From 99b4fb9da6c9d0172d9fd7455313daebd06d1ee6 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Lauri=20V=C3=B5sandi?= <lauri@pinecrypt.com>
Date: Wed, 2 Jun 2021 15:36:28 +0300
Subject: [PATCH] Initial commit

---
 Dockerfile        |  8 ++++++++
 entrypoint.sh     |  6 ++++++
 helpers/updown.py | 14 ++++++++++++++
 3 files changed, 28 insertions(+)
 create mode 100644 Dockerfile
 create mode 100755 entrypoint.sh
 create mode 100755 helpers/updown.py

diff --git a/Dockerfile b/Dockerfile
new file mode 100644
index 0000000..7c7418a
--- /dev/null
+++ b/Dockerfile
@@ -0,0 +1,8 @@
+FROM python:3-alpine
+RUN apk add --update --no-cache strongswan curl
+RUN pip install requests
+RUN rm /etc/ipsec.conf && ln -s /server-secrets/ipsec.conf /etc/ipsec.conf
+RUN rm /etc/ipsec.secrets && ln -s /server-secrets/ipsec.secrets /etc/ipsec.secrets
+ADD helpers /helpers
+ADD entrypoint.sh /entrypoint.sh
+ENTRYPOINT /entrypoint.sh
diff --git a/entrypoint.sh b/entrypoint.sh
new file mode 100755
index 0000000..3a19578
--- /dev/null
+++ b/entrypoint.sh
@@ -0,0 +1,6 @@
+#!/bin/sh
+while [ ! -e $1 ]; do
+  sleep 1
+done
+curl -X DELETE http://127.0.0.1:2001/api/by-service/strongswan
+ipsec start --nofork
diff --git a/helpers/updown.py b/helpers/updown.py
new file mode 100755
index 0000000..2d01ef5
--- /dev/null
+++ b/helpers/updown.py
@@ -0,0 +1,14 @@
+#!/usr/bin/env python
+import requests
+import os
+
+# TODO: Replace with simple shell script and drop Python
+url = "http://127.0.0.1:2001/api/by-dn/%s" % os.environ["PLUTO_PEER_ID"]
+for key, value in os.environ.items():
+    if key.startswith("PLUTO_PEER_SOURCEIP"):
+        requests.post(url, data={
+            "service": "strongswan",
+            "internal_addr": value,
+            "remote_addr": os.environ["PLUTO_PEER"],
+            "remote_port": 0
+        })