~mdw / hippotat / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
initscript: check firewall
[hippotat] / debian / hippotat.init
1 #!/bin/sh
2
3 ### BEGIN INIT INFO
4 # Provides: hippotatd
5 # Required-Start: $syslog $network userv
6 # Required-Stop: $syslog $network
7 # Default-Start: 2 3 4 5
8 # Default-Stop: 0 1 6
9 # Short-Description: hippotatd
10 # Description: Asinine IP over HTTP server
11 ### END INIT INFO
12
13 DAEMON=/usr/sbin/hippotat
14 MASTER_CONFIG=/etc/hippotat/master.cfg
15 USER=Debian-hippotat
16 PIDFILE=/var/run/hippotat/hippotatd.pid
17 LOGFACILITY=daemon
18 CHECK_FIREWALL=true
19 # HIPPOTATD_ARGS
20 AS_USER=as_user_userv
21 DESCRIPTION='Asinine IP over HTTP server'
22 if type -p authbind >/dev/null 2>&1; then AUTHBIND=authbind; fi
23
24 . /etc/default/hippotatd
25
26 test -f $DAEMON || exit 0
27 egrep '^[^ #]' $MASTER_CONFIG >/dev/null 2>&1 || exit 0
28
29 . /lib/lsb/init-functions
30
31 as_user_userv () {
32 userv --override '
33 execute-from-path
34 no-suppress-args
35 ' $USER "$@"
36 }
37
38 ssd () {
39 set +e
40 start-stop-daemon --start --quiet --user $USER --pidfile=$PIDFILE "$@"
41 rc=$?
42 set -e
43 }
44 ensure_dirs () {
45 pidfiledir=${PIDFILE%/*}
46 if test -d ${pidfiledir}; then return; fi
47 mkdir -m 755 $pidfiledir
48 chown $USER $pidfiledir
49 }
50
51 dump_firewall () {
52 iptables -L -v -n
53 }
54
55 print_config () {
56 $AS_USER $DAEMON $HIPPOTATD_ARGS --print-config "$1"
57 }
58
59 check_firewall () {
60 vnetwork=$(print_config vnetwork)
61 if dump_firewall | fgrep " $vnetwork " >/dev/null; then :; else
62 log_failure_msg \
63 "no entry in firewall for insecure vnetwork $vnetwork"
64 exit 1
65 fi
66 }
67
68 do_start () {
69 check_firewall
70 ensure_dirs
71 ssd --chuid $USER --startas \
72 $AUTHBIND $DAEMON --daemon --pidfile=$PIDFILE \
73 --syslog-facility=$LOGFACILITY $HIPPOTATD_ARGS
74 }
75 do_stop () {
76 ssd --stop --retry 5
77 }
78
79 case "$1" in
80 start)
81 log_daemon_msg "Starting $DESCRIPTION" hippotatd
82 do_start
83 log_end_msg $rc
84 ;;
85
86 stop)
87 log_daemon_msg "Stopping $DESCRIPTION" hippotatd
88 do_stop
89 log_end_msg $rc
90 ;;
91
92 restart|force-reload)
93 log_daemon_msg "Restarting $DESCRIPTION" hippotatd
94 do_stop
95 sleep 1
96 do_start
97 log_end_msg $rc
98 ;;
99
100 reload)
101 log_failure_msg "Cannot reload hippotat - need restart"
102 exit 1
103 ;;
104
105 *)
106 echo >&2 "$0: unknown action $1"
107 exit 1
108 ;;
109
110 esac
111
112 exit 0
Local modifications for Ian Jackson's `Asinine IP Over HTTP' proxy: https://www.chiark.greenend.org.uk/ucgi/~ian/git/hippotat.git/