#!/bin/sh

if [ "$(uci -q get network.omrvpn)" = "" ]; then
	uci -q batch <<-EOF >/dev/null
		delete network.glorytun
		delete network.omrvpn
		set network.omrvpn=interface
		set network.omrvpn.ifname=tun0
		set network.omrvpn.proto=dhcp
		set network.omrvpn.ip4table=vpn
		set network.omrvpn.multipath=off
		set network.omrvpn.leasetime=12h
		commit network
	EOF
fi

if [ "$(uci -q get glorytun.vpn.localip)" = "10.0.0.2" ]; then
	uci -q batch <<-EOF >/dev/null
		delete glorytun.vpn.localip
		delete glorytun.vpn.remoteip
	EOF
fi

if [ "$(uci -q get openvpn.omr)" = "" ]; then
	uci -q batch <<-EOF >/dev/null
		set openvpn.omr=openvpn
		set openvpn.omr.dev=tun0
		set openvpn.omr.port=65301
		set openvpn.omr.cipher=AES-256-CBC
		set openvpn.omr.proto=tcp-client
		set openvpn.omr.enabled=0
		set openvpn.omr.ncp_disable=1
		set openvpn.omr.auth_nocache=1
		commit openvpn
	EOF
fi

if [ "$(uci -q show firewall | grep omrvpn)" = "" ]; then
	uci -q batch <<-EOF >/dev/null
		add_list firewall.zone_vpn.network=omrvpn
		delete firewall.allow_dhcp_request_vpn
		set firewall.allow_dhcp_request_vpn=rule
		set firewall.allow_dhcp_request_vpn.name=Allow-DHCP-Request-VPN
		set firewall.allow_dhcp_request_vpn.src=vpn
		set firewall.allow_dhcp_request_vpn.proto=udp
		set firewall.allow_dhcp_request_vpn.dest_port=67
		set firewall.allow_dhcp_request_vpn.target=ACCEPT
		set firewall.allow_dhcp_request_vpn.family=ipv4
		commit firewall
	EOF
fi
rm -f /tmp/luci-indexcache
exit 0