X-Original-To: alpine-devel@lists.alpinelinux.org Delivered-To: alpine-devel@lists.alpinelinux.org Received: from zimbra.netvantix.net (zimbra.netvantix.net [67.213.231.181]) by lists.alpinelinux.org (Postfix) with ESMTP id 1F0B71EBFEF for ; Mon, 13 Dec 2010 21:55:04 +0000 (UTC) Received: from localhost (localhost.localdomain [127.0.0.1]) by zimbra.netvantix.net (Postfix) with ESMTP id B3DC678C236 for ; Mon, 13 Dec 2010 14:55:03 -0700 (MST) X-Virus-Scanned: amavisd-new at zimbra.netvantix.net Received: from zimbra.netvantix.net ([127.0.0.1]) by localhost (zimbra.netvantix.net [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id M5mplMfRQU7K for ; Mon, 13 Dec 2010 14:54:58 -0700 (MST) Received: from zimbra.netvantix.net (zimbra.netvantix.net [67.213.231.181]) by zimbra.netvantix.net (Postfix) with ESMTP id ED3AB78C226 for ; Mon, 13 Dec 2010 14:54:58 -0700 (MST) Date: Mon, 13 Dec 2010 14:54:58 -0700 (MST) From: Steve Fink To: Alpine-Devel Message-ID: <3838688.4179.1292277298892.JavaMail.root@zimbra.netvantix.net> In-Reply-To: <20911472.4176.1292277293743.JavaMail.root@zimbra.netvantix.net> Subject: Re: [alpine-devel] OpenVPN Multiple Tunnels X-Mailinglist: alpine-devel Precedence: list List-Id: Alpine Development List-Unsubscribe: List-Post: List-Help: List-Subscribe: MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="----=_Part_4178_1461634.1292277298891" X-Originating-IP: [174.52.152.201] X-Mailer: Zimbra 6.0.3_GA_1915.RHEL4 (ZimbraWebClient - FF3.0 (Linux)/6.0.3_GA_1915.RHEL4) ------=_Part_4178_1461634.1292277298891 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit Everyone, I researched OpenRC and rewrote parts of an OpenVPN init script I found but I have not been able to find a simple way to pass a command line argument to the init script. So for phase one of my (hopefully improved) OpenVPN init script, it is able to parse the /etc/openvpn directory and locate and start an OpenVPN tunnel for every file named with a .conf also writing their .pid files to /var/run/openvpn. Then later parsing the .pid files and stopping all the OpenVPN tunnels that were started. So in effect being able to do a restart too. This script will hopefully help in keeping with both the documentation on the AlpineLinux wiki and the OpenVPN site for multiple tunnels. I am also hoping to expand this script to be able to start/stop/restart individual tunnels in the near future. Best, Steve #!/sbin/runscript # OpenVPN start/stop script # Adapted to Gentoo by James Yonan # Modified by Steve Fink for multiple .conf files # This script does the following: # # - Starts an OpenVPN process for each .conf file in /etc/openvpn # # - If /etc/openvpn/xxx.start exists for a xxx.conf file then it executes # it before starting OpenVPN (useful for doing openvpn --mktun...). # # - If /etc/openvpn/xxx.stop exists for a xxx.conf file then it executes # it after stopping OpenVPN (useful for doing openvpn --rmtun...). # # OpenRC options opts="start stop restart" # Default location of openvpn OPENVPN=/usr/sbin/openvpn # Default pid directory PIDDIR=/var/run/openvpn # Default conf directory CONFDIR=/etc/openvpn depend() { need net use dns } start() { ebegin "Starting OpenVPN" # Load the TUN/TAP module /sbin/modprobe tun >/dev/null 2>&1 if [ ! -d $PIDDIR ]; then mkdir $PIDDIR fi cd $CONFDIR # Start every .conf in $CONFDIR and run .start if available local errors=0 local successes=0 local retstatus=0 for c in `/bin/ls *.conf 2>/dev/null`; do bn=${c%%.conf} ebegin "Starting VPN: $bn" if [ -f "$bn.start" ]; then . $bn.start fi rm -f $PIDDIR/$bn.pid $OPENVPN --daemon openvpn-$bn --writepid $PIDDIR/$bn.pid --config $CONFDIR/$c --cd $CONFDIR result=$? if [ $result = 0 ]; then successes=1 else errors=1 fi eend $result done # Decide status based on errors/successes. # If at least one tunnel succeeded, we return success. # If some tunnels succeeded and some failed, we return success but give a warning. if [ $successes = 1 ]; then if [ $errors = 1 ]; then ewarn "Note: At least one OpenVPN tunnel failed to start" fi else retstatus=1 if [ $errors = 0 ]; then ewarn "Note: No OpenVPN configuration files were found in $CONFDIR" fi fi eend $retstatus "Error starting OpenVPN" } stop() { ebegin "Stopping OpenVPN" for pidf in `find $PIDDIR -name '*.pid' 2>/dev/null`; do if [ -s $pidf ]; then bn=${pidf%%.pid} bn=${bn##$PIDDIR/} einfo "Stopping VPN: $bn ..." kill `cat $pidf` >/dev/null 2>&1 if [ -f "${CONFDIR}/${bn}.stop" ]; then . ${CONFDIR}/${bn}.stop fi eend $? rm -rf $pidf >/dev/null 2>&1 dn=`dirname $pidf` if [ `ls -A "$dn"|wc -w` = 0 ]; then rm -rf "$dn" fi fi done eend 0 } ------=_Part_4178_1461634.1292277298891 Content-Type: text/html; charset=utf-8 Content-Transfer-Encoding: quoted-printable <= div style=3D'font-family: Times New Roman; font-size: 12pt; color: #000000'= >Everyone,

I researched OpenRC and rewrote parts of an OpenVPN init = script I found but I have not been able to find a simple way to pass a comm= and line argument to the init script.

