# #
###############################################################################
-function aiccu_config_dir() {
- local device=${1}
-
- echo "${RUN_DIR}/aiccu/${device}"
-}
-
function aiccu_start() {
local device=${1}
- shift
-
assert isset device
- local config_dir=$(aiccu_config_dir ${device})
- mkdir -p ${config_dir}
-
- local config_file=${config_dir}/config
- aiccu_configure ${device} $@ > ${config_file}
-
- aiccu start ${config_file} &>/dev/null
+ # Tell systemd to start aiccu on this device.
+ service_start "aiccu@${device}.service"
local ret=$?
- case "${ret}" in
- 0)
- log DEBUG "Aiccu was successfully started for '${device}'."
- return ${EXIT_OK}
- ;;
- *)
- error_log "Could not start aiccu properly for '${device}'."
-
- error_log "Configuration file dump:"
- local line
- while read line; do
- error_log " ${line}"
- done < ${config_file}
-
- return ${EXIT_ERROR}
- ;;
- esac
+ if [ ${ret} -eq ${EXIT_OK} ]; then
+ log DEBUG "aiccu was successfully started on '${device}'."
+ else
+ log ERROR "Could not start aiccu properly on '${device}': ${ret}"
+ return ${EXIT_ERROR}
+ fi
+
+ return ${EXIT_OK}
}
function aiccu_stop() {
local device=${1}
-
assert isset device
- aiccu stop $(aiccu_config_dir ${device})/config
-
- rm -rf $(aiccu_config_dir ${device})
+ # Tell sysemd to stop aiccu on this device.
+ service_stop "aiccu@${device}.service"
}
-function aiccu_configure() {
+function aiccu_write_config() {
local device=${1}
+ local file=${2}
+ shift 2
assert isset device
+ assert isset file
local user
local secret
assert isset require_tls
assert isoneof protocol tic tsp l2tp
-cat <<EOF
-## AICCU configuration for ${zone}
-
-username ${user}
-password ${secret}
-
-server ${server}
-protocol ${protocol}
-
-$(isset tunnel_id && echo "tunnel_id ${tunnel_id}")
-
-ipv6_interface ${device}
-
-verbose true
-daemonize true
-automatic true
-
-requiretls ${require_tls}
-
-pidfile $(aiccu_config_dir ${zone})/pid
-
-#setupscript /tmp/aiccu.sh
-
-EOF
+ # Write configuration file header.
+ config_header "aiccu configuration file for ${zone}" > ${file}
+
+ (
+ print "# Server info"
+ print "server ${server}"
+ print "protocol ${protocol}"
+ print
+
+ if isset tunnel_id; then
+ print "# Tunnel ID"
+ print "tunnel_id ${tunnel_id}"
+ print
+ fi
+
+ print "# Credentials"
+ print "username ${user}"
+ print "password ${secret}"
+ print
+
+ print "ipv6_interface ${device}"
+ print
+
+ print "# Security"
+ print "requiretls ${require_tls}"
+ print
+
+ # Misc.
+ print "verbose true"
+ print "daemonize false"
+ print "automatic true"
+ ) >> ${file}
return ${EXIT_OK}
}
--- /dev/null
+#!/bin/bash
+###############################################################################
+# #
+# IPFire.org - A linux based firewall #
+# Copyright (C) 2013 IPFire Network Development Team #
+# #
+# This program is free software: you can redistribute it and/or modify #
+# it under the terms of the GNU General Public License as published by #
+# the Free Software Foundation, either version 3 of the License, or #
+# (at your option) any later version. #
+# #
+# This program is distributed in the hope that it will be useful, #
+# but WITHOUT ANY WARRANTY; without even the implied warranty of #
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
+# GNU General Public License for more details. #
+# #
+# You should have received a copy of the GNU General Public License #
+# along with this program. If not, see <http://www.gnu.org/licenses/>. #
+# #
+###############################################################################
+
+. /usr/lib/network/functions
+
+action="${1}"
+assert isset action
+
+zone="${2}"
+assert isset zone
+assert zone_exists ${zone}
+
+config_file="${RUN_DIR}/${zone}/aiccu.conf"
+
+case "${action}" in
+ create)
+ # Create the configuration file for this zone.
+ zone_config_read ${zone}
+
+ config_dir="$(dirname ${config_file})"
+ mkdir -p ${config_dir}
+
+ aiccu_write_config ${zone} ${config_file} \
+ --server="${SERVER}" \
+ --protocol="${PROTOCOL}" \
+ --user="${USER}" \
+ --secret="${SECRET}" \
+ --tunnel-id="${TUNNEL_ID}" \
+ --require-tls="${REQUIRE_TLS}"
+ ;;
+
+ remove)
+ rm -f ${config_file}
+ ;;
+
+ *)
+ log ERROR "Unknown action passed: ${action}"
+ exit ${EXIT_ERROR}
+ ;;
+esac
+
+exit ${EXIT_OK}