#!/bin/sh

# $FreeBSD: head/security/tailscale/files/tailscaled.in 564959 2021-02-11 16:12:13Z mikael $
#
# PROVIDE: tailscaled
# REQUIRE: NETWORKING
# KEYWORD: shutdown
#
# Add the following lines to /etc/rc.conf.local or /etc/rc.conf
# to enable this service:
#
# tailscaled_enable (bool):	Set it to YES to enable tailscaled.
#				Default is "NO".
# tailscaled_port (number):	Set the port to listen on for incoming VPN packets.
#				Default is "41641".
# tailscaled_syslog_output_enable (bool):	Set to enable syslog output.
#						Default is "NO". See daemon(8).
# tailscaled_syslog_output_priority (str):	Set syslog priority if syslog enabled.
#						Default is "info". See daemon(8).
# tailscaled_syslog_output_facility (str):	Set syslog facility if syslog enabled.
#						Default is "daemon". See daemon(8).

. /etc/rc.subr

name=tailscaled
rcvar=tailscaled_enable

load_rc_config $name

: ${tailscaled_enable:="NO"}
: ${tailscaled_port:="41641"}

DAEMON=$(/usr/sbin/daemon 2>&1 | grep -q syslog ; echo $?)
if [ ${DAEMON} -eq 0 ]; then
        : ${tailscaled_syslog_output_enable:="NO"}
        : ${tailscaled_syslog_output_priority:="info"}
        : ${tailscaled_syslog_output_facility:="daemon"}
        if checkyesno tailscaled_syslog_output_enable; then
                tailscaled_syslog_output_flags="-t ${name} -T ${name}"

                if [ -n "${tailscaled_syslog_output_priority}" ]; then
                        tailscaled_syslog_output_flags="${tailscaled_syslog_output_flags} -s ${tailscaled_syslog_output_priority}"
                fi

                if [ -n "${tailscaled_syslog_output_facility}" ]; then
                        tailscaled_syslog_output_flags="${tailscaled_syslog_output_flags} -l ${tailscaled_syslog_output_facility}"
                fi
        fi
else
        tailscaled_syslog_output_enable="NO"
        tailscaled_syslog_output_flags=""
fi

pidfile=/var/run/${name}.pid
procname="%%PREFIX%%/bin/${name}"

# XXX: Can we have multiple interfaces?
tailscale_tap_dev="tailscale0"

start_cmd="${name}_start"
stop_postcmd="${name}_poststop"

tailscaled_start()
{
	env CACHE_DIRECTORY=/var/db/tailscale /usr/sbin/daemon -f ${tailscaled_syslog_output_flags} -p ${pidfile} ${procname} --port ${tailscaled_port}
}

tailscaled_poststop()
{
	/sbin/ifconfig ${tailscale_tap_dev} >/dev/null 2>&1 && (
		logger -s -t tailscaled "Destroying tailscale0 adapter"
		/sbin/ifconfig ${tailscale_tap_dev} destroy || logger -s -t tailscaled "Failed to destroy ${tailscale_tap_dev} adapter"
	)
}

run_rc_command "$1"