#!/sbin/openrc-run
# Copyright 1999-2025 Gentoo Authors
# Distributed under the terms of the GNU General Public License v2

description="kea dhcp services"
extra_started_commands="reload"

dhcp4_command="/usr/sbin/kea-dhcp4"
dhcp6_command="/usr/sbin/kea-dhcp6"
ddns_command="/usr/sbin/kea-dhcp-ddns"
dhcp4_config="${DHCP4_CONFIG:-/etc/kea/dhcp4.conf}"
dhcp6_config="${DHCP6_CONFIG:-/etc/kea/dhcp6.conf}"
ddns_config="${DDNS_CONFIG:-/etc/kea/ddns.conf}"
agent_config="${AGENT_CONFIG:-/etc/kea/ctrl-agent.conf}"
dhcp4_pidfile="/run/kea/dhcp4.kea-dhcp4.pid"
dhcp6_pidfile="/run/kea/dhcp6.kea-dhcp6.pid"
ddns_pidfile="/run/kea/ddns.kea-ddns.pid"

kea_user="${KEA_USER:-dhcp}"
kea_group="${KEA_GROUP:-dhcp}"

cap_list="^cap_net_bind_service"
cap4_list="${cap_list},^cap_net_raw"

depend() {
	use net
}

check_ownership() {
	local file=$1
	[ -z "${file}" ] && return 2

	if [ $(stat -c "%U:%G" ${file}) != "root:${kea_group}" ] ; then
		eerror "${file} config file is not owned by root:${kea_group}"
		eerror "you should reset the ownership:"
		eerror "chown root:${kea_group} ${file}"
		return 1
	fi
}

reload_kea_service() {
	local service_pidfile

	if [ -z "${1}" ] ; then
		eerror "No service pidfile given for reload."
		return 1
	else
		service_pidfile="${1}"
	fi

	# all kea services reload their configs on SIGHUP (1)
	kill -1 $(cat ${service_pidfile})
}

start_pre() {
	if ${DHCP4:-false} ; then
		if [ ! -f "${dhcp4_config}" ] ; then
			eerror "Please create a ${dhcp4_config} config file."
			return 1
		fi

		check_ownership "${dhcp4_config}" || return 1

		if ! ${dhcp4_command} -t ${dhcp4_config} 1>/dev/null 2>/dev/null ; then
			eerror "Error in config file ${dhcp4_config}"
			return 1
		fi
	fi
	if ${DHCP6:-false} ; then
		if [ ! -f "${dhcp6_config}" ] ; then
			eerror "Please create a ${dhcp6_file} config file."
			return 1
		fi

		check_ownership "${dhcp6_config}" || return 1

		if ! ${dhcp6_command} -t ${dhcp6_config} 1>/dev/null 2>/dev/null ; then
			eerror "Error in config file ${dhcp6_config}"
			return 1
		fi
	fi
	if ${DDNS:-false} ; then
		if [ ! -f "${ddns_config}" ] ; then
			eerror "Please create a ${ddns_config} config file."
			return 1
		fi

		check_ownership "${ddns_config}" || return 1

		if ! ${ddns_command} -t ${ddns_config} 1>/dev/null 2>/dev/null ; then
			eerror "Error in config file ${ddns_config}"
			return 1
		fi
	fi

	# Make sure that kea has all required permissions to run 
	# (un-)privileged.
	local cp_opts="-q -o ${kea_user}:${kea_group}"
	checkpath ${cp_opts} -D /run/kea
	checkpath ${cp_opts} -d /var/lib/kea
	checkpath ${cp_opts} -f /var/lib/kea/*.csv*
	checkpath ${cp_opts} -d /var/log/kea
}

start() {
	local retval=0 atleastone=
	local ownership="--user ${kea_user} --group ${kea_group} --wait 1000"

	ebegin "Starting kea dhcp services"
	if ${DHCP4:-false} ; then
		start-stop-daemon -b --capabilities ${cap4_list} \
			-p ${dhcp4_pidfile} ${ownership} \
			-x ${dhcp4_command} -- -c ${dhcp4_config} \
			|| retval=$(( ${retval} + 1 ))
		atleastone=1
	fi
	if ${DHCP6:-false} ; then
		start-stop-daemon -b --capabilities ${cap_list} \
			-p ${dhcp6_pidfile} ${ownership} \
			-x ${dhcp6_command} -- -c ${dhcp6_config} \
			|| retval=$(( ${retval} + 1 ))
		atleastone=1
	fi
	if ${DDNS:-false} ; then
		start-stop-daemon -b --capabilities ${cap_list} \
			-p ${ddns_pidfile} ${ownership} \
			-x ${ddns_command} -- -c ${ddns_config} \
			|| retval=$(( ${retval} + 1 ))
		atleastone=1
	fi
	if [ -z ${atleastone} ] ; then
		eerror "No service has been launched!"
		return 1
	fi
	eend ${retval}
}

reload() {
	ebegin "Reloading kea configs"
	if ${DHCP4:-false} ; then
		reload_kea_service ${dhcp4_pidfile}
	fi
	if ${DHCP6:-false} ; then
		reload_kea_service ${dhcp6_pidfile}
	fi
	if ${DDNS:-false} ; then
		reload_kea_service ${ddns_pidfile}
	fi
	eend
}

stop() {
	local retval=0
	ebegin "Stopping kea dhcp services"
	if ${DHCP4:-false} ; then
		start-stop-daemon --stop -p ${dhcp4_pidfile} \
			|| retval=$(( ${retval} + 1 ))
	fi
	if ${DHCP6:-false} ; then
		start-stop-daemon --stop -p ${dhcp6_pidfile} \
			|| retval=$(( ${retval} + 1 ))
	fi
	if ${DDNS:-false} ; then
		start-stop-daemon --stop -p ${ddns_pidfile} \
			|| retval=$(( ${retval} + 1 ))
	fi
	eend ${retval}
}
