#!/bin/sh
#
# openvpn	Start/stop the VPN daemon.
#
# chkconfig:	2345 11 89
#
# description:	OpenVPN is a robust and highly configurable VPN (Virtual \
#		Private Network) daemon
#

# Get service config
[ -f /etc/sysconfig/openvpn ] && . /etc/sysconfig/openvpn

[ -n "$2" ] && TUNNELS="$2"

# no tunnels. exit silently
if [ -z "$TUNNELS" ]; then
   	case "$1" in
	start|stop|restart|reload|force-reload)
		exit 0
		;;
	esac
fi

# Source function library
. /etc/rc.d/init.d/functions

# Source networking configuration.
. /etc/sysconfig/network

# check if the tunnel $1 is up
tunlup() {
	local tun="$1"
	local pidfile=/var/run/openvpn/$tun.pid
	local pid=$(cat $pidfile 2>/dev/null)
	kill -0 $pid 2>/dev/null
	return $?
}

# check if all the configured tunnels are up
tunlsup() {
	ret=0
	for tun in $TUNNELS; do
		tunlup $tun && continue
		ret=1
	done
	return $ret
}

start() {
	msg_starting "OpenVPN"; started
	for tun in $TUNNELS; do
		config="/etc/openvpn/$tun.conf"
		if [ ! -f "$config" ]; then
			nls "Invalid tunnel \`%s': missing config: %s" $tun "$config"
			fail
			RET=1
		else
			tunlup $tun && continue
			show "Starting OpenVPN tunnel %s" "$tun"; busy
			daemon --pidfile /var/run/openvpn/$tun.pid /usr/sbin/openvpn --daemon --writepid /var/run/openvpn/$tun.pid \
				--config $config --cd /etc/openvpn ${OPENVPN_OPT}
			RET=$?
		fi
		[ $RETVAL -eq 0 ] && RETVAL=$RET
	done
	[ $RETVAL -eq 0 ] && touch /var/lock/subsys/openvpn
}

stop() {
	msg_stopping "OpenVPN"; started
	for tun in $TUNNELS; do
		pidfile=/var/run/openvpn/$tun.pid
		[ -f "$pidfile" ] || continue
		pid=`cat "$pidfile"`
		show "Stopping OpenVPN tunnel %s" "$tun"; busy
		killproc --pidfile openvpn/$tun.pid || err=1
		rm -f $pidfile
	done
	rm -f /var/lock/subsys/openvpn >/dev/null 2>&1
}

reload() {
	if ! tunlsup; then
		msg_not_running "OpenVPN"
		RETVAL=7
		return
	fi

	msg_reloading "OpenVPN"; started
	for tun in $TUNNELS; do
		show "Reloading OpenVPN tunnel %s" "$tun"
		killproc --pidfile openvpn/$tun.pid openvpn -HUP
		[ $? -ne 0 -a $RETVAL -eq 0 ] && RETVAL=7
	done
}

status() {
	nls "Configured tunnels:"
   	echo " $TUNNELS"
	nls "Currently active tunnels:"
	for pidfile in /var/run/openvpn/*.pid; do
		[ -f "$pidfile" ] || continue
		tun=${pidfile#/var/run/openvpn/}
		tun=${tun%.pid}
		tunlup $tun && echo -n " $tun($(cat $pidfile))"
	done
	echo ""
	nm_ovpn_pid=$(ps -o pid= -C nm-openvpn-service | xargs)
	if [ "$nm_ovpn_pid" ]; then
		nls "NM ($nm_ovpn_pid) managed OpenVPN sessions"
		ps -o pid,user,command --ppid=$nm_ovpn_pid
	fi
	tunlsup
	RETVAL=$?
}

RETVAL=0
# See how we were called.
case "$1" in
  start)
	start
	;;
  stop)
	stop
	;;
  reload|force-reload)
	reload
	;;
  restart)
	stop
	sleep 1
	start
	;;
  status)
	status
	;;
  *)
	msg_usage "$0 {start|stop|restart|reload|force-reload|status}"
	exit 3
	;;
esac

exit $RETVAL