#!/usr/bin/env bash
# powerwall - CLI commands to control VM guest power

source /opt/idssys/defaults/colors.inc
source /opt/idssys/defaults/default.inc
source /opt/idssys/vpnmon/system.inc

logfile=/opt/idssys/vpnmon/logfile
touch $logfile

START(){
	touch /opt/idssys/vpnmon/vpn.stop
	sudo mkdir -p /var/run/xl2tpd
	sudo touch /var/run/xl2tpd/l2tp-control
	[ "$(systemctl list-units --full -all | grep "strongswan.service")" != "" ] && sudo service strongswan restart
	[ "$(systemctl list-units --full -all | grep "strongswan-starter.service")" != "" ] && sudo service strongswan-starter restart
	sudo systemctl restart xl2tpd ipsec
	sleep 3s
	sudo /usr/sbin/ipsec up ${VPN_CFGNAME}
	sleep 4s
	sudo echo "c ${VPN_CFGNAME}" > /var/run/xl2tpd/l2tp-control
	sleep 5s
	
	OUT=$(ip link | grep "${VPN_INTERFACE}")			
	if [ ${#OUT} -ne 0 ]; then
	
		[ "${ROUTE_SUBNET1}" != "" ] && ip route add ${ROUTE_SUBNET1} via $(ip address show dev ppp0 | grep -Po '(?<=peer )(\b([0-9]{1,3}\.){3}[0-9]{1,3}\b)') dev ppp0
		[ "${ROUTE_SUBNET2}" != "" ] && ip route add ${ROUTE_SUBNET2} via $(ip address show dev ppp0 | grep -Po '(?<=peer )(\b([0-9]{1,3}\.){3}[0-9]{1,3}\b)') dev ppp0
		
		# if [ "${SYSTEM}" = "unifipoller" ]; then
		# 	/usr/sbin/service unifi-poller start &
		# elif [ "${SYSTEM}" = "rpicam" ]; then
		# 	/usr/sbin/service rpisurv restart
		# fi
	
		rm -f /opt/idssys/vpnmon/vpn.stop
		if [ -f /opt/idssys/vpnmon/vpn.fail* ]; then
			echo "$(date) - VPN Fixed" >> $logfile
			rm -f /opt/idssys/vpnmon/vpn.fail*
		fi
		echo "VPN Started"
		echo "$(date) - VPN started" >> $logfile
		
	else
		echo "VPN Not Started, will stop and let system retry in a few minutes"
		echo "$(date) - VPN was not started" >> $logfile
		STOP
		rm -f /opt/idssys/vpnmon/vpn.stop
	fi
	
}
STOP(){
	
	touch /opt/idssys/vpnmon/vpn.stop
	
	# if [ "${SYSTEM}" = "unifipoller" ]; then
	# 	/usr/sbin/service unifi-poller stop
	# fi
	
	sudo echo "d ${VPN_CFGNAME}" > /var/run/xl2tpd/l2tp-control
	sleep 4s
	/usr/sbin/ipsec down ${VPN_CFGNAME}
	
	echo "$(date) - VPN stopped" >> $logfile

}
CHECK(){
	if [ ! -f /opt/idssys/vpnmon/vpn.stop ]; then
		touch /opt/idssys/vpnmon/vpn.stop
		checked=false
		cc=0
		until [ "${checked}" = "" ]; do
			OUT=$(ip link | grep "${VPN_INTERFACE}")			
			if [ ${#OUT} -ne 0 ]; then
				checked=""
			elif [ ${cc} -eq 10 ]; then			
				if [ -f /opt/idssys/vpnmon/vpn.fail ]; then
					echo "$(date) - VPN Failure #2 - stopping for 5mins" >> $logfile
					touch /opt/idssys/vpnmon/vpn.fail2
					rm -f /opt/idssys/vpnmon/vpn.fail
					STOP
					sleep 5m
					START
					exit 1	
				elif [ -f /opt/idssys/vpnmon/vpn.fail2 ]; then
					echo "$(date) - VPN Failure #3 - Shutting down VPN system until repaired" >> $logfile
					STOP
					exit 1
				else
					echo "$(date) - VPN Failure #1 - stopping for 1min" >> $logfile
					touch /opt/idssys/vpnmon/vpn.fail
					STOP
					sleep 1m
					START
					exit 1
				fi
			fi
			((cc=${cc}+1))
			sleep 1s
		done
	
		rm -f /opt/idssys/vpnmon/vpn.stop
		
		if [ -f /opt/idssys/vpnmon/vpn.fail* ]; then
			echo "$(date) - VPN Fixed" >> $logfile
			rm -f /opt/idssys/vpnmon/vpn.fail*
		fi
	fi

}

case ${1} in
	start)	START;;
	stop)	STOP;;
	check)	CHECK;;
esac

exit 0