#!/usr/bin/env bash
# powerwall - CLI commands to control VM guest power

source /opt/idssys/defaults/colors.inc
source /opt/idssys/defaults/default.inc
source /opt/idssys/vpnmon/system.inc

logfile=/opt/idssys/vpnmon/logfile
touch $logfile

START(){
	
	sudo mkdir -p /var/run/xl2tpd
	sudo touch /var/run/xl2tpd/l2tp-control
	sudo service strongswan restart
	sudo service xl2tpd restart
	sudo service ipsec restart
	sleep 8s
	sudo /usr/sbin/ipsec up L2TP-PSK
	sleep 8s
	sudo bash -c 'echo "c myVPN" > /var/run/xl2tpd/l2tp-control'
	sleep 8s
	
	[ "${ROUTE}" != "" ] && ip route add ${ROUTE} via $(ip address show dev ppp0 | grep -Po '(?<=peer )(\b([0-9]{1,3}\.){3}[0-9]{1,3}\b)') dev ppp0
	[ "${ROUTE2}" != "" ] && ip route add ${ROUTE2} via $(ip address show dev ppp0 | grep -Po '(?<=peer )(\b([0-9]{1,3}\.){3}[0-9]{1,3}\b)') dev ppp0
		
	if [ "${SYSTEM}" = "unifipoller" ]; then
		/usr/sbin/service unifi-poller start &
		#elif [ "${SYSTEM}" = "rpicam" ]; then
		#/usr/sbin/service rpisurv restart
	fi
	
	rm -f /opt/idssys/vpnmon/vpn.stop
	
	echo "$(date) - VPN started" >> $logfile
	
}
STOP(){
	
	touch /opt/idssys/vpnmon/vpn.stop
	
	if [ "${SYSTEM}" = "unifipoller" ]; then
		/usr/sbin/service unifi-poller stop
	fi
	
	sudo bash -c 'echo "d myVPN" > /var/run/xl2tpd/l2tp-control'
	/usr/sbin/ipsec down L2TP-PSK
	
	echo "$(date) - VPN stopped" >> $logfile

}
CHECK(){
	
	if [ ! -f /opt/idssys/vpnmon/vpn.stop ]; then
	
		touch /opt/idssys/vpnmon/vpn.stop
		
		checked=false
		cc=0
		until [ "${checked}" = "" ]; do
			OUT=$(ip link | grep "ppp0")			
			#OUT=`ip a show $VPN_INTERFACE up` >/dev/null 2>&1
			if [ ${#OUT} -ne 0 ]; then
				checked=""
			elif [ ${cc} -eq 10 ]; then			
				if [ -f /opt/idssys/vpnmon/vpn.fail ]; then
					echo "$(date) - VPN Failure #2 - stopping for 5mins" >> $logfile
					touch /opt/idssys/vpnmon/vpn.fail2
					rm -f /opt/idssys/vpnmon/vpn.fail
					STOP
					sleep 5m
					START
					exit 1	
				elif [ -f /opt/idssys/vpnmon/vpn.fail2 ]; then
					echo "$(date) - VPN Failure #3 - Shutting down VPN system until repaired" >> $logfile
					STOP
					exit 1
				else
					echo "$(date) - VPN Failure #1 - stopping for 1min" >> $logfile
					touch /opt/idssys/vpnmon/vpn.fail
					STOP
					sleep 1m
					START
					exit 1
				fi
			fi
			((cc=${cc}+1))
			sleep 1s
		done
	
		rm -f /opt/idssys/vpnmon/vpn.stop
		
		if [ -f /opt/idssys/vpnmon/vpn.fail* ]; then
			echo "$(date) - VPN Fixed" >> $logfile
			rm -f /opt/idssys/vpnmon/vpn.fail*
		fi

		
	else
		echo "VPN system is stopped and must be restarted manually"
	fi

}

case ${1} in
	start)	START;;
	stop)	STOP;;
	check)	CHECK;;
esac

exit 0