support multiple OpenVPN daemons (in case one needs a multi-connection client-setup) and fix default config to really allow out-of-the-box startup

openvpn/openvpn.conf

@@ -6,11 +6,11 @@
 dev tun
 
 #   the remote peer
-remote 10.1.0.2
+remote 192.168.0.1
 
-#   10.1.0.1 is the local  VPN endpoint
-#   10.1.0.2 is the remote VPN endpoint
-ifconfig 10.1.0.1 10.1.0.2
+#   10.0.0.1 is the local  VPN endpoint
+#   10.0.0.2 is the remote VPN endpoint
+ifconfig 10.0.0.1 10.0.0.2
 
 #   the pre-shared static key
 secret openvpn.key

openvpn/openvpn.spec

@@ -37,7 +37,7 @@ Class:        EVAL
 Group:        Network
 License:      GPL
 Version:      %{V_opkg}
-Release:      20050502
+Release:      20050508
 
 #   package options
 %option       with_fsl  yes

openvpn/rc.openvpn

@@ -12,20 +12,25 @@
     openvpn_log_complevel="9"
 
 %common
-    openvpn_cfgdir="@l_prefix@/etc/openvpn"
-    openvpn_cfgfile="@l_prefix@/etc/openvpn/openvpn.conf"
-    openvpn_pidfile="@l_prefix@/var/openvpn/openvpn.pid"
-    openvpn_logfile="@l_prefix@/var/openvpn/openvpn.log"
-    openvpn_statusfile="@l_prefix@/var/openvpn/openvpn.status"
+    openvpn_etcdir="@l_prefix@/etc/openvpn"
+    openvpn_vardir="@l_prefix@/var/openvpn"
     openvpn_signal () {
-        [ -f $openvpn_pidfile ] && kill -$1 `cat $openvpn_pidfile`
+        [ -f $openvpn_vardir/$1.pid ] && kill -$2 `cat $openvpn_vardir/$1.pid`
     }
 
 %status -u @l_susr@ -o
     openvpn_usable="unknown"
-    openvpn_active="no"
-    rcService openvpn enable yes && \
-        openvpn_signal 0 && openvpn_active="yes"
+    openvpn_active="yes"
+    if rcService openvpn enable yes; then
+        for cfgfile in $openvpn_etcdir/*.conf; do
+            name=`echo "$cfgfile" | sed -e 's;^.*/\([^/]*\)\.conf;\1;'`
+            openvpn_signal $name 0
+            if [ $? -ne 0 ]; then
+                openvpn_active="no"
+                break
+            fi
+        done
+    fi
     echo "openvpn_enable=\"$openvpn_enable\""
     echo "openvpn_usable=\"$openvpn_usable\""
     echo "openvpn_active=\"$openvpn_active\""
@@ -33,20 +38,26 @@
 %start -u @l_susr@
     rcService openvpn enable yes || exit 0
     rcService openvpn active yes && exit 0
-    @l_prefix@/sbin/openvpn \
-        --daemon \
-        --writepid $openvpn_pidfile \
-        --status $openvpn_statusfile 60 \
-        --log-append $openvpn_logfile \
-        --config $openvpn_cfgfile \
-        --cd $openvpn_cfgdir
+    for cfgfile in $openvpn_etcdir/*.conf; do
+        name=`echo "$cfgfile" | sed -e 's;^.*/\([^/]*\)\.conf;\1;'`
+        @l_prefix@/sbin/openvpn \
+            --daemon \
+            --writepid $openvpn_vardir/$name.pid \
+            --status $openvpn_vardir/$name.status 60 \
+            --log-append $openvpn_vardir/$name.log \
+            --config $cfgfile \
+            --cd $openvpn_etcdir
+    done
 
 %stop -u @l_susr@
     rcService openvpn enable yes || exit 0
     rcService openvpn active no && exit 0
-    openvpn_signal TERM
+    for cfgfile in $openvpn_etcdir/*.conf; do
+        name=`echo "$cfgfile" | sed -e 's;^.*/\([^/]*\)\.conf;\1;'`
+        openvpn_signal $name TERM
+    done
     sleep 2
-    rm -f $openvpn_pidfile 2>/dev/null || true
+    rm -f $openvpn_vardir/*.pid 2>/dev/null || true
 
 %restart -u @l_susr@
     rcService openvpn enable yes || exit 0
@@ -55,10 +66,13 @@
 
 %daily -u @l_susr@
     rcService openvpn enable yes || exit 0
-    shtool rotate -f \
-        -n ${openvpn_log_numfiles} -s ${openvpn_log_minsize} -d \
-        -z ${openvpn_log_complevel} -o @l_rusr@ -g @l_rgrp@ -m 644 \
-        -P "${openvpn_log_prolog}" \
-        -E "${openvpn_log_epilog}" \
-        $openvpn_logfile
+    for cfgfile in $openvpn_etcdir/*.conf; do
+        name=`echo "$cfgfile" | sed -e 's;^.*/\([^/]*\)\.conf;\1;'`
+        shtool rotate -f \
+            -n ${openvpn_log_numfiles} -s ${openvpn_log_minsize} -d \
+            -z ${openvpn_log_complevel} -o @l_rusr@ -g @l_rgrp@ -m 644 \
+            -P "${openvpn_log_prolog}" \
+            -E "${openvpn_log_epilog}" \
+            $openvpn_vardir/$name.log
+    done