#!/bin/sh /etc/rc.common
# Copyright (C) 2015 OpenWrt.org

START=60
USE_PROCD=1

BIN=xl2tpd
CONFIG=/var/etc/xl2tpd.conf
CHAP_SECRETS=/var/etc/chap-secrets
OPTIONS_XL2TPD=/var/etc/options.xl2tpd
RUN_D="/var/run/xl2tpd"
PID_F="/var/run/xl2tpd.pid"

validate_login_section() {
	uci_load_validate xl2tpd login "$1" "$2" \
		'enabled:bool' \
		'username:string' \
		'password:string' \
		'remoteip:string'
}

validate_xl2tpd_section() {
	uci_load_validate xl2tpd service "$1" "$2" \
		'enabled:bool' \
		'localip:string' \
		'remoteip_start:string' \
		'remoteip_end:string'
}

setup_login() {
	[ "$2" = 0 ] || {
		echo "validation failed"
		return 1
	}

	[ "$enabled" -eq 1 ] || return 0
	[ -n "$username" ] || return 0
	[ -n "$password" ] || return 0
	[ -n "$remoteip" ] || remoteip=*

	echo "$username l2tp-server $password $remoteip" >> $CHAP_SECRETS
}

setup_config() {
	[ "$2" = 0 ] || {
		echo "validation failed"
		return 1
	}

	mkdir -p /var/etc
	rm -rf $CONFIG
	cp /etc/xl2tpd/xl2tpd.conf $CONFIG
	cp /etc/ppp/options.xl2tpd $OPTIONS_XL2TPD

	[ "$enabled" -eq 1 ] || return 0
	echo "[lns l2tp-server]" >> $CONFIG
	[ -n "$localip" ] && echo "local ip = $localip" >> $CONFIG
	[ -n "$remoteip_start" ] && [ -n "$remoteip_end" ] && echo "ip range = $remoteip_start-$remoteip_end" >> $CONFIG
	echo "lac = 0.0.0.0-255.255.255.255" >> $CONFIG
	echo "require chap = yes" >> $CONFIG
	echo "require pap = yes" >> $CONFIG
	echo "refuse authentication = yes" >> $CONFIG
	echo "name = l2tp-server" >> $CONFIG
	echo "pppoptfile = $OPTIONS_XL2TPD" >> $CONFIG

	return 0
}

start_service() {
	config_load xl2tpd
	validate_xl2tpd_section xl2tpd setup_config || return
	sed -i '/l2tp-server/d' $CHAP_SECRETS
	config_foreach validate_login_section login setup_login

	ln -sfn $CHAP_SECRETS /etc/ppp/chap-secrets

	rm -rf "$RUN_D"
	mkdir -p "$RUN_D"
	procd_open_instance
	procd_set_param command $BIN -D -l -p "$PID_F" -c $CONFIG -s $CHAP_SECRETS
	procd_set_param respawn
	procd_close_instance
}

service_triggers () {
	procd_add_reload_trigger "xl2tpd"

	procd_open_validate
	validate_xl2tpd_section
	validate_login_section
	procd_close_validate
}

stop_service() {
	if [[ -e "$PID_F" ]]; then
		PID=$(cat "$PID_F")
		CHILDS=$(pgrep -P "$PID")
		kill "$PID"
		kill "$CHILDS"
		rm -rf "$RUN_D"
		rm -rf "$PID_F"
	fi
}

reload_service() {
	restart
}
