[PATCH v2] Make vpn-select modular
Robert Langhammer
rlanghammer at web.de
Mo Okt 19 23:53:54 CEST 2020
vpn-select is an old relic and did not reflect the opportunities of our hoodfile.
This rewrite makes vpn-select modular to easely add new vpn-protocols.
The stuff dependent on the vpn-protocol is outsourced to files in /etc/vpn-select.d and comes in with the respective vpn package.
vpn-stop is removed to use the protocol independent start/stop mechanism of vpn-select. Instead, a symlink is used.
Signed-off-by: Robert Langhammer <rlanghammer at web.de>
---
Changes in v2:
- add a symlink vpn-stop -> vpn-select. No changes in configurehood needed.
- use json_get_keys instead of index.
- use ls instead of fileglob.
---
.../fff-fastd/files/etc/vpn-select.d/fastd | 35 +++++++++
.../fff-vpn-select/files/usr/sbin/vpn-select | 77 +++++++------------
.../fff-vpn-select/files/usr/sbin/vpn-stop | 6 +-
3 files changed, 63 insertions(+), 55 deletions(-)
create mode 100644 src/packages/fff/fff-fastd/files/etc/vpn-select.d/fastd
mode change 100755 => 120000 src/packages/fff/fff-vpn-select/files/usr/sbin/vpn-stop
diff --git a/src/packages/fff/fff-fastd/files/etc/vpn-select.d/fastd b/src/packages/fff/fff-fastd/files/etc/vpn-select.d/fastd
new file mode 100644
index 0000000..bd73761
--- /dev/null
+++ b/src/packages/fff/fff-fastd/files/etc/vpn-select.d/fastd
@@ -0,0 +1,35 @@
+protocol=fastd
+
+fastd_clear() {
+ rm /tmp/fastd_fff_peers/*
+}
+
+fastd_addpeer() {
+ [ -d /tmp/fastd_fff_peers ] || mkdir /tmp/fastd_fff_peers
+
+ # write fastd-config
+ json_get_var servername name
+ filename="/etc/fastd/fff/peers/$servername"
+ echo "#name \"${servername}\";" > "$filename"
+ json_get_var key key
+ echo "key \"${key}\";" >> "$filename"
+ json_get_var address address
+ json_get_var port port
+ echo "remote \"${address}\" port ${port};" >> "$filename"
+ echo "" >> "$filename"
+ echo "float yes;" >> "$filename"
+}
+
+fastd_start_stop() {
+ /etc/init.d/fastd reload # does nothing if fastd was not running
+
+ # fastd start/stop for various situations
+ # this is needed for first start and if fastd comes up or disappears in hoodfile
+ pidfile="/tmp/run/fastd.fff.pid"
+ if [ "$(ls /etc/fastd/fff/peers/* 2>/dev/null)" ]; then
+ ([ -s "$pidfile" ] && [ -d "/proc/$(cat "$pidfile")" ]) || /etc/init.d/fastd start
+ else
+ ([ -s "$pidfile" ] && [ -d "/proc/$(cat "$pidfile")" ]) && /etc/init.d/fastd stop
+ fi
+}
+
diff --git a/src/packages/fff/fff-vpn-select/files/usr/sbin/vpn-select b/src/packages/fff/fff-vpn-select/files/usr/sbin/vpn-select
index 30883f5..e6c7bb6 100755
--- a/src/packages/fff/fff-vpn-select/files/usr/sbin/vpn-select
+++ b/src/packages/fff/fff-vpn-select/files/usr/sbin/vpn-select
@@ -1,65 +1,42 @@
#!/bin/sh
-# Usage: vpn-select <path-to-hood-file>
+# Usage: vpn-select [<path-to-hood-file>]
+# An empty parameter shuts down all vpn.
+# To add a new protocol, put a file with three functions to /etc/vpn-select.d/ .
+# The file must start with protocol=name. It is most important to use the same name here and in hoodfile.
