#!/bin/bash
#
# script for starting openvpn as TCP-Server

DEVICE="tun0"                       # tunnel device (tun0, tun1, ...)
PORT="1194"                         # port number openvpn will use
LOCALIP="192.168.8.1"               # internal IP address of this server
REMOTEIP="192.168.8.128"            # internal IP address of the client
KEYFILE="/etc/openvpn/shared.key"   # name of the shared key file
MAXRATE="16000"                     # maximum tx transfer rate in bytes/s

# only run openvpn, if it is installed ;-)
if [ ! -x /usr/sbin/openvpn ]; then
  exit 1
fi

# check if we're allowed to dig the tunnel
while [ -e /etc/NOTUNNEL ]; do
  sleep 60
done

# dig the tunnel
/usr/sbin/openvpn --daemon --dev $DEVICE --proto tcp-server --port $PORT \
  --ifconfig $LOCALIP $REMOTEIP --secret $KEYFILE --persist-tun --ping 30 \
  --ping-restart 180 --shaper $MAXRATE \
  --writepid /var/run/openvpn-${DEVICE}.pid

# Keep running, exit when the openvpn process is no longer present
while true; do
  # check if the PID file still exists
  if [ ! -e /var/run/openvpn-${DEVICE}.pid ]; then
    break
  else
    TUNNPID="`cat /var/run/openvpn-${DEVICE}.pid`"
  fi

  # probing with ps, returns "1" if process ID does not exist
  ps "$TUNNPID" >/dev/null 2>/dev/null
  if [ "$?" -gt 0 ]; then
    break
  else
    # now check if the process we found is really running openvpn
    if [ "`ps -o comm \"$TUNNPID\" | tail -n 1`" = "openvpn" ]; then
      sleep 60
    else
      break
    fi
  fi
done

# Do some cleanup
rm -f /var/run/openvpn-${DEVICE}.pid