From d38aabc45e2ef60da07178340e30e563c40a6052 Mon Sep 17 00:00:00 2001
From: Adolf Belka <adolf.belka@ipfire.org>
Date: Tue, 1 Apr 2025 22:50:02 +0200
Subject: [PATCH] backup.pl: Fixes bug13737 - restarts ipsec to use the
 restored certs etc

- This adds a check if the ipsec server is enabled. If it is then ipsecctrl is run to
   restart ipsec and ensure that the restored certs are all being used.
- Tested this out on my vm testbed and confirmed that with this I could restore a backup
   and make the client connection as previously set up.
- Without this I had to press the Save button on the ipsec WUI page to get the certs
   etc being used.

Fixes: bug13737
Tested-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
---
 config/backup/backup.pl | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/config/backup/backup.pl b/config/backup/backup.pl
index 1c8c87d0a..0cfbd4fc3 100644
--- a/config/backup/backup.pl
+++ b/config/backup/backup.pl
@@ -307,6 +307,12 @@ restore_backup() {
 	# start collectd after restore
 	/etc/rc.d/init.d/collectd start
 
+        # Restart ipsec if enabled
+        # This will ensure that the restored certs and secrets etc are loaded and used
+        if [ $(grep -c "ENABLED=on" /var/ipfire/vpn/settings) -eq 1  ] ; then
+                /usr/local/bin/ipsecctrl S
+        fi
+
 	return 0
 }
 
-- 
2.39.5