+# The old config can be cleared in function ${protocol}_clear() .
+# The function ${protocol}_addpeer() is called for every peer in hoodfile.
+# The function ${protocol}_start_stop() is called at the end once per installed protocol.
. /usr/share/libubox/jshn.sh
hoodfile="$1"
-make_config() {
- # remove old config
- rm /tmp/fastd_fff_peers/*
+for file in $([ -d /etc/vpn-select.d ] && ls /etc/vpn-select.d); do
+ . "$file"
+ supported_protocols="$supported_protocols $protocol"
+done
- # prepare
- Index=1
+# clear old config
+for protocol in $supported_protocols; do
+ "${protocol}_clear"
+done
+
+# configure vpn
+if [ -n "$hoodfile" ] && [ -s $hoodfile ] ; then
json_load "$(cat "$hoodfile")"
json_select vpn
-
- # get fastd peers
- while json_select "$Index" > /dev/null
- do
+ json_get_keys vpn_keys
+ for k in $vpn_keys; do
+ json_select $k
json_get_var protocol protocol
- if [ "$protocol" = "fastd" ]; then
- # set up fastd
- json_get_var servername name
- filename="/etc/fastd/fff/peers/$servername"
- echo "#name \"${servername}\";" > "$filename"
- json_get_var key key
- echo "key \"${key}\";" >> "$filename"
- json_get_var address address
- json_get_var port port
- echo "remote \"${address}\" port ${port};" >> "$filename"
- echo "" >> "$filename"
- echo "float yes;" >> "$filename"
- fi
+ "${protocol}_addpeer" || echo "protocol $protocol unknown"
json_select ".." # back to vpn
- Index=$(( Index + 1 ))
done
- json_select ".." # back to root
-}
+fi
-# Only do something if file is there and not empty; otherwise exit 1
-if [ -s "$hoodfile" ]; then
- if [ ! -d /tmp/fastd_fff_peers ]; then
- # first run after reboot
- mkdir /tmp/fastd_fff_peers
- make_config
- # start fastd only if there are some peers
- [ "$(ls /etc/fastd/fff/peers/* 2>/dev/null)" ] && /etc/init.d/fastd start
- else
- make_config
- /etc/init.d/fastd reload
+# start/restart/stop vpnservices
+for protocol in $supported_protocols; do
+ "${protocol}_start_stop"
+done
- # fastd start/stop for various situations
- pidfile="/tmp/run/fastd.fff.pid"
- if [ "$(ls /etc/fastd/fff/peers/* 2>/dev/null)" ]; then
- ([ -s "$pidfile" ] && [ -d "/proc/$(cat "$pidfile")" ]) || /etc/init.d/fastd start
- else
- ([ -s "$pidfile" ] && [ -d "/proc/$(cat "$pidfile")" ]) && /etc/init.d/fastd stop
- fi
- fi
- exit 0
-else
- echo "vpn-select: Hood file not found or empty!"
- exit 1
-fi
diff --git a/src/packages/fff/fff-vpn-select/files/usr/sbin/vpn-stop b/src/packages/fff/fff-vpn-select/files/usr/sbin/vpn-stop
deleted file mode 100755
index 03a160b..0000000
--- a/src/packages/fff/fff-vpn-select/files/usr/sbin/vpn-stop
+++ /dev/null
@@ -1,5 +0,0 @@
-#!/bin/sh
-
-rm /tmp/fastd_fff_peers/*
-/etc/init.d/fastd stop
-
diff --git a/src/packages/fff/fff-vpn-select/files/usr/sbin/vpn-stop b/src/packages/fff/fff-vpn-select/files/usr/sbin/vpn-stop
new file mode 120000
index 0000000..fd632e6
--- /dev/null
+++ b/src/packages/fff/fff-vpn-select/files/usr/sbin/vpn-stop
@@ -0,0 +1 @@
+vpn-select
\ No newline at end of file
--
2.20.1
Mehr Informationen über die Mailingliste franken-dev