLIP interfaces set up!"
      exit 1
    fi
    ;;

  ## Various kinds of misconfiguration.
  linux,* | unet,*)
    echo >&2 "CONFIGURATION ERROR"
    echo >&2 "  $tripe is compiled to use a Linux tunnel device, but"
    echo >&2 "  this system is `uname -s`"
    exit 1
    ;;
  bsd,*)
    echo >&2 "CONFIGURATION ERROR"
    echo >&2 "  $tripe is compiled to use a BSD tunnel device, but"
    echo >&2 "  this system is `uname -s`"
    exit 1
    ;;
esac

###--------------------------------------------------------------------------
### Do what was wanted.

case "$1" in

  start)
    echo -n "Starting TrIPE VPN daemon:"

    ## Check to see whether the daemon is already going.  If it can respond
    ## to a simple request, we'll assume that it is.
    if $tripectl version >/dev/null 2>/dev/null; then
      echo " already running"
      exit 0
    fi

    ## Start the server, passing lots of arguments.
    logopt=
    case ${syslogp-nil} in nil) ;; *) logopt="$logopt -l" ;; esac
    case ${logfile+t},${syslogp-nil} in
      t,*) logopt="$logopt -f$logfile" ;;
      ,nil) logopt="$logopt -f@logfile@" ;;
    esac
    $tripectl -D -s -p$tripe \
      -P$pidfile \
      $logopt \
      ${keytag+-S-t$keytag} \
      ${addr+-S-b$addr} ${port+-S-p$port} \
      ${user+-U$user} ${group+-G$group} \
      ${sockmode+-S-m$sockmode} \
      ${trace+-S-T$trace} \
      ${tunnel+-S-n$tunnel} \
      $miscopts

    ## Wait for the server to start up.  This doesn't usually take long.
    for i in 1 2 3 4 give-up; do
      $tripectl help >/dev/null 2>/dev/null && break
      sleep 1
    done

    if [ $i = give-up ]; then
      echo " wouldn't start"
      exit 1
    fi

    echo -n " tripe"

    ## Start up the ancillary services.
    sep=" services [" end=""
    [ -d $TRIPEDIR/services ] && for i in $TRIPEDIR/services/*; do
      [ -x $i ] || continue
      name=`basename $i`
      case $name in *~|\#*) continue;; esac
      if $i --daemon --startup; then
	echo -n "$sep$name"
      else
	echo -n "$sep($name failed)"
      fi
      sep=" " end="]"
    done
    echo -n "$end"

    ## Start up the statically configured peers.
    sep=" peers [" end=""
    [ -d $TRIPEDIR/peers ] && for i in $TRIPEDIR/peers/*; do
      [ -x $i ] || continue
      name=`basename $i`
      case $name in *~|\#*) continue;; esac
      if $i; then
	echo -n "$sep$name"
      else
	echo -n "$sep($name failed)"
      fi
      sep=" " end="]"
    done

    ## Happy.
    echo "$end done"
    ;;

  stop)
    echo -n "Stopping TrIPE VPN daemon:"

    ## If there's no socket, it must have quit (probably nonviolently).
    if (cd $TRIPEDIR && test ! -S $TRIPESOCK); then
      echo " not running"

    ## Ask it to die nicely.
    elif $tripectl quit >/dev/null 2>&1; then
      echo " done"

    ## If there's no pidfile then tripectl presumably deleted it.
    elif test ! -f $pidfile; then
      echo " stale socket found: removing"
      rm -f $TRIPESOCK

    ## Otherwise kill the process unpleasantly.
    elif kill `cat $pidfile`; then
      echo " done (killed violently)"
    else
      echo " it doesn't want to die!"
      exit 1
    fi
    ;;

  status)
    for i in `$tripectl list`; do
      echo "Peer \`$i':"
      $tripectl stats $i | sed 's/^/  /'
    done
    ;;

  reload)
    $tripectl reload
    echo "Keyrings reloaded OK."
    ;;

  restart | force-reload)
    sh $0 stop
    sh $0 start
    ;;

  *)
    echo >&2 "usage: $0 start|stop|restart|status|reload|force-reload"
    exit 1
    ;;

