From afde7fb981194e60d159a1d3275ab391a36fbac0 Mon Sep 17 00:00:00 2001
From: Davide Beatrici <davidebeatrici@gmail.com>
Date: Fri, 7 Sep 2018 21:45:33 +0200
Subject: [PATCH] CMake: install systemd configuration files

---
 src/CMakeLists.txt                  | 58 ++++++++++++++++++++---------
 systemd/softether-vpnbridge.service | 10 ++---
 systemd/softether-vpnclient.service | 12 +++---
 systemd/softether-vpnserver.service | 12 +++---
 4 files changed, 56 insertions(+), 36 deletions(-)

diff --git a/src/CMakeLists.txt b/src/CMakeLists.txt
index afd0fe10..8842cab4 100644
--- a/src/CMakeLists.txt
+++ b/src/CMakeLists.txt
@@ -1,19 +1,39 @@
 include(GNUInstallDirs)
 
-macro(install_wrapper_script component target destination)
-  get_filename_component(filename ${target} NAME)
+# Creates wrapper scripts and installs them in the user's binaries directory, which is usually "/usr/local/bin".
+# This is required because symlinks use the folder they are in as working directory.
+macro(install_wrapper_script component target)
+  get_filename_component(file_name ${target} NAME)
 
-  file(WRITE ${CMAKE_SOURCE_DIR}/tmp/script/${filename} "#!/bin/sh\n")
-  file(APPEND ${CMAKE_SOURCE_DIR}/tmp/script/${filename} "${target} \"$@\"\n")
-  file(APPEND ${CMAKE_SOURCE_DIR}/tmp/script/${filename} "exit $?\n")
+  file(WRITE ${CMAKE_SOURCE_DIR}/tmp/script/${file_name} "#!/bin/sh\n")
+  file(APPEND ${CMAKE_SOURCE_DIR}/tmp/script/${file_name} "${target} \"$@\"\n")
+  file(APPEND ${CMAKE_SOURCE_DIR}/tmp/script/${file_name} "exit $?\n")
 
-  install(FILES ${CMAKE_SOURCE_DIR}/tmp/script/${filename}
+  install(FILES ${CMAKE_SOURCE_DIR}/tmp/script/${file_name}
     COMPONENT ${component}
-    DESTINATION ${destination}
+    DESTINATION ${CMAKE_INSTALL_FULL_BINDIR}
     PERMISSIONS OWNER_READ OWNER_WRITE OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE
   )
 endmacro(install_wrapper_script)
 
+macro(install_systemd_service component file_path binary_path)
+    get_filename_component(file_name ${file_path} NAME)
+    get_filename_component(binary_directory ${binary_path} DIRECTORY)
+
+    file(READ ${file_path} FILE_CONTENT)
+    string(REPLACE "[DIRECTORY]" ${binary_directory} FILE_CONTENT ${FILE_CONTENT})
+    string(REPLACE "[BINARY]" ${binary_path} FILE_CONTENT ${FILE_CONTENT})
+    file(WRITE ${CMAKE_SOURCE_DIR}/tmp/systemd/${file_name} ${FILE_CONTENT})
+
+  if(EXISTS "/lib/systemd/system")
+    install(FILES ${CMAKE_SOURCE_DIR}/tmp/systemd/${file_name}
+      COMPONENT ${component}
+      DESTINATION "/lib/systemd/system"
+      PERMISSIONS OWNER_READ OWNER_WRITE GROUP_READ WORLD_READ
+    )
+  endif()
+endmacro(install_systemd_service)
+
 if(CMAKE_BUILD_TYPE STREQUAL "Debug")
   add_definitions(-D_DEBUG -DDEBUG)
 endif()
@@ -128,7 +148,7 @@ add_custom_command(TARGET hamcore-archive-build
   COMMAND ${CMAKE_COMMAND} -E copy ${CMAKE_SOURCE_DIR}/tmp/hamcore.se2 ${VPNCMD_RUNTIME_OUTPUT_DIRECTORY}
 )
 
-# Copy "vpnserver" directory to /usr/lib(exec)/softether/
+# Copy "vpnserver" directory to /usr/lib(exec)/softether/, install launch script and systemd service
 install(DIRECTORY ${VPNSERVER_RUNTIME_OUTPUT_DIRECTORY}
   COMPONENT "vpnserver"
   DESTINATION "${CMAKE_INSTALL_LIBEXECDIR}/softether"
@@ -136,7 +156,10 @@ install(DIRECTORY ${VPNSERVER_RUNTIME_OUTPUT_DIRECTORY}
   PERMISSIONS OWNER_READ OWNER_WRITE OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE
 )
 
