#!/sbin/openrc-run description="strongSwan charon IKE daemon" command="/usr/lib/strongswan/charon" pidfile="/var/run/charon.pid" start_stop_daemon_args="--background" extra_started_commands="reload fullstatus" depend() { need net after firewall provide ipsec } start_pre() { sysctl -p /etc/sysctl.conf &>/dev/null } start_post() { ebegin "Loading ${name:-$RC_SVCNAME} configuration" while [ ! -e $pidfile ]; do sleep 0.1 done swanctl --load-all &>/dev/null eend $? } {% if strongswan_restore_dns | d(false) == true -%} stop_post() { echo "nameserver 1.1.1.1" > /etc/resolv.conf } {% endif -%} reload() { swanctl --reload-settings swanctl --load-all } fullstatus() { swanctl --list-conns swanctl --list-sas }