diff --git a/deb/vpncloud/Makefile b/deb/vpncloud/Makefile index ee5cb7c..bb29538 100644 --- a/deb/vpncloud/Makefile +++ b/deb/vpncloud/Makefile @@ -5,7 +5,7 @@ vpncloud.1: vpncloud.1.ronn install: install -d $(DESTDIR)/etc/vpncloud - install -m 600 example.net $(DESTDIR)/etc/vpncloud/example.net + install -m 600 example.net.disabled $(DESTDIR)/etc/vpncloud/example.net.disabled install -d $(DESTDIR)/var/log install -d $(DESTDIR)/run install -d $(DESTDIR)/usr/bin diff --git a/deb/vpncloud/example.net b/deb/vpncloud/example.net deleted file mode 100644 index 25ccfba..0000000 --- a/deb/vpncloud/example.net +++ /dev/null @@ -1,70 +0,0 @@ -# Whether this VPN should be started with the daemon. -ENABLED=0 - -# The port number on which to listen for data. [default: `3210`] -# Note: Every VPN needs a different port number. -LISTEN='' - -# Address of a peer to connect to. The address should be in the form -# `addr:port`. If the node is not started, the connection will be retried -# periodically. This parameter can be repeated to connect to multiple peers. -# Note: Several entries can be separated by spaces. -PEERS='' - -# Peer timeout in seconds. The peers will exchange information periodically -# and drop peers that are silent for this period of time. [default: `1800`] -PEER_TIMEOUT='' - -# Switch table entry timeout in seconds. This parameter is only used in switch -# mode. Addresses that have not been seen for the given period of time will -# be forgot. [default: `300`] -DST_TIMEOUT='' - -# An optional token that identifies the network and helps to distinguish it -# from other networks. -NETWORK_ID='' - -# An optional shared key to encrypt the VPN data. If this option is not set, -# the traffic will be sent unencrypted. -SHARED_KEY='' - -# The encryption method to use ("aes256", or "chacha20"). Most current CPUs -# have special support for AES256 so this should be faster. For older -# computers lacking this support, only CHACHA20 is supported. -# [default: `chacha20`] -CRYPTO='' - -# Name of the virtual device. Any `%d` will be filled with a free number. -# [default: `vpncloud%d`] -DEVICE='' - -# Set the type of network. There are two options: **tap** devices process -# Ethernet frames **tun** devices process IP packets. [default: `tap`] -TYPE='' - -# The mode of the VPN. The VPN can like a router, a switch or a hub. A **hub** -# will send all data always to all peers. A **switch** will learn addresses -# from incoming data and only send data to all peers when the address is -# unknown. A **router** will send data according to known subnets of the -# peers and ignore them otherwise. The **normal** mode is switch for tap -# devices and router for tun devices. [default: `normal`] -MODE='' - -# The local subnets to use. This parameter should be in the form -# `address/prefixlen` where address is an IPv4 address, an IPv6 address, or a -# MAC address. The prefix length is the number of significant front bits that -# distinguish the subnet from other subnets. Example: `10.1.1.0/24`. -# Note: Several entries can be separated by spaces. -SUBNETS='' - -# A command to setup the network interface. The command will be run (as -# parameter to `sh -c`) when the device has been created to configure it. -# The name of the allocated device will be available via the environment -# variable `IFNAME`. -IFUP='' - -# A command to bring down the network interface. The command will be run (as -# parameter to `sh -c`) to remove any configuration from the device. -# The name of the allocated device will be available via the environment -# variable `IFNAME`. -IFDOWN='' diff --git a/deb/vpncloud/vpncloud-control b/deb/vpncloud/vpncloud-control index f219f31..9da89c0 100755 --- a/deb/vpncloud/vpncloud-control +++ b/deb/vpncloud/vpncloud-control @@ -21,6 +21,7 @@ DAEMON=$(which $NAME) status() { echo "Network status" for net in $NETWORKS; do + [ -f "$NETCONFIGS/$net.net" ] || continue echo -en "\t$net: " if start-stop-daemon --status --pidfile /run/$NAME-$net.pid --name $NAME; then echo "running" @@ -36,30 +37,8 @@ start() { # 1 if daemon was already running # 2 if daemon could not be started for net in $NETWORKS; do - ENABLED=0 - unset DEVICE LISTEN TYPE MODE SHARED_KEY CRYPTO IFUP IFDOWN NETWORK_ID PEER_TIMEOUT DST_TIMEOUT PEERS SUBNETS - [ -f "$NETCONFIGS/$net.net" ] && . $NETCONFIGS/$net.net - if [ $ENABLED -eq 1 ]; then - PARAMS="" - [ -z "$DEVICE" ] || PARAMS="$PARAMS --device $DEVICE" - [ -z "$LISTEN" ] || PARAMS="$PARAMS --listen $LISTEN" - [ -z "$TYPE" ] || PARAMS="$PARAMS --type $TYPE" - [ -z "$MODE" ] || PARAMS="$PARAMS --mode $MODE" - [ -z "$SHARED_KEY" ] || PARAMS="$PARAMS --shared-key '$SHARED_KEY'" - [ -z "$CRYPTO" ] || PARAMS="$PARAMS --crypto $CRYPTO" - [ -z "$IFUP" ] || PARAMS="$PARAMS --ifup '$IFUP'" - [ -z "$IFDOWN" ] || PARAMS="$PARAMS --ifdown '$IFDOWN'" - [ -z "$NETWORK_ID" ] || PARAMS="$PARAMS --network-id $NETWORK_ID" - [ -z "$PEER_TIMEOUT" ] || PARAMS="$PARAMS --peer-timeout $PEER_TIMEOUT" - [ -z "$DST_TIMEOUT" ] || PARAMS="$PARAMS --peer-timeout $DST_TIMEOUT" - for peer in $PEERS; do - PARAMS="$PARAMS --connect $peer" - done - for subnet in $SUBNETS; do - PARAMS="$PARAMS --subnet $subnet" - done - start-stop-daemon --start --pidfile /run/$NAME-$net.pid --make-pidfile --name $NAME --background --startas /bin/sh -- -c "exec $DAEMON $PARAMS >/var/log/vpncloud-$net.log 2>&1" - fi + [ -f "$NETCONFIGS/$net.net" ] || continue + start-stop-daemon --start --pidfile /run/$NAME-$net.pid --make-pidfile --name $NAME --background --startas /bin/sh -- -c "exec $DAEMON --config $NETCONFIGS/$net.net >/var/log/vpncloud-$net.log 2>&1" done return 0 } @@ -71,7 +50,9 @@ stop() { # 2 if daemon could not be stopped # other if a failure occurred for net in $NETWORKS; do - start-stop-daemon --stop --quiet --pidfile /run/$NAME-$net.pid --name $NAME --retry 60 + [ -f "$NETCONFIGS/$net.net" ] || continue + start-stop-daemon --stop --quiet --pidfile /run/$NAME-$net.pid --retry 60 + rm -f /run/$NAME-$net.pid done return 0 }