#!@l_prefix@/bin/openpkg rc
##
##  rc.openvpn -- Run-Commands
##

%config
    openvpn_enable="$openpkg_rc_def"
    openvpn_log_prolog="true"
    openvpn_log_epilog="true"
    openvpn_log_numfiles="10"
    openvpn_log_minsize="1M"
    openvpn_log_complevel="9"

%common
    openvpn_etcdir="@l_prefix@/etc/openvpn"
    openvpn_vardir="@l_prefix@/var/openvpn"
    openvpn_signal () {
        [ -f $openvpn_vardir/$1.pid ] && kill -$2 `cat $openvpn_vardir/$1.pid`
    }

%status -u @l_susr@ -o
    openvpn_usable="unknown"
    openvpn_active="yes"
    if rcService openvpn enable yes; then
        for cfgfile in $openvpn_etcdir/*.conf; do
            [ ".`grep '^disable' $cfgfile`" != . ] && continue
            name=`echo "$cfgfile" | sed -e 's;^.*/\([^/]*\)\.conf;\1;'`
            openvpn_signal $name 0
            if [ $? -ne 0 ]; then
                openvpn_active="no"
                break
            fi
        done
    fi
    echo "openvpn_enable=\"$openvpn_enable\""
    echo "openvpn_usable=\"$openvpn_usable\""
    echo "openvpn_active=\"$openvpn_active\""

%start -p 200 -u @l_susr@
    rcService openvpn enable yes || exit 0
    rcService openvpn active yes && exit 0
    if [ -f $openvpn_etcdir/openvpn.sh ]; then
        sh $openvpn_etcdir/openvpn.sh start || exit $?
    fi
    for cfgfile in $openvpn_etcdir/*.conf; do
        [ ".`grep '^disable' $cfgfile`" != . ] && continue
        name=`echo "$cfgfile" | sed -e 's;^.*/\([^/]*\)\.conf;\1;'`
        if [ -f $openvpn_etcdir/$name.sh -a ".$name" != .openvpn ]; then
            sh $openvpn_etcdir/$name.sh start || exit $?
        fi
        @l_prefix@/sbin/openvpn \
            --daemon "$name" \
            --log-append $openvpn_vardir/$name.log \
            --writepid $openvpn_vardir/$name.pid \
            --status $openvpn_vardir/$name.status 60 \
            --config $cfgfile \
            --cd $openvpn_etcdir || exit $?
    done

%stop -p 800 -u @l_susr@
    rcService openvpn enable yes || exit 0
    rcService openvpn active no && exit 0
    for cfgfile in $openvpn_etcdir/*.conf; do
        [ ".`grep '^disable' $cfgfile`" != . ] && continue
        name=`echo "$cfgfile" | sed -e 's;^.*/\([^/]*\)\.conf;\1;'`
        openvpn_signal $name TERM
    done
    sleep 1
    for cfgfile in $openvpn_etcdir/*.conf; do
        [ ".`grep '^disable' $cfgfile`" != . ] && continue
        name=`echo "$cfgfile" | sed -e 's;^.*/\([^/]*\)\.conf;\1;'`
        if [ -f $openvpn_etcdir/$name.sh -a ".$name" != .openvpn ]; then
            sh $openvpn_etcdir/$name.sh stop || true
        fi
    done
    if [ -f $openvpn_etcdir/openvpn.sh ]; then
        sh $openvpn_etcdir/openvpn.sh stop || true
    fi
    rm -f $openvpn_vardir/*.pid 2>/dev/null || true

%restart -u @l_susr@
    rcService openvpn enable yes || exit 0
    rcService openvpn active no && exit 0
    rc openvpn stop start

%reload -u @l_susr@
    rcService openvpn enable yes || exit 0
    rcService openvpn active no && exit 0
    for cfgfile in $openvpn_etcdir/*.conf; do
        [ ".`grep '^disable' $cfgfile`" != . ] && continue
        name=`echo "$cfgfile" | sed -e 's;^.*/\([^/]*\)\.conf;\1;'`
        openvpn_signal $name USR1
        if [ -f $openvpn_etcdir/$name.sh ]; then
            sh $openvpn_etcdir/$name.sh reload || true
        fi
    done

%daily -u @l_susr@
    rcService openvpn enable yes || exit 0
    for cfgfile in $openvpn_etcdir/*.conf; do
        [ ".`grep '^disable' $cfgfile`" != . ] && continue
        name=`echo "$cfgfile" | sed -e 's;^.*/\([^/]*\)\.conf;\1;'`
        shtool rotate -f \
            -n ${openvpn_log_numfiles} -s ${openvpn_log_minsize} -d \
            -z ${openvpn_log_complevel} -o @l_rusr@ -g @l_rgrp@ -m 644 \
            -P "${openvpn_log_prolog}" \
            -E "${openvpn_log_epilog}; rc openvpn reload" \
            $openvpn_vardir/$name.log
    done