esac

###----- That's all, folks --------------------------------------------------
Commit	Line	Data
0fa31a96	1	#! /bin/sh
4ce4c726 MW	2	###
	3	### tripe init script
	4	### suitable for direct use in most SysV-style inits
	5
	6	### BEGIN INIT INFO
	7	# Provides: tripe
	8	# Required-Start: $local_fs $remote_fs $named $network
	9	# Required-Stop: $local_fs $remote_fs $network
	10	# Default-Start: 2 3 4 5
	11	# Default-Stop: 0 1 6
	12	# Short-Description: tripe Virtual Private Network server
	13	### END INIT INFO
0fa31a96	14
0fa31a96	15	set -e
0fa31a96	16
4ce4c726 MW	17	###--------------------------------------------------------------------------
4ce4c726 MW	18	### Configuration.
0fa31a96	19
ef4a1ab7	20	[ -f @initconfig@ ] && . @initconfig@
4ce4c726	21
ef4a1ab7	22	: ${prefix=@prefix@} ${exec_prefix=@exec_prefix@}
ef4a1ab7	23	: ${bindir=@bindir@} ${sbindir=@sbindir@}
797cf76b	24	: ${TRIPEDIR=@configdir@} ${TRIPESOCK=@socketdir@/tripesock}
3cdc3f3a	25	: ${pidfile=@pidfile@}
ef4a1ab7	26	: ${tripe=$sbindir/tripe} ${tripectl=$bindir/tripectl}
4ce4c726	27
0fa31a96	28	PATH=/usr/bin:/usr/sbin:/bin:/sbin:$bindir
4ce4c726	29	export PATH TRIPEDIR TRIPESOCK TRIPE_SLIPIF
ef4a1ab7	30
4ce4c726 MW	31	###--------------------------------------------------------------------------
4ce4c726 MW	32	### Pre-flight checks.
3cdc3f3a	33
4ce4c726 MW	34	## Give up if there's no binary.
	35	if test ! -x "$tripe" \|\| test ! -x "$tripectl"; then
	36	echo >&2 "Not starting/stopping TrIPE: binary files missing"
	37	exit 0
	38	fi
	39
	40	## Give up if there's no key.
	41	if test ! -f "$TRIPEDIR/keyring" \|\| test ! -f "$TRIPEDIR/keyring.pub"; then
3cdc3f3a	42	echo >&2 "Not starting/stopping TrIPE: keyring files missing"
	43	exit 0
	44	fi
	45
4ce4c726 MW	46	## Check it will work, or at least stands a fighting chance.
	47	##
	48	## (Having loads of different tunnel types doesn't help any.)
	49	case ${tunnel-`$tripe --tunnels \| head -1`},`uname -s` in
	50
	51	## Linux TUN/TAP.
	52	linux,Linux)
	53	if { test -f /proc/misc && grep -q tun /proc/misc; } \|\|
	54	modprobe -q tun; then
	55	: good
	56	else
	57	echo >&2 "$tripe needs the Linux TUN/TAP driver to run."
	58	exit 1
	59	fi
	60	if test -c /dev/net/tun; then
	61	: good
	62	else
	63	echo >&2 "$tripe needs /dev/net/tun, which is missing."
	64	exit 1
	65	fi
ef4a1ab7	66	;;
4ce4c726 MW	67
	68	## Linux Unet (obsolete).
	69	unet,Linux)
	70	if { test -f /proc/devices && grep -q unet /proc/devices; } \|\|
	71	modprobe -q unet; then
	72	: good
	73	else
	74	echo >&2 "$tripe needs the Linux UNET driver to run."
	75	exit 1
	76	fi
	77	if test -c /dev/unet; then
	78	: good
	79	else
	80	echo >&2 "$tripe needs /dev/unet, which is missing."
	81	exit 1
	82	fi
ef4a1ab7	83	;;
4ce4c726 MW	84
	85	## BSD tun.
	86	bsd,*BSD)
	87	## Don't know how to check the device is working. Check the device file
	88	## exists and hope for the best.
	89	if test -c /dev/tun0; then
	90	: good
	91	else
	92	echo >&2 "$tripe needs /dev/tun0, which is missing."
	93	exit 1
	94	fi
ef4a1ab7	95	;;
4ce4c726 MW	96
	97	## SLIP.
	98	slip,*)
b9066fbb	99	if test "$TRIPE_SLIPIF" = ""; then
	100	echo >&2 "$tripe needs SLIP interfaces set up!"
	101	exit 1
	102	fi
	103	;;
4ce4c726 MW	104
	105	## Various kinds of misconfiguration.
	106	linux,* \| unet,*)
	107	echo >&2 "CONFIGURATION ERROR"
	108	echo >&2 " $tripe is compiled to use a Linux tunnel device, but"
	109	echo >&2 " this system is `uname -s`"
	110	exit 1
	111	;;
	112	bsd,*)
	113	echo >&2 "CONFIGURATION ERROR"
	114	echo >&2 " $tripe is compiled to use a BSD tunnel device, but"
	115	echo >&2 " this system is `uname -s`"
	116	exit 1
	117	;;
ef4a1ab7	118	esac
e04c2d50	119
4ce4c726 MW	120	###--------------------------------------------------------------------------
4ce4c726 MW	121	### Do what was wanted.
0fa31a96	122
0fa31a96	123	case "$1" in
4ce4c726	124
0fa31a96	125	start)
