testing/openconnect: added initd, confd and logrotate scripts

4 files changed, 145 insertions, 15 deletions

diff --git a/testing/openconnect/APKBUILD b/testing/openconnect/APKBUILD
index c029bb25bb..7f1a22480e 100644
--- a/testing/openconnect/APKBUILD
+++ b/testing/openconnect/APKBUILD
@@ -11,34 +11,43 @@ license="LGPL-2.1"
 depends="vpnc iproute2"
 makedepends="autoconf automake intltool gnutls-dev libxml2-dev 
 	krb5-dev lz4-dev libproxy-dev linux-headers stoken-dev
-	pcsc-lite-dev oath-toolkit-dev"
+	pcsc-lite-dev oath-toolkit-dev python-dev"
+subpackages="$pkgname-doc $pkgname-dev $pkgname-openrc"
 source="ftp://ftp.infradead.org/pub/$pkgname/$pkgname-$pkgver.tar.gz
-	openconnect-7.08-libressl251.patch"
-subpackages="$pkgname-doc $pkgname-dev"
+	$pkgname.initd
+	$pkgname.confd
+	$pkgname.logrotate"
 builddir=$srcdir/$pkgname-$pkgver
 
 build() {
-    cd $builddir
-    ./configure --prefix=/usr \
-        --sbindir=/usr/bin \
-        --disable-static \
+	cd $builddir
+	./configure \
+		--prefix=/usr \
+		--sbindir=/usr/bin \
+		--disable-static \
 		--disable-rpath \
-        --with-gnutls \
+		--with-gnutls \
 		--with-vpnc-script=/etc/vpnc/vpnc-script \
-        --disable-nls
-    make
+		--disable-nls
+	make
 }
 
 check() {
-    cd $builddir
+	cd $builddir
 	make check
 }
 
 package() {
-    cd $builddir
-    make DESTDIR="$pkgdir" install
-    mkdir -p "$pkgdir"/var/log/openconnect
+	cd $builddir
+	make DESTDIR="$pkgdir" install
+	install -Dm755 "$srcdir"/$pkgname.initd "$pkgdir"/etc/init.d/$pkgname
+	install -Dm755 "$srcdir"/$pkgname.confd "$pkgdir"/etc/conf.d/$pkgname
+	install -Dm644 "$srcdir"/$pkgname.logrotate "$pkgdir"/etc/logrotate.d/$pkgname
+	mkdir -p "$pkgdir"/var/log/openconnect
+	mkdir -p "$pkgdir"/etc/openconnect
 }
 
