From 1822704b7cb39eb890b81b270143e7d9eb319f2b Mon Sep 17 00:00:00 2001
From: joe <joe@jerkface.net>
Date: Sun, 1 May 2016 22:51:52 +0000
Subject: Handle ipsec.secret

---
 cokiki.hs | 16 ++++++++++++++--
 1 file changed, 14 insertions(+), 2 deletions(-)

(limited to 'cokiki.hs')

diff --git a/cokiki.hs b/cokiki.hs
index f8eed0a..2638677 100644
--- a/cokiki.hs
+++ b/cokiki.hs
@@ -132,17 +132,29 @@ sshServer uid root cmn = whenRoot uid root cmn $ do
     Kiki.importAndRefresh root cmn
 
 strongswan uid root cmn = whenRoot uid root cmn $ do
+    -- (1) /etc/ipsec.conf    <--  'include /var/cache/kiki/config/ipsec.conf'
     -- Parsing as if ssh config, that's not right, but good enough for now.
     ipsecconf <- parseSshConfig . fromMaybe "" <$> maybeReadFile (root "/etc/ipsec.conf")
     let p:gs = groupBy (\_ d -> not $ sshIsDirective "include" d) $ ["#"]:ipsecconf
         got = filter (\(d:ds) -> elem "/var/cache/kiki/config/ipsec.conf" d) gs
     case got of
-        _:_ -> do hPutStrLn stderr "ipsec already configured."
+        _:_ -> do hPutStrLn stderr "ipsec.conf already configured."
         [] -> do let ipsecconf' = drop 1 $ ipsecconf ++ [stmt]
                      stmt = ["include", " ", "/var/cache/kiki/config/ipsec.conf"]
                  hPutStrLn stderr "adding include directive"
                  myWriteFile (root "/etc/ipsec.conf") $ unparseSshConfig ipsecconf'
-    -- etc/ipsec.conf    <--  'include /var/cache/kiki/ipsec.conf'
+
+    -- (2) /etc/ipsec.secrets/ <- include /var/cache/kiki/config/ipsec.secrets
+    -- Parsing as if ssh config, that's not right, but good enough for now.
+    ipsecconf <- parseSshConfig . fromMaybe "" <$> maybeReadFile (root "/etc/ipsec.secrets")
+    let p:gs = groupBy (\_ d -> not $ sshIsDirective "include" d) $ ["#"]:ipsecconf
+        got = filter (\(d:ds) -> elem "/var/cache/kiki/config/ipsec.secrets" d) gs
+    case got of
+        _:_ -> do hPutStrLn stderr "ipsec.secrets already configured."
+        [] -> do let ipsecconf' = drop 1 $ ipsecconf ++ [stmt]
+                     stmt = ["include", " ", "/var/cache/kiki/config/ipsec.secrets"]
+                 hPutStrLn stderr "adding include directive"
+                 myWriteFile (root "/etc/ipsec.secrets") $ unparseSshConfig ipsecconf'
     Kiki.importAndRefresh root cmn
 
 configureTor uid root cmn = whenRoot uid root cmn $ do
-- 
cgit v1.2.3