#!/bin/sh

### BEGIN INIT INFO
# Provides:        api-gateway
# Required-Start:  $network $remote_fs
# Required-Stop:   $network $remote_fs
# Default-Start:   2 3 4 5
# Default-Stop:    0 1 6
# Short-Description: Start API Gateway
### END INIT INFO

PATH=/sbin:/bin:/usr/sbin:/usr/bin

. /lib/lsb/init-functions

DAEMON=/usr/sbin/api-gateway
API_PIDFILE=${API_PIDFILE:-/var/run/api-gateway.pid}
PIDFILE=${API_PIDFILE}

test -x $DAEMON || test -h $DAEMON || exit 5

if [ -r /etc/default/api-gateway ]; then
        . /etc/default/api-gateway
        
        export API_LIB API_CONFIG
        export API_LOGDIR
        export API_REDIRECTOR_PORT API_PROXY_PORT
        export API_USER API_GROUP
        export API_KEY API_CERT
        export API_PIDFILE
        export API_CA_LIST=

        API_KEY=${API_KEY:-/etc/ssl/private/server.key}
        API_CERT=${API_CERT:-/etc/ssl/certs/server.pem}

        # node's HTTPS library cannot use a regular CA path; it needs
        # an explicit list of CA certs, so we generate one here
        # using the cert identified by $API_CERT as a starting point
        
        if [ "${API_CA_LIST}" = "" ]; then
                issuer_hash=`openssl x509 -issuer_hash -noout -in ${API_CERT}`
                subject_hash=

                while [ "${issuer_hash}" != "${subject_hash}" ]; do
                        ca_cert=`ls -1t /etc/ssl/certs/${issuer_hash}.* 2>/dev/null | head -1`
                        if [ -z "$ca_cert" ]; then
                              echo "Failed to find certificate with hash ${issuer_hash}"
                              exit 1
                        fi
                  
                        API_CA_LIST=${API_CA_LIST:+${API_CA_LIST},}${ca_cert}
                        subject_hash=`openssl x509 -subject_hash -noout -in ${ca_cert}`
                        issuer_hash=`openssl x509 -issuer_hash -noout -in ${ca_cert}`
                done
        fi
fi

LOCKFILE=/var/lock/api-gateway

case $1 in
        start)
                log_daemon_msg "Starting API Gateway" "api-gateway"
                start-stop-daemon --start -b --quiet --oknodo --pidfile $PIDFILE --startas $DAEMON
                status=$?
                log_end_msg $status
                ;;
        stop)
                log_daemon_msg "Stopping API GATEWAY" "api-gateway"
                start-stop-daemon --stop --quiet --oknodo --pidfile $PIDFILE
                log_end_msg $?
                rm -f $PIDFILE
                ;;
        restart|force-reload)
                $0 stop && sleep 2 && $0 start
                ;;
        try-restart)
                if $0 status >/dev/null; then
                        $0 restart
                else
                        exit 0
                fi
                ;;
        reload)
                exit 3
                ;;
        status)
                status_of_proc $DAEMON "API Gateway"
                ;;
        *)
                echo "Usage: $0 {start|stop|restart|try-restart|force-reload|status}"
                exit 2
                ;;
esac