 sha512sums="22f9b0bd4bd17e2ab91ff42b2464c89abba035fe705c037ba4d1042ace460c8738e20481783a1edc3b7dd6503fe9fcc7fdd188552811fb1525310e25a4c2f400  openconnect-7.08.tar.gz
-0472ca5e4fdb0522078027068dfc5e3f82bcd51c7699f4b0834b873053c5b384cff6746c3da54cc25daf8f16f7d04b3224edc5efc6f66908e538bee10e334350  openconnect-7.08-libressl251.patch"
+7b832550ef21ddb4b1c0eae7f3838b925745a5ebbdb74f1583fb8710b75175ebcbc7b1558ce95f59cd78542bec8bc01f7ab6d32ec4a5b168bb8a516a8907d362  openconnect.initd
+a689df7141621c80bca77fdd1e01397b98882c7fd8db79b2fe1495916656522234e3af739538002533c003e4243e9af4bf80cd73bae961e15568997ce89ef6d5  openconnect.confd
+3b269eb7f469343d48e6e3aa694c5c051811c217217bebf2e74d051cbacf2b57ba926ea69474d30937067f45100863188f719db3fa1bcb4862ddbf446bdd48d2  openconnect.logrotate"
diff --git a/testing/openconnect/openconnect.confd b/testing/openconnect/openconnect.confd
new file mode 100644
index 0000000000..53b14e6137
--- /dev/null
+++ b/testing/openconnect/openconnect.confd
@@ -0,0 +1,26 @@
+# Variables to configure vpn tunnels where "vpnname" is the name of your vpn tunnel:
+#
+# server_vpnname
+# password_vpnname
+# vpnopts_vpnname
+#
+# The tunnel will need to be started with a symbolic link to openconnect:
+#
+# ln -s /etc/init.d/openconnect /etc/init.d/openconnect.vpnname
+#
+# If you'd like to execute a script on preup, postup, predown and postdown of the vpn tunnel, you
+# need to create executable scripts in a directory with the same name as
+# the vpn tunnel (vpn0 can be replaced with the vpn name):
+#
+# mkdir /etc/openconnect/vpn0
+# cd /etc/openconnect/vpn0"
+# echo '#!/bin/sh' > preup.sh"
+# cp preup.sh predown.sh"
+# cp preup.sh postup.sh"
+# cp preup.sh postdown.sh"
+# chmod 755 /etc/openconnect/vpn0/*"
+
+server_vpn0="vpn.server.tld"
+password_vpn0="YOUR_PASSWORD"
+# Any OPENCONNECT options my go here (see openconnect --help)
+vpnopts_vpn0="-l --passwd-on-stdin --user=YOUR_USERNAME --script=/etc/openconnect/openconnect.sh"
diff --git a/testing/openconnect/openconnect.initd b/testing/openconnect/openconnect.initd
new file mode 100644
index 0000000000..040edc76f6
--- /dev/null
+++ b/testing/openconnect/openconnect.initd
@@ -0,0 +1,88 @@
+#!/sbin/openrc-run
+# Copyright 1999-2015 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+
+VPN="${RC_SVCNAME#*.}"
+VPNDIR="/etc/openconnect/${VPN}"
+VPNLOG="/var/log/openconnect/${VPN}"
+VPNLOGFILE="${VPNLOG}/openconnect.log"
+VPNERRFILE="${VPNLOG}/openconnect.err"
+
+command="/usr/sbin/openconnect"
+name="OpenConnect: ${VPN}"
+pidfile="/run/openconnect/${VPN}.pid"
+stopsig="SIGINT"
+
+depend() {
+	before netmount
+}
+
+checkconfig() {
+	if [ $VPN = "openconnect" ]; then
+		eerror "You cannot call openconnect directly. You must create a symbolic link to it with the vpn name:"
+		eerror
+		eerror "ln -s /etc/init.d/openconnect /etc/init.d/openconnect.vpn0"
+		eerror
+		eerror "And then call it instead:"
+		eerror
+		eerror "/etc/init.d/openconnect.vpn0 start"
+		return 1
+	fi
+}
+
+checktuntap() {
+	if [ "$RC_UNAME" = "Linux" -a ! -e /dev/net/tun ] ; then
+		if ! modprobe tun ; then
+			eerror "TUN/TAP support is not available in this kernel"
+			return 1
+		fi
+	fi
+}
+
+run_hook() {
+	if [ -x "$1" ]; then
+		"$@"
+	fi
+}
+
+start_pre() {
+	checkconfig || return
+	checktuntap || return
+	checkpath -d "${VPNLOG}" || return
+	checkpath -d /run/openconnect || return
+	run_hook "${VPNDIR}/preup.sh"
+}
+
+start() {
+	local server vpnopts password
+	eval server=\$server_${VPN}
+	eval vpnopts=\$vpnopts_${VPN}
+	eval password=\$password_${VPN}
+
+	ebegin "Starting ${name}"
+	start-stop-daemon --start --exec "${command}" -- \
+		--background \
+		--interface="${VPN}" \
+		--pid-file="${pidfile}" \
+		${vpnopts} \
+		"${server}" \
+		>> "${VPNLOGFILE}" \
+		2>> "${VPNERRFILE}" \
+		<<EOF
+${password}
+EOF
+	eend $?
+}
+
+start_post() {
+	run_hook "${VPNDIR}/postup.sh"
+}
+
+stop_pre() {
+	checkconfig || return
+	run_hook "${VPNDIR}/predown.sh"
+}
+
+stop_post() {
+	run_hook "${VPNDIR}/postdown.sh"
+}
diff --git a/testing/openconnect/openconnect.logrotate b/testing/openconnect/openconnect.logrotate
new file mode 100644
index 0000000000..541c0a4175
--- /dev/null
+++ b/testing/openconnect/openconnect.logrotate
@@ -0,0 +1,7 @@
+# openconnect logrotate for Alpine Linux
+#
+/var/log/openconnect/*/* {
+  missingok
+  size 5M
+  notifempty
+}