openvpn: Use the debian generator and service files for OpenVPN

We want to use systemd for managing the lifetime of OpenVPN. Take
the debian generator (which should work with busybox ash) and the
openvpn.service (to inhibit the sysvinit script) and the target
file and install it.

On systems that have ran "update-rc.d openvpn defaults" one need
to manually execute a systemctl enable openvpn.service. This is
not done through a post-inst script and I am not sure if we should
do it. This means there is a danger of ending with a unit that
doesn't start OpenVPN automatically after upgrade!

The scripts/packages have not been tested on a device yet.

recipes-extra/openvpn/openvpn/openvpn-generator

@@ -0,0 +1,40 @@
+#!/bin/sh
+
+# This systemd generator creates dependency symlinks that make all OpenVPN
+# tunnels listed in /etc/default/openvpn's AUTOSTART be started/stopped/reloaded
+# when openvpn.service is started/stopped/reloaded.
+
+set -eu
+
+GENDIR="$1"
+WANTDIR="$1/openvpn.service.wants"
+SERVICEFILE="/lib/systemd/system/openvpn@.service"
+AUTOSTART="all"
+CONFIG_DIR=/etc/openvpn
+
+mkdir -p "$WANTDIR"
+
+if test -e /etc/default/openvpn ; then
+	. /etc/default/openvpn
+fi
+
+# No VPNs automatically started
+if test "x$AUTOSTART" = "xnone" ; then
+	exit 0
+fi
+
+if test "x$AUTOSTART" = "xall" -o -z "$AUTOSTART" ; then
+	for CONFIG in `cd $CONFIG_DIR; ls *.conf 2> /dev/null`; do
+		NAME=${CONFIG%%.conf}
+		ln -s "$SERVICEFILE" "$WANTDIR/openvpn@$NAME.service"
+	done
+else
+	for NAME in $AUTOSTART ; do
+		if test -e $CONFIG_DIR/$NAME.conf ; then
+			ln -s "$SERVICEFILE" "$WANTDIR/openvpn@$NAME.service"
+		fi
+	done
+fi
+
+exit 0
+

recipes-extra/openvpn/openvpn/openvpn.service

@@ -0,0 +1,18 @@
+# This service is actually a systemd target,
+# but we are using a service since targets cannot be reloaded.
+
+[Unit]
+Description=OpenVPN service
+After=network.target
+
+[Service]
+Type=oneshot
+RemainAfterExit=yes
+ExecStart=/bin/true
+ExecReload=/bin/true
+WorkingDirectory=/etc/openvpn
+
+[Install]
+WantedBy=multi-user.target
+
+

recipes-extra/openvpn/openvpn/openvpn@.service

@@ -0,0 +1,15 @@
+[Unit]
+Description=OpenVPN connection to %i
+PartOf=openvpn.service
+ReloadPropagatedFrom=openvpn.service
+
+[Service]
+Type=forking
+ExecStart=/usr/sbin/openvpn --daemon ovpn-%i --status /run/openvpn/%i.status 10 --cd /etc/openvpn --config /etc/openvpn/%i.conf
+ExecReload=/bin/kill -HUP $MAINPID
+WorkingDirectory=/etc/openvpn
+
+[Install]
+WantedBy=multi-user.target
+
+

recipes-extra/openvpn/openvpn_2.3.4.bb

@@ -8,7 +8,10 @@ DEPENDS = "lzo openssl iproute2 ${@base_contains('DISTRO_FEATURES', 'pam', 'libp
 inherit autotools
 
 SRC_URI = "http://swupdate.openvpn.org/community/releases/openvpn-${PV}.tar.gz \
-           file://openvpn"
+           file://openvpn \
+           file://openvpn-generator \
+           file://openvpn@.service \
+           file://openvpn.service"
 
 SRC_URI[md5sum] = "04d47237907faabe9d046970ffe44b2e"
 SRC_URI[sha256sum] = "af506d5f48568fa8d2f2435cb3fad35f9a9a8f263999ea6df3ba296960cec85a"
@@ -26,12 +29,23 @@ do_install_append() {
     install -d ${D}/${sysconfdir}/init.d
     install -d ${D}/${sysconfdir}/openvpn
     install -m 755 ${WORKDIR}/openvpn ${D}/${sysconfdir}/init.d
+
+    # systemd files
+    install -d ${D}${systemd_unitdir}/system
+    install -d ${D}${systemd_unitdir}/system-generators
+    install -m 0644 ${WORKDIR}/openvpn.service ${D}${systemd_unitdir}/system
+    install -m 0644 ${WORKDIR}/openvpn@.service ${D}${systemd_unitdir}/system
+    install -m 0755 ${WORKDIR}/openvpn-generator ${D}${systemd_unitdir}/system-generators
 }
 
 RRECOMMENDS_${PN} = "kernel-module-tun"
 
 FILES_${PN}-dbg += "${libdir}/openvpn/plugins/.debug"
 
+# Don't go through the systemd.bbclass as we do not want magic to happen
+# during install and upgrade. Simply ship the files.
+FILES_${PN} += "${systemd_unitdir}"
+
 
 # We need to test opkg upgrade of OpenVPN through the OpenVPN first
 DEFAULT_PREFERENCE = "-1"