#!/bin/bash

pickup_defaults
pickup_options

: ${TUNTYPE:?missing TUNTYPE}

[ -x "${OVPN:=$DEFAULT_OVPN}" ] || {
	print_error "$OVPN does not exist or is not executable. Try installing openvpn RPM."
	exit 1
}

case "${TUNTYPE:=tun}" in
	tun) REMOTE=$TUNREMOTE	;;
	tap) REMOTE=$TUNMASK	;;
	*)	print_error "TUNTYPE for $NAME must be either 'tun' or 'tap'"
		exit 1
esac

$MODPROBE tun

is_yes "$RESTORE_DEFAULTROUTE" && { # Save default route(s)
	[ -d $OVPNRUNDIR ] || 
	{
	    print_error "OpenVPN rundir $OVPNRUNDIR does not exist"
	    exit 1
	}
	$IP route ls | grep ^default > $OVPNRUNDIR/$NAME.defaultroute
	[ -s $OVPNRUNDIR/$NAME.defaultroute ] || rm -f $OVPNRUNDIR/$NAME.defaultrout
}

PROF_CAFILE=`profiled_filename ${OVPNCAFILE:-$DEFAULT_OVPNCAFILE}`
PROF_CRTFILE=`profiled_filename ${OVPNCRTFILE:-$DEFAULT_OVPNCRTFILE}`
PROF_KEYFILE=`profiled_filename ${OVPNKEYFILE:-$DEFAULT_OVPNKEYFILE}`
PROF_CONFFILE=`profiled_filename ${OVPNCONFFILE:-$DEFAULT_OVPNCONFFILE}`
OVPN_USER=${OVPNUSER:-$DEFAULT_OVPNUSER}
OVPN_GROUP=${OVPNGROUP:-$DEFAULT_OVPNGROUP}

grep "tls" "$MYIFACEDIR/$PROF_CONFFILE" >/dev/null && 
	KEY_ARGS="--ca $MYIFACEDIR/$PROF_CAFILE --cert $MYIFACEDIR/$PROF_CRTFILE --key $MYIFACEDIR/$PROF_KEYFILE" ||
	KEY_ARGS="--secret $MYIFACEDIR/$PROF_KEYFILE"


[ -d $OVPNCHROOTDIR/cache ] ||
{
    print_error "OpenVPN cache dir $OVPNCHROOTDIR/cache does not exist"
    exit 1
}

$OVPN --dev $NAME --dev-type $TUNTYPE \
       --config "$MYIFACEDIR/$PROF_CONFFILE" $KEY_ARGS \
       --ifconfig $TUNLOCAL $REMOTE --remote $OVPN_SERVER --port $OVPN_PORT \
       --user $OVPN_USER --group $OVPN_GROUP --persist-tun --persist-key --daemon \
       --cd $OVPNCHROOTDIR/cache --chroot $OVPNCHROOTDIR \
       --writepid $OVPNRUNDIR/$NAME.pid