0fa31a96	126	echo -n "Starting TrIPE VPN daemon:"
4ce4c726 MW	127
	128	## Check to see whether the daemon is already going. If it can respond
	129	## to a simple request, we'll assume that it is.
3cdc3f3a	130	if $tripectl version >/dev/null 2>/dev/null; then
0fa31a96	131	echo " already running"
	132	exit 0
	133	fi
4ce4c726 MW	134
4ce4c726 MW	135	## Start the server, passing lots of arguments.
ae8928d2 MW	136	logopt=
	137	case ${syslogp-nil} in nil) ;; *) logopt="$logopt -l" ;; esac
	138	case ${logfile+t},${syslogp-nil} in
	139	t,*) logopt="$logopt -f$logfile" ;;
	140	,nil) logopt="$logopt -f@logfile@" ;;
	141	esac
ef4a1ab7	142	$tripectl -D -s -p$tripe \
3cdc3f3a	143	-P$pidfile \
ae8928d2	144	$logopt \
85b239ad MW	145	${keytag+-S-t$keytag} \
	146	${addr+-S-b$addr} ${port+-S-p$port} \
	147	${user+-U$user} ${group+-G$group} \
	148	${sockmode+-S-m$sockmode} \
	149	${trace+-S-T$trace} \
	150	${tunnel+-S-n$tunnel} \
	151	$miscopts
4ce4c726 MW	152
4ce4c726 MW	153	## Wait for the server to start up. This doesn't usually take long.
0fa31a96	154	for i in 1 2 3 4 give-up; do
	155	$tripectl help >/dev/null 2>/dev/null && break
	156	sleep 1
	157	done
4ce4c726	158
0fa31a96	159	if [ $i = give-up ]; then
	160	echo " wouldn't start"
	161	exit 1
	162	fi
4ce4c726	163
0fa31a96	164	echo -n " tripe"
4ce4c726 MW	165
4ce4c726 MW	166	## Start up the ancillary services.
a62f8e8a MW	167	sep=" services [" end=""
	168	[ -d $TRIPEDIR/services ] && for i in $TRIPEDIR/services/*; do
	169	[ -x $i ] \|\| continue
	170	name=`basename $i`
	171	case $name in ~\|\#) continue;; esac
	172	if $i --daemon --startup; then
	173	echo -n "$sep$name"
	174	else
a571143b	175	echo -n "$sep($name failed)"
a62f8e8a MW	176	fi
	177	sep=" " end="]"
	178	done
	179	echo -n "$end"
4ce4c726 MW	180
4ce4c726 MW	181	## Start up the statically configured peers.
a62f8e8a MW	182	sep=" peers [" end=""
a62f8e8a MW	183	[ -d $TRIPEDIR/peers ] && for i in $TRIPEDIR/peers/*; do
595935b7	184	[ -x $i ] \|\| continue
0fa31a96	185	name=`basename $i`
595935b7	186	case $name in ~\|\#) continue;; esac
e04c2d50	187	if $i; then
a62f8e8a	188	echo -n "$sep$name"
595935b7	189	else
a571143b	190	echo -n "$sep($name failed)"
595935b7	191	fi
a62f8e8a	192	sep=" " end="]"
0fa31a96	193	done
4ce4c726 MW	194
4ce4c726 MW	195	## Happy.
a62f8e8a	196	echo "$end done"
0fa31a96	197	;;
4ce4c726	198
0fa31a96	199	stop)
0fa31a96	200	echo -n "Stopping TrIPE VPN daemon:"
4ce4c726 MW	201
4ce4c726 MW	202	## If there's no socket, it must have quit (probably nonviolently).
6c3803c4	203	if (cd $TRIPEDIR && test ! -S $TRIPESOCK); then
3cdc3f3a	204	echo " not running"
4ce4c726 MW	205
4ce4c726 MW	206	## Ask it to die nicely.
3cdc3f3a	207	elif $tripectl quit >/dev/null 2>&1; then
3cdc3f3a	208	echo " done"
4ce4c726 MW	209
4ce4c726 MW	210	## If there's no pidfile then tripectl presumably deleted it.
3cdc3f3a	211	elif test ! -f $pidfile; then
3cdc3f3a	212	echo " stale socket found: removing"
797cf76b	213	rm -f $TRIPESOCK
4ce4c726 MW	214
4ce4c726 MW	215	## Otherwise kill the process unpleasantly.
3cdc3f3a	216	elif kill `cat $pidfile`; then
	217	echo " done (killed violently)"
	218	else
819018a9	219	echo " it doesn't want to die!"
3cdc3f3a	220	exit 1
3cdc3f3a	221	fi
0fa31a96	222	;;
4ce4c726	223
ef4a1ab7	224	status)
	225	for i in `$tripectl list`; do
	226	echo "Peer \`$i':"
	227	$tripectl stats $i \| sed 's/^/ /'
	228	done
	229	;;
4ce4c726	230
de014da6	231	reload)
	232	$tripectl reload
	233	echo "Keyrings reloaded OK."
	234	;;
4ce4c726	235
0fa31a96	236	restart \| force-reload)
	237	sh $0 stop
	238	sh $0 start
	239	;;
4ce4c726	240
0fa31a96	241	*)
de014da6	242	echo >&2 "usage: $0 start\|stop\|restart\|status\|reload\|force-reload"
0fa31a96	243	exit 1
0fa31a96	244	;;
4ce4c726	245
0fa31a96	246	esac
4ce4c726 MW	247
4ce4c726 MW	248	###----- That's all, folks --------------------------------------------------