diff --git a/README.md b/README.md index 3f5b555..fba7375 100644 --- a/README.md +++ b/README.md @@ -24,10 +24,5 @@ This YunoHost app is a part of the "[La Brique Internet](http://labriqueinter.ne ## Prerequisites -This app works with a non-stable version of YunoHost. - -Until this version is available (coming soon!) as an official stable release, you need to execute some commands before installing this app: - - # service bind9 stop - # update-rc.d bind9 remove - # apt-get install dnsmasq +* Debian Jessie +* YunoHost >= 2.2.0 diff --git a/conf/init_ynh-vpnclient b/conf/ynh-vpnclient similarity index 89% rename from conf/init_ynh-vpnclient rename to conf/ynh-vpnclient index e2506e0..bee0e76 100644 --- a/conf/init_ynh-vpnclient +++ b/conf/ynh-vpnclient @@ -1,30 +1,19 @@ #!/bin/bash -### BEGIN INIT INFO -# Provides: ynh-vpnclient -# Required-Start: $network $remote_fs $syslog yunohost-api -# Required-Stop: $network $remote_fs $syslog -# Should-Start: ynh-hotspot -# Should-Stop: ynh-hotspot -# Default-Start: 2 3 4 5 -# Default-Stop: 0 1 6 -# Short-Description: Start VPN client. -# Description: Start VPN client. -### END INIT INFO -# VPN Client app for YunoHost +# VPN Client app for YunoHost # Copyright (C) 2015 Julien Vaubourg # Contribute at https://github.com/jvaubourg/vpnclient_ynh -# +# # This program is free software: you can redistribute it and/or modify # it under the terms of the GNU Affero General Public License as published by # the Free Software Foundation, either version 3 of the License, or # (at your option) any later version. -# +# # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU Affero General Public License for more details. -# +# # You should have received a copy of the GNU Affero General Public License # along with this program. If not, see . @@ -44,12 +33,17 @@ has_hotspot_app() { } is_hotspot_knowme() { - value=$(yunohost app setting hotspot vpnclient) + gotcha=0 - if [[ "${value}" =~ "An instance is already running" ]]; then - echo "${value}" >&2 - exit 1 - fi + while [ "${gotcha}" -eq 0 ]; do + value=$(yunohost app setting hotspot vpnclient) + + if [[ "${value}" =~ "An instance is already running" ]]; then + sleep $(($((RANDOM%5)) + 1)) + else + gotcha=1 + fi + done [ "${value}" == yes ] } @@ -69,7 +63,7 @@ is_serverip6route_set() { } is_openvpn_running() { - service openvpn status client &> /dev/null + systemctl is-active openvpn@client.service &> /dev/null } is_running() { @@ -128,7 +122,7 @@ start_openvpn() { sed 's|^||' -i /etc/openvpn/client.conf fi - service openvpn start client + systemctl start openvpn@client.service } ## Unsetters @@ -146,23 +140,27 @@ unset_serverip6route() { } stop_openvpn() { - service openvpn stop + systemctl stop openvpn.service } ## Tools moulinette_get() { var=${1} + gotcha=0 - value=$(yunohost app setting vpnclient "${var}") + while [ "${gotcha}" -eq 0 ]; do + value=$(yunohost app setting vpnclient "${var}") - if [[ "${value}" =~ "An instance is already running" ]]; then - echo "${value}" >&2 - exit 1 - fi + if [[ "${value}" =~ "An instance is already running" ]]; then + sleep $(($((RANDOM%5)) + 1)) + else + gotcha=1 + fi + done echo "${value}" -} +} moulinette_set() { var=${1} @@ -181,51 +179,51 @@ if [ "$1" != restart ]; then # Restart php5-fpm at the first start (it needs to be restarted after the slapd start) if [ ! -e /tmp/.ynh-vpnclient-boot ]; then touch /tmp/.ynh-vpnclient-boot - service php5-fpm restart + systemctl restart php5-fpm fi - + # Check configuration consistency - + if [[ ! "${1}" =~ stop ]]; then exitcode=0 - + if [ ! -e /etc/openvpn/keys/ca-server.crt ]; then echo "[WARN] You need a CA server (you can add it through the web admin)" exitcode=1 fi - + empty=$(find /etc/openvpn/keys/ -empty -name credentials &> /dev/null | wc -l) if [ "${empty}" -gt 0 -a ! -e /etc/openvpn/keys/user.key ]; then echo "[WARN] You need either a client certificate, either a username, or both (you can add one through the web admin)" exitcode=1 fi - + [ "${exitcode}" -ne 0 ] && exit ${exitcode} fi - + # Variables - + echo -n "Retrieving Yunohost settings... " - + ynh_service_enabled=$(moulinette_get service_enabled) ynh_server_name=$(moulinette_get server_name) ynh_server_port=$(moulinette_get server_port) ynh_server_proto=$(moulinette_get server_proto) ynh_ip6_addr=$(moulinette_get ip6_addr) ynh_login_user=$(moulinette_get login_user) - + old_ip6_gw=$(moulinette_get ip6_gw) old_wired_device=$(moulinette_get wired_device) old_server_ip6=$(moulinette_get server_ip6) - + new_ip6_gw=$(ip -6 route | grep default\ via | awk '{ print $3 }') new_wired_device=$(ip route | awk '/default via/ { print $NF; }') new_server_ip6=$(host "${ynh_server_name}" | awk '/IPv6/ { print $NF; }') - + if [ -z "${new_server_ip6}" ]; then new_server_ip6=$(host "${ynh_server_name}" 80.67.188.188 | awk '/IPv6/ { print $NF; }') fi - + echo "OK" fi @@ -286,13 +284,9 @@ case "${1}" in moulinette_set ip6_gw "${new_ip6_gw}" moulinette_set wired_device "${new_wired_device}" - # Restart dhcpd - service bind9 stop &> /dev/null - service dnsmasq restart - - # Restart hotspot if needed + # Fix configuration if has_hotspot_app && ! is_hotspot_knowme; then - service ynh-hotspot start + ynh-hotspot start fi fi ;; @@ -309,7 +303,7 @@ case "${1}" in echo "Unset IPv6 server route" unset_serverip6route "${old_server_ip6}" "${old_ip6_gw}" "${old_wired_device}" fi - + if is_openvpn_running; then echo "Stop openvpn" stop_openvpn @@ -321,11 +315,10 @@ case "${1}" in done fi + # Fix configuration if has_hotspot_app && is_hotspot_knowme; then - service ynh-hotspot start + ynh-hotspot start fi - - service dnsmasq restart ;; restart) $0 stop diff --git a/conf/ynh-vpnclient.service b/conf/ynh-vpnclient.service new file mode 100644 index 0000000..739d304 --- /dev/null +++ b/conf/ynh-vpnclient.service @@ -0,0 +1,15 @@ +[Unit] +Description=YunoHost VPN Client. +Requires=network.target +After=network.target +Wants=ynh-hotspot.service +Before=ynh-hotspot.service + +[Service] +Type=oneshot +ExecStart=/usr/local/bin/ynh-vpnclient start +ExecStop=/usr/local/bin/ynh-vpnclient stop +RemainAfterExit=yes + +[Install] +WantedBy=multi-user.target diff --git a/scripts/install b/scripts/install index 63cc0c5..dd79568 100644 --- a/scripts/install +++ b/scripts/install @@ -162,32 +162,31 @@ sudo sed 's||/var/www/vpnadmin/|g' -i /etc/php5/fpm/pool.d/v sudo sed "s||${url_path}|g" -i /var/www/vpnadmin/config.php # Copy init script -sudo install -o root -g root -m 0755 ../conf/init_ynh-vpnclient /etc/init.d/ynh-vpnclient +sudo install -o root -g root -m 0755 ../conf/ynh-vpnclient /usr/local/bin/ +sudo install -o root -g root -m 0644 ../conf/ynh-vpnclient.service /etc/systemd/system/ # Set default inits -# The openvpn configuration is modified before the start, so the service is disabled by default -# and the ynh-vpnclient service handles it. -sudo yunohost service add openvpn -sudo yunohost service stop openvpn -sudo yunohost service disable openvpn +# The boot order of these services are important, so they are disabled by default +# and the ynh-vpnclient service handles them. +sudo systemctl disable openvpn +sudo systemctl stop openvpn -sudo yunohost service add php5-fpm -sudo yunohost service enable php5-fpm +sudo systemctl enable php5-fpm +sudo systemctl restart php5-fpm -sudo yunohost service add ynh-vpnclient -sudo yunohost service enable ynh-vpnclient -sudo service ynh-vpnclient start +sudo systemctl reload nginx -sudo service nginx reload +sudo systemctl enable ynh-vpnclient +sudo systemctl start ynh-vpnclient # Update SSO for vpnadmin sudo yunohost app ssowatconf # Restart hotspot service if installed (and started) to change NAT configuration (now on tun0) # A new start will fix the interface without unsetting all stuff -if [ -e /tmp/.ynh-hotspot-started ]; then - sudo service ynh-hotspot start -fi +#if [ -e /tmp/.ynh-hotspot-started ]; then +# sudo ynh-hotspot start +#fi # Check configuration consistency diff --git a/scripts/remove b/scripts/remove index a0e3369..62dd392 100644 --- a/scripts/remove +++ b/scripts/remove @@ -21,9 +21,9 @@ domain=$(sudo yunohost app setting vpnclient domain) # The End -sudo service ynh-vpnclient stop -sudo yunohost service remove ynh-vpnclient -sudo rm -f /etc/init.d/ynh-vpnclient +sudo systemctl stop ynh-vpnclient +sudo systemctl disable ynh-vpnclient +sudo rm -f /etc/systemd/system/ynh-vpnclient.service /usr/local/bin/ynh-vpnclient sudo rm -f /tmp/.ynh-vpnclient-* # Remove confs @@ -35,9 +35,8 @@ sudo rm -f /etc/php5/fpm/pool.d/vpnadmin.conf sudo rm -rf /etc/openvpn/keys/ # Restart services -sudo yunohost service stop php5-fpm -sudo yunohost service start php5-fpm -sudo service nginx reload +sudo systemctl restart php5-fpm +sudo systemctl reload nginx # Remove sources sudo rm -rf /var/www/vpnadmin/ diff --git a/sources/controller.php b/sources/controller.php index 86fbe8d..1c26179 100644 --- a/sources/controller.php +++ b/sources/controller.php @@ -27,17 +27,17 @@ function moulinette_set($var, $value) { } function stop_service() { - exec('sudo service ynh-vpnclient stop'); + exec('sudo systemctl stop ynh-vpnclient'); } function start_service() { - exec('sudo service ynh-vpnclient start', $output, $retcode); + exec('sudo systemctl start ynh-vpnclient', $output, $retcode); return $retcode; } function service_status() { - exec('sudo service ynh-vpnclient status', $output); + exec('sudo ynh-vpnclient status', $output); return $output; }