-# Copy "vpnclient" directory to /usr/lib(exec)/softether/
+install_wrapper_script("vpnserver" "${CMAKE_INSTALL_FULL_LIBEXECDIR}/softether/vpnserver/vpnserver")
+install_systemd_service("vpnserver" "${CMAKE_SOURCE_DIR}/systemd/softether-vpnserver.service" "${CMAKE_INSTALL_FULL_LIBEXECDIR}/softether/vpnserver/vpnserver")
+
+# Copy "vpnclient" directory to /usr/lib(exec)/softether/, install launch script and systemd service
 install(DIRECTORY ${VPNCLIENT_RUNTIME_OUTPUT_DIRECTORY}
   COMPONENT "vpnclient"
   DESTINATION "${CMAKE_INSTALL_LIBEXECDIR}/softether"
@@ -144,7 +167,10 @@ install(DIRECTORY ${VPNCLIENT_RUNTIME_OUTPUT_DIRECTORY}
   PERMISSIONS OWNER_READ OWNER_WRITE OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE
 )
 
-# Copy "vpnbridge" directory to /usr/lib(exec)/softether/
+install_wrapper_script("vpnclient" "${CMAKE_INSTALL_FULL_LIBEXECDIR}/softether/vpnclient/vpnclient")
+install_systemd_service("vpnclient" "${CMAKE_SOURCE_DIR}/systemd/softether-vpnclient.service" "${CMAKE_INSTALL_FULL_LIBEXECDIR}/softether/vpnclient/vpnclient")
+
+# Copy "vpnbridge" directory to /usr/lib(exec)/softether/, install launch script and systemd service
 install(DIRECTORY ${VPNBRIDGE_RUNTIME_OUTPUT_DIRECTORY}
   COMPONENT "vpnbridge"
   DESTINATION "${CMAKE_INSTALL_LIBEXECDIR}/softether"
@@ -152,7 +178,10 @@ install(DIRECTORY ${VPNBRIDGE_RUNTIME_OUTPUT_DIRECTORY}
   PERMISSIONS OWNER_READ OWNER_WRITE OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE
 )
 
-# Copy "vpncmd" directory to /usr/lib(exec)/softether/
+install_wrapper_script("vpnbridge" "${CMAKE_INSTALL_FULL_LIBEXECDIR}/softether/vpnbridge/vpnbridge")
+install_systemd_service("vpnbridge" "${CMAKE_SOURCE_DIR}/systemd/softether-vpnbridge.service" "${CMAKE_INSTALL_FULL_LIBEXECDIR}/softether/vpnbridge/vpnbridge")
+
+# Copy "vpncmd" directory to /usr/lib(exec)/softether/, install launch script and systemd service
 install(DIRECTORY ${VPNCMD_RUNTIME_OUTPUT_DIRECTORY}
   COMPONENT "vpncmd"
   DESTINATION "${CMAKE_INSTALL_LIBEXECDIR}/softether"
@@ -160,12 +189,7 @@ install(DIRECTORY ${VPNCMD_RUNTIME_OUTPUT_DIRECTORY}
   PERMISSIONS OWNER_READ OWNER_WRITE OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE
 )
 
-# Create wrapper scripts in the user's binaries directory, which is usually "/usr/local/bin".
-# This is required because symlinks use the folder they are in as working directory.
-install_wrapper_script("vpnserver" "${CMAKE_INSTALL_FULL_LIBEXECDIR}/softether/vpnserver/vpnserver" ${CMAKE_INSTALL_FULL_BINDIR})
-install_wrapper_script("vpnclient" "${CMAKE_INSTALL_FULL_LIBEXECDIR}/softether/vpnclient/vpnclient" ${CMAKE_INSTALL_FULL_BINDIR})
-install_wrapper_script("vpnbridge" "${CMAKE_INSTALL_FULL_LIBEXECDIR}/softether/vpnbridge/vpnbridge" ${CMAKE_INSTALL_FULL_BINDIR})
-install_wrapper_script("vpncmd" "${CMAKE_INSTALL_FULL_LIBEXECDIR}/softether/vpncmd/vpncmd" ${CMAKE_INSTALL_FULL_BINDIR})
+install_wrapper_script("vpncmd" "${CMAKE_INSTALL_FULL_LIBEXECDIR}/softether/vpncmd/vpncmd")
 
