Documentation restructuring: provide a useful overview.

[tripe] / init / tripe-init.in

#! /bin/sh
###
### tripe init script
###   suitable for direct use in most SysV-style inits

### BEGIN INIT INFO
# Provides:          tripe
# Required-Start:    $local_fs $remote_fs $named $network
# Required-Stop:     $local_fs $remote_fs $network
# Default-Start:     2 3 4 5
# Default-Stop:      0 1 6
# Short-Description: tripe Virtual Private Network server
### END INIT INFO

set -e

###--------------------------------------------------------------------------
### Configuration.

[ -f @initconfig@ ] && . @initconfig@

: ${prefix=@prefix@} ${exec_prefix=@exec_prefix@}
: ${bindir=@bindir@} ${sbindir=@sbindir@}
: ${TRIPEDIR=@configdir@} ${TRIPESOCK=@socketdir@/tripesock}
: ${pidfile=@pidfile@}
: ${tripe=$sbindir/tripe} ${tripectl=$bindir/tripectl}

PATH=/usr/bin:/usr/sbin:/bin:/sbin:$bindir
export PATH TRIPEDIR TRIPESOCK TRIPE_SLIPIF

###--------------------------------------------------------------------------
### Pre-flight checks.

## Give up if there's no binary.
if test ! -x "$tripe" || test ! -x "$tripectl"; then
  echo >&2 "Not starting/stopping TrIPE: binary files missing"
  exit 0
fi

## Give up if there's no key.
if test ! -f "$TRIPEDIR/keyring" || test ! -f "$TRIPEDIR/keyring.pub"; then
  echo >&2 "Not starting/stopping TrIPE: keyring files missing"
  exit 0
fi

## Check it will work, or at least stands a fighting chance.
##
## (Having loads of different tunnel types doesn't help any.)
case ${tunnel-`$tripe --tunnels | head -1`},`uname -s` in

  ## Linux TUN/TAP.
  linux,Linux)
    if { test -f /proc/misc && grep -q tun /proc/misc; } ||
       modprobe -q tun; then
      : good
    else
      echo >&2 "$tripe needs the Linux TUN/TAP driver to run."
      exit 1
    fi
    if test -c /dev/net/tun; then
      : good
    else
      echo >&2 "$tripe needs /dev/net/tun, which is missing."
      exit 1
    fi
    ;;

  ## Linux Unet (obsolete).
  unet,Linux)
    if { test -f /proc/devices && grep -q unet /proc/devices; } ||
       modprobe -q unet; then
      : good
    else
      echo >&2 "$tripe needs the Linux UNET driver to run."
      exit 1
    fi
    if test -c /dev/unet; then
      : good
    else
      echo >&2 "$tripe needs /dev/unet, which is missing."
      exit 1
    fi
    ;;

  ## BSD tun.
  bsd,*BSD)
    ## Don't know how to check the device is working.  Check the device file
    ## exists and hope for the best.
    if test -c /dev/tun0; then
      : good
    else
      echo >&2 "$tripe needs /dev/tun0, which is missing."
      exit 1
    fi
    ;;

  ## SLIP.
  slip,*)
    if test "$TRIPE_SLIPIF" = ""; then
      echo >&2 "$tripe needs SLIP interfaces set up!"
      exit 1
    fi
    ;;

  ## Various kinds of misconfiguration.
  linux,* | unet,*)
    echo >&2 "CONFIGURATION ERROR"
    echo >&2 "  $tripe is compiled to use a Linux tunnel device, but"
    echo >&2 "  this system is `uname -s`"
    exit 1
    ;;
  bsd,*)
    echo >&2 "CONFIGURATION ERROR"
    echo >&2 "  $tripe is compiled to use a BSD tunnel device, but"
    echo >&2 "  this system is `uname -s`"
    exit 1
    ;;
esac

###--------------------------------------------------------------------------
### Do what was wanted.

case "$1" in

  start)
    echo -n "Starting TrIPE VPN daemon:"

    ## Check to see whether the daemon is already going.  If it can respond
    ## to a simple request, we'll assume that it is.
    if $tripectl version >/dev/null 2>/dev/null; then
      echo " already running"
      exit 0
    fi

    ## Start the server, passing lots of arguments.
    $tripectl -D -s -p$tripe \
      -f${logfile-@logfile@} \
      -P$pidfile \
      ${keytag+-S-t}$keytag \
      ${addr+-S-b}$addr \
      ${port+-S-p}${port} \
      ${user+-U}${user} \
      ${group+-G}${group} \
      ${trace+-S-T}${trace} \
      ${tunnel+-S-n}${tunnel} \
      ${miscopts}

    ## Wait for the server to start up.  This doesn't usually take long.
    for i in 1 2 3 4 give-up; do
      $tripectl help >/dev/null 2>/dev/null && break
      sleep 1
    done

    if [ $i = give-up ]; then
      echo " wouldn't start"
      exit 1
    fi

    echo -n " tripe"

    ## Start up the ancillary services.
    sep=" services [" end=""
    [ -d $TRIPEDIR/services ] && for i in $TRIPEDIR/services/*; do
      [ -x $i ] || continue
      name=`basename $i`
      case $name in *~|\#*) continue;; esac
      if $i --daemon --startup; then
        echo -n "$sep$name"
      else
        echo -n "$sep($name failed)"
      fi
      sep=" " end="]"
    done
    echo -n "$end"

    ## Start up the statically configured peers.
    sep=" peers [" end=""
    [ -d $TRIPEDIR/peers ] && for i in $TRIPEDIR/peers/*; do
      [ -x $i ] || continue
      name=`basename $i`
      case $name in *~|\#*) continue;; esac
      if $i; then
        echo -n "$sep$name"
      else
        echo -n "$sep($name failed)"
      fi
      sep=" " end="]"
    done

    ## Happy.
    echo "$end done"
    ;;

  stop)
    echo -n "Stopping TrIPE VPN daemon:"

    ## If there's no socket, it must have quit (probably nonviolently).
    if test ! -S $TRIPESOCK; then
      echo " not running"

    ## Ask it to die nicely.
    elif $tripectl quit >/dev/null 2>&1; then
      echo " done"

    ## If there's no pidfile then tripectl presumably deleted it.
    elif test ! -f $pidfile; then
      echo " stale socket found: removing"
      rm -f $TRIPESOCK

    ## Otherwise kill the process unpleasantly.
    elif kill `cat $pidfile`; then
      echo " done (killed violently)"
    else
      echo " it doesn't want to die!"
      exit 1
    fi
    ;;

  status)
    for i in `$tripectl list`; do
      echo "Peer \`$i':"
      $tripectl stats $i | sed 's/^/  /'
    done
    ;;

  reload)
    $tripectl reload
    echo "Keyrings reloaded OK."
    ;;

  restart | force-reload)
    sh $0 stop
    sh $0 start
    ;;

  *)
    echo >&2 "usage: $0 start|stop|restart|status|reload|force-reload"
    exit 1
    ;;

esac

###----- That's all, folks --------------------------------------------------