#!/bin/sh
#
# dnssec-triggerd
#
#
# chkconfig:   - 24 86
# description:  dnssec-trigger reconfigured unbound upon network changes
#               (unbound starts at 14, NM at 23, so we start at 24)

### BEGIN INIT INFO
# Provides: dnssec-trigger
# Required-Start: $network $local_fs unbound network_manager
# Required-Stop: $network $local_fs
# Default-Start:
# Default-Stop: 0 1 2 3 4 5 6
# Should-Start: $syslog
# Should-Stop: $syslog
# Short-Description: dnssec-triggerd managed DNSSEC forwarding of unbound
# Description:  dnssec-triggerd automatically reconfigured unbound when
#        a network change happens, and DHCP gives out new potential forwarding
#        DNS servers
### END INIT INFO

# Source function library.
. /etc/rc.d/init.d/functions

exec="/usr/sbin/dnssec-triggerd"
config="/etc/dnssec-trigger.conf"
rootdir="/var/lib/dnssec-triggerd"
pidfile="/var/run/dnssec-triggerd/dnssec-triggerd.pid"
piddir=`dirname $pidfile`

[ -e /etc/sysconfig/dnssec-triggerd ] && . /etc/sysconfig/dnssec-triggerd

lockfile=/var/lock/subsys/dnssec-triggerd

start() {
    [ -x $exec ] || exit 5
    [ -f $config ] || exit 6
    # /var/run could (and should) be tmpfs
    [ -d $piddir ] || mkdir $piddir

    if [ ! -f /etc/dnssec_trigger_control.key ]
    then
	echo -n $"Generating dnssec-trigger control key and certificate: "
	/usr/sbin/dnssec-trigger-control-setup > /dev/null 2> /dev/null
	[ -x /usr/sbin/selinuxenabled ] && /usr/sbin/selinuxenabled && \
	    [ -x /sbin/restorecon ] && /sbin/restorecon /etc/dnssec-triggeer_*
	echo
    fi

    echo -n $"Starting dnssec-triggerd: "

    # if not running, start it up here
    daemon --pidfile=$pidfile $exec
    retval=$?
    [ $retval -eq 0 ] && touch $lockfile
    # start the first probe, the daemon missed any previous events.
    /etc/NetworkManager/dispatcher.d/01-dnssec-trigger-hook "all" "bootup"
    echo
}

stop() {
    echo -n $"Stopping dnssec-triggerd: "
    # stop it here, often "killproc dnssec-triggerd"
    killproc -p $pidfile dnssec-triggerd
    retval=$?
    [ $retval -eq 0 ] && rm -f $lockfile
    echo
}

restart() {
    stop
    start
}

reload() {
    kill -HUP `cat $pidfile`
}

force_reload() {
    restart
}

rh_status() {
    # run checks to determine if the service is running or use generic status
    status -p $pidfile dnssec-triggerd
}

rh_status_q() {
    rh_status -p $pidfile >/dev/null 2>&1
}

case "$1" in
    start)
        start
        ;;
    stop)
        stop
        ;;
    restart)
        restart
        ;;
    reload)
        reload
        ;;
    force-reload)
        force_reload
        ;;
    status)
        rh_status
        ;;
    condrestart|try-restart)
        rh_status_q || exit 0
        restart
        ;;
    *)
        echo $"Usage: $0 {start|stop|status|restart|condrestart|try-restart|reload|force-reload}"
        exit 2
esac
exit $?