So for phase one of my (hopefu= lly improved) OpenVPN init script, it is able to parse the /etc/openvpn dir= ectory and locate and start an OpenVPN tunnel for every file named with a .= conf also writing their .pid files to /var/run/openvpn. Then later parsing = the .pid files and stopping all the OpenVPN tunnels that were started. So i= n effect being able to do a restart too.

This script will hopefully = help in keeping with both the documentation on the AlpineLinux wiki and the= OpenVPN site for multiple tunnels.

I am also hoping to expand this = script to be able to start/stop/restart individual tunnels in the near futu= re.

Best,

Steve

#!/sbin/runscript

# OpenVPN sta= rt/stop script
# Adapted to Gentoo by James Yonan
# Modified by Steve= Fink for multiple .conf files

# This script does the following:
= #
# - Starts an OpenVPN process for each .conf file in /etc/openvpn
#=
# - If /etc/openvpn/xxx.start exists for a xxx.conf file then it execut= es
#   it before starting OpenVPN (useful for doing openvpn --= mktun...).
#
# - If /etc/openvpn/xxx.stop exists for a xxx.conf file = then it executes
#   it after stopping OpenVPN (useful for doi= ng openvpn --rmtun...).
#

# OpenRC options
opts=3D"start stop = restart"

# Default location of openvpn
OPENVPN=3D/usr/sbin/openvp= n

# Default pid directory
PIDDIR=3D/var/run/openvpn

# Defa= ult conf directory
CONFDIR=3D/etc/openvpn

depend() {
 &nb= sp;  need net
    use dns
}

start() {
&= nbsp;   ebegin "Starting OpenVPN"

    # Loa= d the TUN/TAP module
    /sbin/modprobe tun >/dev/null= 2>&1

    if [ ! -d  $PIDDIR ]; then
&= nbsp;       mkdir $PIDDIR
  &nbs= p; fi

    cd $CONFDIR

    # Sta= rt every .conf in $CONFDIR and run .start if available
   = ; local errors=3D0
    local successes=3D0
  = ;  local retstatus=3D0
    for c in `/bin/ls *.conf = 2>/dev/null`; do
        &nbs= p;   bn=3D${c%%.conf}
      &nbs= p;     ebegin "Starting VPN: $bn"
   =          if [ -f "$bn.start" ]; the= n
           &nbs= p;    . $bn.start
      &nb= sp;     fi
       = ;     rm -f $PIDDIR/$bn.pid
    =         $OPENVPN --daemon openvpn-$bn --= writepid $PIDDIR/$bn.pid --config $CONFDIR/$c --cd $CONFDIR
  =           result=3D$?
 = ;           if [ $result = =3D 0 ]; then
         &nbs= p;      successes=3D1
    &= nbsp;       else
    &= nbsp;           errors=3D= 1
            fi<= br>            eend = $result
    done

    # Decide statu= s based on errors/successes.
    # If at least one tunnel= succeeded, we return success.
    # If some tunnels succ= eeded and some failed, we return success but give a warning.
  = ;  if [ $successes =3D 1 ]; then
     &nbs= p;  if [ $errors =3D 1 ]; then
      =       ewarn "Note: At least one OpenVPN tunnel fai= led to start"
        fi
 &nb= sp;  else
        retstatus=3D1<= br>        if [ $errors =3D 0 ]; then            ewarn "= Note: No OpenVPN configuration files were found in $CONFDIR"
  = ;      fi
    fi
  =   eend $retstatus "Error starting OpenVPN"
}

stop() {
&nb= sp;   ebegin "Stopping OpenVPN"
    for pidf in= `find $PIDDIR -name '*.pid' 2>/dev/null`; do
    = ;    if [ -s $pidf ]; then
     =        bn=3D${pidf%%.pid}
  &nbs= p;         bn=3D${bn##$PIDDIR/}
=             einfo "S= topping VPN: $bn ..."
        &n= bsp;   kill `cat $pidf` >/dev/null 2>&1
  =           if [ -f "${CONFDIR}/= ${bn}.stop" ]; then
        &nbs= p;       . ${CONFDIR}/${bn}.stop
 &nb= sp;          fi
  = ;          eend $?
 &n= bsp;          rm -rf $pidf >= ;/dev/null 2>&1
        &= nbsp;   dn=3D`dirname $pidf`
     &nb= sp;      if [ `ls -A "$dn"|wc -w` =3D 0 ]; then            &n= bsp;   rm -rf "$dn"
       =      fi
        f= i
    done
    eend 0
}


<= br> ------=_Part_4178_1461634.1292277298891-- --- Unsubscribe: alpine-devel+unsubscribe@lists.alpinelinux.org Help: alpine-devel+help@lists.alpinelinux.org ---