Merge pull request #145 from YunoHost-Apps/fix-waiting-openvpn-client

Fix waiting for openvpn client and improve cleanup

conf/ynh-vpnclient

@@ -58,13 +58,20 @@ function critical()
 
 cleanup() {
   local last_exit_code="$?"
-  if [[ "${action}" != "stop" && "${last_exit_code}" -ne 0 ]]; then
-    rm -f /tmp/.ynh-vpnclient-started
+  if [[ "${action}" == "stop" || "${last_exit_code}" -eq 0 ]]; then
+    return
+  fi
+
+  if systemctl is-active -q openvpn@client.service; then
+    info "Stopping OpenVPN client..."
+    systemctl stop openvpn@client.service
   fi
+
+  rm -f /tmp/.ynh-vpnclient-started
 }
 
 # Cleanup before exit
-trap cleanup 0
+trap cleanup EXIT SIGINT SIGTERM
 
 ###################################################################################
 # Time sync                                                                       #
@@ -121,6 +128,19 @@ check_config() {
   fi
 }
 
+find_last_line_number() {
+  local pattern=$1
+  local path=$2
+
+  local match
+  # Search in the file from the end until the pattern matches
+  if match=$(tac "${path}" 2>/dev/null | grep -n "${pattern}" -m 1 --line-buffered); then
+    sed 's/:.*//' <<< $match
+  else
+    echo 0
+  fi
+}
+
 action=${1}
 if [[ "$action" != restart ]]; then
   # Variables
@@ -144,70 +164,71 @@ case "$action" in
 
   start)
     info "[vpnclient] Starting..."
+
+    if [[ "${ynh_service_enabled}" -eq 0 ]]; then
+      warn "Service is disabled, not starting it"
+      exit 0
+    fi
     
-    if [[ -e /tmp/.ynh-vpnclient.started ]] || systemctl -q is-active openvpn@client.service; then
+    if ! lockfile -r 0 /tmp/.ynh-vpnclient-started &>/dev/null; then
       info "Service is already running"
       exit 0
-    elif [[ "${ynh_service_enabled}" -eq 0 ]]; then
-      warn "Service is disabled, not starting it"
-      exit 0
     fi
 
-    touch /tmp/.ynh-vpnclient-started
+    if systemctl is-active -q openvpn@client.service; then
+      info "OpenVPN client is already running"
+      exit 0
+    fi
 
     sync_time
     check_config
 
     info "Now actually starting OpenVPN client..."
-
     if systemctl start openvpn@client.service; then
-      info "OpenVPN client started ... waiting for tun0 interface to show up"
+      success "OpenVPN client started!"
     else
       tail -n 20 /var/log/openvpn-client.log | tee -a $LOGFILE
-	    critical "Failed to start OpenVPN :/"
+	    critical "Failed to start OpenVPN client"
     fi
 
-    has_errors=true
-    for attempt in $(seq 0 20); do
-      sleep 1
-      if ip link show dev tun0 &> /dev/null; then
-        success "tun0 interface is up!"
-        has_errors=false
-        break
-      fi
-    done
-  
-    if $has_errors; then
-      error "Tun0 interface did not show up ... most likely an issue happening in OpenVPN client ... below is an extract of the log that might be relevant to pinpoint the issue"
+    info "Waiting for tun0 interface to show up"
+    openvpn_log_start=$(find_last_line_number "process exiting" /var/log/openvpn-client.log)
+    if ! timeout 180 tail -n-${openvpn_log_start} -f /var/log/openvpn-client.log 2>/dev/null | grep -q "TUN/TAP device tun0 opened"; then
+      error "The VPN client didn't open tun0 interface"
       tail -n 20 /var/log/openvpn-client.log | tee -a $LOGFILE
-      systemctl stop openvpn@client.service
-      critical "Failed to start OpenVPN client : tun0 interface did not show up"
+      critical "Failed to start OpenVPN client"
+    fi
+
+    if ip link show tun0 up &>/dev/null; then
+      success "tun0 interface is up!"
+    else
+      error "tun0 interface did not show up, most likely an issue happening in OpenVPN client"
+      tail -n 20 /var/log/openvpn-client.log | tee -a $LOGFILE
+      critical "Failed to start OpenVPN client"
     fi
 
     info "Waiting for VPN client to be ready..."
-    if ! timeout 180 tail -n 0 -f /var/log/openvpn-client.log | grep -q "Initialization Sequence Completed"; then
+    if ! timeout 180 tail -n-${openvpn_log_start} -f /var/log/openvpn-client.log 2>/dev/null | grep -q "Initialization Sequence Completed"; then
       error "The VPN client didn't complete initiliasation"
       tail -n 20 /var/log/openvpn-client.log | tee -a $LOGFILE
-      systemctl stop openvpn@client.service
       critical "Failed to start OpenVPN client"
     fi
 
     info "Validating that VPN is up and the server is connected to internet..."
 
-    ipv4=$(timeout 5 ping -w3 -c1 ip.yunohost.org  >/dev/null 2>&1 && curl --max-time 5 https://ip.yunohost.org --silent)
-    ipv6=$(timeout 5 ping -w3 -c1 ip6.yunohost.org >/dev/null 2>&1 && curl --max-time 5 https://ip6.yunohost.org --silent)
-
-    if ip route get 1.2.3.4 | grep -q tun0; then
-      if timeout 5 ping -c1 -w3 debian.org >/dev/null; then
-        success "YunoHost VPN client started!"
-        info "IPv4 address is $ipv4"
-        info "IPv6 address is $ipv6"
-      else
-        critical "The VPN is up but debian.org cannot be reached, indicating that something is probably misconfigured/blocked."
-      fi
-    else
+    if ! ip route get 1.2.3.4 | grep -q tun0; then
       critical "IPv4 routes are misconfigured !?"
     fi
+
+    ipv4=$(timeout 10 ping -w3 -c1 ip.yunohost.org  >/dev/null 2>&1 && curl --max-time 5 https://ip.yunohost.org --silent)
+    ipv6=$(timeout 10 ping -w3 -c1 ip6.yunohost.org >/dev/null 2>&1 && curl --max-time 5 https://ip6.yunohost.org --silent)
+    if [[ -z "${ipv4}" && -z "${ipv6}" ]]; then
+      critical "The VPN is up but yunohost.org cannot be reached, indicating that something is probably misconfigured/blocked."
+    fi
+    
+    success "YunoHost VPN client started!"
+    info "IPv4 address is $ipv4"
+    info "IPv6 address is $ipv6"
   ;;
 
   # ########## #
@@ -216,7 +237,6 @@ case "$action" in
 
   stop)
     info "[vpnclient] Stopping..."
-    rm -f /tmp/.ynh-vpnclient-started
 
     if systemctl is-active -q openvpn@client.service; then
       info "Stopping OpenVPN service"
@@ -229,6 +249,8 @@ case "$action" in
         fi
       done
     fi
+    
+    rm -f /tmp/.ynh-vpnclient-started
   ;;
 
   # ########## #