initial commit
This commit is contained in:
9
support/openvpn/Makefile
Normal file
9
support/openvpn/Makefile
Normal file
@@ -0,0 +1,9 @@
|
||||
MK= ../../mk
|
||||
include ${MK}/os.mk
|
||||
|
||||
DIR= ${DATADIR}/support/openvpn
|
||||
BIN= down.sh up.sh
|
||||
INC= README.md
|
||||
|
||||
|
||||
include ${MK}/scripts.mk
|
||||
8
support/openvpn/README.md
Normal file
8
support/openvpn/README.md
Normal file
@@ -0,0 +1,8 @@
|
||||
These handy scripts setup any dns information that OpenVPN may push.
|
||||
They also handle the interaction with OpenRC so that the OpenVPN service
|
||||
can become "inactive". This means that when it starts, it goes inactive and
|
||||
OpenRC continues on its merry way booting the system. When OpenVPN connects
|
||||
to an endpoint it then re-starts the OpenVPN service and starts up any
|
||||
services that depend on us. A similar thing happens when we shut down.
|
||||
|
||||
Of course, this is all optional.
|
||||
34
support/openvpn/down.sh
Executable file
34
support/openvpn/down.sh
Executable file
@@ -0,0 +1,34 @@
|
||||
#!/bin/sh
|
||||
# Copyright (c) 2007-2015 The OpenRC Authors.
|
||||
# See the Authors file at the top-level directory of this distribution and
|
||||
# https://github.com/OpenRC/openrc/blob/master/AUTHORS
|
||||
#
|
||||
# This file is part of OpenRC. It is subject to the license terms in
|
||||
# the LICENSE file found in the top-level directory of this
|
||||
# distribution and at https://github.com/OpenRC/openrc/blob/master/LICENSE
|
||||
# This file may not be copied, modified, propagated, or distributed
|
||||
# except according to the terms contained in the LICENSE file.
|
||||
|
||||
# If we have a service specific script, run this now
|
||||
[ -x "${RC_SVCNAME}"-down.sh ] && "${RC_SVCNAME}"-down.sh
|
||||
|
||||
# Restore resolv.conf to how it was
|
||||
if command -v resolvconf >/dev/null 2>&1; then
|
||||
resolvconf -d "${dev}"
|
||||
elif [ -e /etc/resolv.conf-"${dev}".sv ]; then
|
||||
# Important that we copy instead of move incase resolv.conf is
|
||||
# a symlink and not an actual file
|
||||
cp -p /etc/resolv.conf-"${dev}".sv /etc/resolv.conf
|
||||
rm -f /etc/resolv.conf-"${dev}".sv
|
||||
fi
|
||||
|
||||
# Re-enter the init script to stop any dependant services
|
||||
if [ -x "${RC_SERVICE}" ]; then
|
||||
if "${RC_SERVICE}" --quiet status; then
|
||||
IN_BACKGROUND=YES
|
||||
export IN_BACKGROUND
|
||||
"${RC_SERVICE}" --quiet stop
|
||||
fi
|
||||
fi
|
||||
|
||||
exit 0
|
||||
80
support/openvpn/up.sh
Executable file
80
support/openvpn/up.sh
Executable file
@@ -0,0 +1,80 @@
|
||||
#!/bin/sh
|
||||
# Copyright (c) 2007-2015 The OpenRC Authors.
|
||||
# See the Authors file at the top-level directory of this distribution and
|
||||
# https://github.com/OpenRC/openrc/blob/master/AUTHORS
|
||||
#
|
||||
# This file is part of OpenRC. It is subject to the license terms in
|
||||
# the LICENSE file found in the top-level directory of this
|
||||
# distribution and at https://github.com/OpenRC/openrc/blob/master/LICENSE
|
||||
# This file may not be copied, modified, propagated, or distributed
|
||||
# except according to the terms contained in the LICENSE file.
|
||||
|
||||
# Setup our resolv.conf
|
||||
# Vitally important that we use the domain entry in resolv.conf so we
|
||||
# can setup the nameservers are for the domain ONLY in resolvconf if
|
||||
# we're using a decent dns cache/forwarder like dnsmasq and NOT nscd/libc.
|
||||
# nscd/libc users will get the VPN nameservers before their other ones
|
||||
# and will use the first one that responds - maybe the LAN ones?
|
||||
# non resolvconf users just the the VPN resolv.conf
|
||||
|
||||
# FIXME:- if we have >1 domain, then we have to use search :/
|
||||
# We need to add a flag to resolvconf to say
|
||||
# "these nameservers should only be used for the listed search domains
|
||||
# if other global nameservers are present on other interfaces"
|
||||
# This however, will break compatibility with Debians resolvconf
|
||||
# A possible workaround would be to just list multiple domain lines
|
||||
# and try and let resolvconf handle it
|
||||
|
||||
NS=
|
||||
DOMAIN=
|
||||
SEARCH=
|
||||
i=1
|
||||
while true; do
|
||||
eval opt=\$foreign_option_${i}
|
||||
[ -z "${opt}" ] && break
|
||||
if [ "${opt}" != "${opt#dhcp-option DOMAIN *}" ]; then
|
||||
if [ -z "${DOMAIN}" ]; then
|
||||
DOMAIN="${opt#dhcp-option DOMAIN *}"
|
||||
else
|
||||
SEARCH="${SEARCH:+ }${opt#dhcp-option DOMAIN *}"
|
||||
fi
|
||||
elif [ "${opt}" != "${opt#dhcp-option DNS *}" ]; then
|
||||
NS="${NS}nameserver ${opt#dhcp-option DNS *}\n"
|
||||
fi
|
||||
: $(( i += 1 ))
|
||||
done
|
||||
|
||||
if [ -n "${NS}" ]; then
|
||||
DNS="# Generated by openvpn for interface ${dev}\n"
|
||||
if [ -n "${SEARCH}" ]; then
|
||||
DNS="${DNS}search ${DOMAIN} ${SEARCH}\n"
|
||||
else
|
||||
DNS="${DNS}domain ${DOMAIN}\n"
|
||||
fi
|
||||
DNS="${DNS}${NS}"
|
||||
if command -v resolvconf >/dev/null 2>&1; then
|
||||
printf "${DNS}" | resolvconf -a "${dev}"
|
||||
else
|
||||
# Preserve the existing resolv.conf
|
||||
if [ -e /etc/resolv.conf ]; then
|
||||
cp -p /etc/resolv.conf /etc/resolv.conf-"${dev}".sv
|
||||
fi
|
||||
(umask 022; printf "${DNS}" > /etc/resolv.conf)
|
||||
fi
|
||||
fi
|
||||
|
||||
# Below section is OpenRC specific
|
||||
|
||||
# If we have a service specific script, run this now
|
||||
[ -x "${RC_SVCNAME}"-up.sh ] && "${RC_SVCNAME}"-up.sh
|
||||
|
||||
# Re-enter the init script to start any dependant services
|
||||
if [ -x "${RC_SERVICE}" ]; then
|
||||
if ! "${RC_SERVICE}" --quiet status; then
|
||||
IN_BACKGROUND=YES
|
||||
export IN_BACKGROUND
|
||||
"${RC_SERVICE}" --quiet start
|
||||
fi
|
||||
fi
|
||||
|
||||
exit 0
|
||||
Reference in New Issue
Block a user