#!/bin/sh
#
# openvpn	Start/stop the VPN daemon.
#
# chkconfig:	2345 11 89
#
# description:	OpenVPN is a robust and highly configurable VPN (Virtual \
#		Private Network) daemon
#

# Get service config
[ -f /etc/sysconfig/openvpn ] && . /etc/sysconfig/openvpn

[ -n "$2" ] && TUNNELS="$2"

# no tunnels. exit silently
if [ -z "$TUNNELS" ]; then
   	case "$1" in
	start|stop|restart|reload|force-reload)
		exit 0
		;;
	esac
fi

# Source function library
. /etc/rc.d/init.d/functions

# Source networking configuration.
. /etc/sysconfig/network

# Check that networking is up.
if is_yes "${NETWORKING}"; then
	if [ ! -f /var/lock/subsys/network -a "$1" != stop -a "$1" != status ]; then
		msg_network_down OpenVPN
		exit 1
	fi
else
	exit 0
fi

# check if the tunnel $1 is up
tunlup() {
	local tun="$1"
	local pidfile=/var/run/openvpn/$tun.pid
	local pid=$(cat $pidfile 2>/dev/null)
	kill -0 $pid 2>/dev/null
	return $?
}

# check if all the configured tunnels are up
tunlsup() {
	ret=0
	for tun in $TUNNELS; do
		tunlup $tun && continue
		ret=1
	done
	return $ret
}

start() {
	# Check if the service is already running?
	if ! tunlsup; then
		msg_starting "OpenVPN"; started
		for tun in $TUNNELS; do
			config="/etc/openvpn/$tun.conf"
			if [ ! -f "$config" ]; then
				nls "Invalid tunnel \`%s': missing config: %s" $tun "$config"
				fail
				RET=1
			else
				show "Starting OpenVPN tunnel %s" "$tun"
				if tunlup $tun; then
					started
					continue
				fi

				daemon --pidfile /var/run/openvpn/$tun.pid /usr/sbin/openvpn --daemon --writepid /var/run/openvpn/$tun.pid \
					--config $config --cd /etc/openvpn ${OPENVPN_OPT}
				RET=$?
			fi
			[ $RETVAL -eq 0 ] && RETVAL=$RET
		done
		[ $RETVAL -eq 0 ] && touch /var/lock/subsys/openvpn
	else
		msg_already_running "OpenVPN"
	fi
}

stop() {
	if tunlsup; then
		# Stop daemons.
		msg_stopping "OpenVPN"; started
		for tun in $TUNNELS; do
			pidfile=/var/run/openvpn/$tun.pid
			[ -f "$pidfile" ] || continue
			pid=`cat "$pidfile"`
			show "Stopping OpenVPN tunnel %s" "$tun"; busy
			killproc --pidfile openvpn/$tun.pid || err=1
		done
		rm -f /var/lock/subsys/openvpn >/dev/null 2>&1
	else
		msg_not_running "OpenVPN"
	fi
}

RETVAL=0
# See how we were called.
case "$1" in
  start)
  	start
	;;
  stop)
  	stop
	;;
  reload|force-reload)
	if tunlsup; then
		msg_reloading "OpenVPN"; started
		for tun in $TUNNELS; do
			show "Reloading OpenVPN tunnel %s" "$tun"
			killproc --pidfile openvpn/$tun.pid openvpn -HUP
			[ $? -ne 0 -a $RETVAL -eq 0 ] && RETVAL=7
		done
	else
		msg_not_running OpenVPN
		exit 7
	fi
	;;
  restart)
	stop
	sleep 1
	start
	exit $?
	;;
  status)
	nls "Configured tunnels:"
   	echo " $TUNNELS"
	nls "Currently active tunnels:"
	for pidfile in /var/run/openvpn/*.pid; do
		[ -f "$pidfile" ] || continue
		tun=${pidfile#/var/run/openvpn/}
		tun=${tun%.pid}
		tunlup $tun && echo -n " $tun($(cat $pidfile))"
	done
	echo ""
	tunlsup
	exit $?
	;;
  *)
	msg_usage "$0 {start|stop|restart|reload|force-reload|status}"
	exit 3
	;;
esac

exit $RETVAL
