#!/bin/bash

SSH_IHM_SERVER=dni@preprod.matelex.info
SSH_IHM_PRIV_CERT=/etc/ssh/ssh_host_rsa_key
SSH_IHM_LOC_SOCKET=ihm80-ssh.XXXX
SSH_IHM_LOC_SOCKET1=ihm8000-ssh.XXXX
SSH_IHM_LOC_PORT=80
SSH_IHM_LOC_PORT1=8000
SSH_IHM_REM_PORT=18080
SSH_IHM_REM_PORT1=18000


# Start SSH-VPN
vpnihm8000_start()
{
        echo "Start IHM-8000-VPN to server ${SSH_IHM_SERVER}"
        # Check if IHM_IHM_LOC_SOCKET exist
	if [ -f "$(/usr/bin/find /tmp -type f -iname 'ihm8000-vpn.*')" ]
	    then
	        echo "The IHM-8000-VPN (${SSH_IHM_LOC_SOCKET1}) is already open, please STOP before"
	        exit 1
	fi

        # Start VPN
        /usr/bin/mktemp -t "${SSH_IHM_LOC_SOCKET1}"
        /usr/bin/ssh -f -M -S ${SSH_IHM_LOC_SOCKET1} -i ${SSH_IHM_PRIV_CERT} -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no -o ServerAliveInterval=60 -o ExitOnForwardFailure=yes -R ${SSH_IHM_REM_PORT1}:localhost:${SSH_IHM_LOC_PORT1} -N ${SSH_IHM_SERVER}
}

vpnihm80_start()
{
        echo "Start IHM-80-VPN to server ${SSH_IHM_SERVER}"
        # Check if IHM_IHM_LOC_SOCKET exist
	if [ -f "$(/usr/bin/find /tmp -type f -iname 'ihm80-vpn.*')" ]
	    then
	        echo "The IHM-80-VPN (${SSH_IHM_LOC_SOCKET}) is already open, please STOP before"
	        exit 1
	fi

        # Start VPN
        /usr/bin/mktemp -t "${SSH_IHM_LOC_SOCKET}"
        /usr/bin/ssh -f -M -S ${SSH_IHM_LOC_SOCKET} -i ${SSH_IHM_PRIV_CERT} -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no -o ServerAliveInterval=60 -o ExitOnForwardFailure=yes -R ${SSH_IHM_REM_PORT}:localhost:${SSH_IHM_LOC_PORT} -N ${SSH_IHM_SERVER}
}

# Stop IHM-VPN
vpnihm8000_stop()
{
        echo "Stop IHM-8000-VPN"
        /usr/bin/ssh -S ${SSH_IHM_LOC_SOCKET1} -O exit ${SSH_IHM_SERVER}
	/usr/bin/rm /tmp/ihm8000-ssh.*
}

vpnihm80_stop()
{
        echo "Stop IHM-80-VPN"
        /usr/bin/ssh -S ${SSH_IHM_LOC_SOCKET} -O exit ${SSH_IHM_SERVER}
	/usr/bin/rm /tmp/ihm80-ssh.*
}

# Status IHM-VPN
vpnihm8000_status()
{
        echo "IHM-8000-VPN Status"
        /usr/bin/ssh -S ${SSH_IHM_LOC_SOCKET1} -O check ${SSH_IHM_SERVER}
}

vpnihm80_status()
{
        echo "IHM-80-VPN Status"
        /usr/bin/ssh -S ${SSH_IHM_LOC_SOCKET} -O check ${SSH_IHM_SERVER}
}


###########################
#  Execution starts here  #
###########################
if [ $# -lt 1 ]; then
    echo "This script creates an IHM VPN tunnel to server ${SSH_IHM_SERVER} to forward ports 80 and 8000"
    echo "Usage: $0 start80|stop80|restart80|status80|start8000|stop8000|restart8000|status8000|startall|stopall"
    exit 1
fi

case $1 in
start8000)
        vpnihm8000_start
        ;;
stop8000)
        vpnihm8000_stop
        ;;
restart8000)
        vpnihm8000_stop
        vpnihm8000_start
        ;;
status8000)
        vpnihm8000_status
        ;;
start80)
        vpnihm80_start
        ;;
stop80)
        vpnihm80_stop
        ;;
restart80)
        vpnihm80_stop
        vpnihm80_start
        ;;
status80)
        vpnihm80_status
        ;;
startall)
        vpnihm80_start
        vpnihm8000_start
        ;;
stopall)
        vpnihm80_stop
        vpnihm8000_stop
        ;;
esac

exit 0