 # Print message after installing the targets
 install(CODE "message(\"\n----------------------------------------------------------------------------------------------------------------------------\")")
diff --git a/systemd/softether-vpnbridge.service b/systemd/softether-vpnbridge.service
index 2f508820..8797d8cb 100644
--- a/systemd/softether-vpnbridge.service
+++ b/systemd/softether-vpnbridge.service
@@ -1,12 +1,13 @@
 [Unit]
 Description=SoftEther VPN Bridge
 After=network.target auditd.service
-ConditionPathExists=!/opt/vpnbridge/do_not_run
+ConditionPathExists=![DIRECTORY]/do_not_run
 
 [Service]
 Type=forking
-ExecStart=/opt/vpnbridge/vpnbridge start
-ExecStop=/opt/vpnbridge/vpnbridge stop
+EnvironmentFile=-[DIRECTORY]
+ExecStart=[BINARY] start
+ExecStop=[BINARY] stop
 KillMode=process
 Restart=on-failure
 
@@ -15,9 +16,8 @@ PrivateTmp=yes
 ProtectHome=yes
 ProtectSystem=full
 ReadOnlyDirectories=/
-ReadWriteDirectories=-/opt/vpnbridge
+ReadWriteDirectories=-[DIRECTORY]
 CapabilityBoundingSet=CAP_NET_ADMIN CAP_NET_BIND_SERVICE CAP_NET_BROADCAST CAP_NET_RAW CAP_SYS_NICE CAP_SYS_ADMIN CAP_SETUID
 
 [Install]
 WantedBy=multi-user.target
-
diff --git a/systemd/softether-vpnclient.service b/systemd/softether-vpnclient.service
index 1e9dbd0e..780475d1 100644
--- a/systemd/softether-vpnclient.service
+++ b/systemd/softether-vpnclient.service
@@ -1,13 +1,13 @@
 [Unit]
 Description=SoftEther VPN Client
 After=network.target auditd.service
-ConditionPathExists=!/opt/vpnclient/do_not_run
+ConditionPathExists=![DIRECTORY]/do_not_run
 
 [Service]
 Type=forking
-EnvironmentFile=-/opt/vpnclient
-ExecStart=/opt/vpnclient/vpnclient start
-ExecStop=/opt/vpnclient/vpnclient stop
+EnvironmentFile=-[DIRECTORY]
+ExecStart=[BINARY] start
+ExecStop=[BINARY] stop
 KillMode=process
 Restart=on-failure
 
@@ -16,10 +16,8 @@ PrivateTmp=yes
 ProtectHome=yes
 ProtectSystem=full
 ReadOnlyDirectories=/
-ReadWriteDirectories=-/opt/vpnclient
+ReadWriteDirectories=-[DIRECTORY]
 CapabilityBoundingSet=CAP_NET_ADMIN CAP_NET_BIND_SERVICE CAP_NET_BROADCAST CAP_NET_RAW CAP_SYS_NICE CAP_SYS_ADMIN CAP_SETUID
 
 [Install]
 WantedBy=multi-user.target
-
-
diff --git a/systemd/softether-vpnserver.service b/systemd/softether-vpnserver.service
index 951b13db..c35e02bd 100644
--- a/systemd/softether-vpnserver.service
+++ b/systemd/softether-vpnserver.service
@@ -1,13 +1,13 @@
 [Unit]
 Description=SoftEther VPN Server
 After=network.target auditd.service
-ConditionPathExists=!/opt/vpnserver/do_not_run
+ConditionPathExists=![DIRECTORY]/do_not_run
 
 [Service]
 Type=forking
-EnvironmentFile=-/opt/vpnserver
-ExecStart=/opt/vpnserver/vpnserver start
-ExecStop=/opt/vpnserver/vpnserver stop
+EnvironmentFile=-[DIRECTORY]
+ExecStart=[BINARY] start
+ExecStop=[BINARY] stop
 KillMode=process
 Restart=on-failure
 
@@ -16,10 +16,8 @@ PrivateTmp=yes
 ProtectHome=yes
 ProtectSystem=full
 ReadOnlyDirectories=/
-ReadWriteDirectories=-/opt/vpnserver
+ReadWriteDirectories=-[DIRECTORY]
 CapabilityBoundingSet=CAP_NET_ADMIN CAP_NET_BIND_SERVICE CAP_NET_BROADCAST CAP_NET_RAW CAP_SYS_NICE CAP_SYS_ADMIN CAP_SETUID
 
 [Install]
 WantedBy=multi-user.target
-
-