blob: 40015f4a8e4a3dd30aafc35b168b5686d6a20034 (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
|
#!/bin/sh
# PROVIDE: openvpn_auth_oauth2
# REQUIRE: FILESYSTEMS defaultroute netwait resolv
# BEFORE: NETWORKING
# KEYWORD: shutdown
# Add the following line to /etc/rc.conf to enable openvpn_auth_oauth2:
#
# openvpn_auth_oauth2_enable="YES"
#
# You also can set alternative config with
# openvpn_auth_oauth2_config="/path/to/config"
#
# Multiple profiles are supported with
#
# openvpn_auth_oauth2_profiles="name1 name2"
# openvpn_auth_oauth2_name1_enable="YES"
# openvpn_auth_oauth2_name1_config="/path/to/config1"
# openvpn_auth_oauth2_name2_enable="YES"
# openvpn_auth_oauth2_name2_config="/path/to/config2"
#
. /etc/rc.subr
name=openvpn_auth_oauth2
rcvar=openvpn_auth_oauth2_enable
desc="Single sign-on for OpenVPN"
eval ": \${${name}_enable:=\"NO\"}"
eval ": \${${name}_config:=%%ETCDIR%%/openvpn-auth-oauth2.yml}"
load_rc_config "${name}"
_openvpn_auth_oauth2="%%PREFIX%%/sbin/openvpn-auth-oauth2"
_common_daemon_args=-Sfc
_piddir=/var/run/openvpn-auth-oauth2
# Set PID file
pidfile="${_piddir}/openvpn-auth-oauth2.pid"
required_files=${openvpn_auth_oauth2_config}
command=/usr/sbin/daemon
command_args="${_common_daemon_args} -p ${pidfile} -t ${name} \
${_openvpn_auth_oauth2} --config ${openvpn_auth_oauth2_config}"
procname="${_openvpn_auth_oauth2}"
extra_commands=reload
reload_cmd=openvpn_auth_oauth2_reload
start_precmd="[ -d ${_piddir} ] || /usr/bin/install -d ${_piddir}"
openvpn_auth_oauth2_reload()
{
if [ "x${openvpn_auth_oauth2_profiles}" != "x" -a "x$1" != "x" ]; then
for profile in ${openvpn_auth_oauth2_profiles}; do
eval _enable="\${openvpn_auth_oauth2_${profile}_enable}"
case "x${_enable:-${openvpn_auth_oauth2_enable}}" in
x|x[Nn][Oo]|x[Nn][Oo][Nn][Ee])
continue
;;
x[Yy][Ee][Ss])
;;
*)
if test -z "$_enable"; then
_var=openvpn_auth_oauth2_enable
else
_var=openvpn_auth_oauth2_"${profile}"_enable
fi
echo "Bad value" \
"'${_enable:-${openvpn_auth_oauth2_enable}}'" \
"for ${_var}. " \
"Profile ${profile} skipped."
continue
;;
esac
echo "===> openvpn-auth-oauth2 profile: ${profile}"
pidfile="${_piddir}/openvpn-auth-oauth2-${profile}.pid"
kill -HUP `cat ${pidfile}`
retcode="$?"
if [ "0${retcode}" -ne 0 ]; then
failed="${profile} (${retcode}) ${failed:-}"
else
success="${profile} ${success:-}"
fi
done
exit 0
else
echo "===> openvpn-auth-outh2 profile ${profile} reloading"
kill -HUP `cat ${pidfile}`
fi
}
if [ -n "$2" ]; then
profile="$2"
if [ "x${openvpn_auth_oauth2_profiles}" != "x" ]; then
eval openvpn_auth_oauth2_config="\${openvpn_auth_oauth2_${profile}_config:-%%ETCDIR%%/openvpn-auth-oauth2-${profile}.yml}"
if [ "x${openvpn_auth_oauth2_config}" = "x" ]; then
echo "You must define a configuration file (openvpn_auth_oauth2_${profile}_config)"
exit 1
fi
pidfile="${_piddir}/openvpn-auth-oauth2-${profile}.pid"
[ -f ${pidfile} ] || /usr/bin/install /dev/null "${pidfile}"
required_files="${openvpn_auth_oauth2_config}"
eval openvpn_auth_oauth2_enable="\${openvpn_auth_oauth2_${profile}_enable:-${openvpn_auth_oauth2_enable}}"
command_args="${_common_daemon_args} -t ${name}-${profile} -p ${pidfile} \
${_openvpn_auth_oauth2} \
--config ${openvpn_auth_oauth2_config}"
else
echo "$0: extra argument ignored"
fi
else
if [ "x${openvpn_auth_oauth2_profiles}" != "x" -a "x$1" != "x" ]; then
for profile in ${openvpn_auth_oauth2_profiles}; do
eval _enable="\${openvpn_auth_oauth2_${profile}_enable}"
case "x${_enable:-${openvpn_auth_oauth2_enable}}" in
x|x[Nn][Oo]|x[Nn][Oo][Nn][Ee])
continue
;;
x[Yy][Ee][Ss])
;;
*)
if test -z "$_enable"; then
_var=openvpn_auth_oauth2_enable
else
_var=openvpn_auth_oauth2_"${profile}"_enable
fi
echo "Bad value" \
"'${_enable:-${openvpn_auth_oauth2_enable}}'" \
"for ${_var}. " \
"Profile ${profile} skipped."
continue
;;
esac
echo "===> openvpn-auth-oauth2 profile: ${profile}"
%%PREFIX%%/etc/rc.d/openvpn_auth_oauth2 $1 ${profile}
retcode="$?"
if [ "0${retcode}" -ne 0 ]; then
failed="${profile} (${retcode}) ${failed:-}"
else
success="${profile} ${success:-}"
fi
done
exit 0
fi
fi
run_rc_command "$1"
|
