#! /bin/sh

SOCKET_PATH=/var/run/wsl-vpnkit.sock
PIPE_PATH="//./pipe/wsl-vpnkit"

VPNKIT_PATH=${VPNKIT_PATH:-/mnt/c/bin/wsl-vpnkit.exe}
VPNKIT_NPIPERELAY_PATH=${VPNKIT_NPIPERELAY_PATH:-/mnt/c/bin/npiperelay.exe}
# VPNKIT_HTTP_CONFIG="C:/Users/user/AppData/Roaming/Docker/http_proxy.json"
# VPNKIT_GATEWAY_FORWARD_CONFIG="C:/Users/user/AppData/Roaming/Docker/gateway_forwards.json"
VPNKIT_BACKLOG="32"
VPNKIT_GATEWAY_IP="192.168.67.1"
VPNKIT_HOST_IP="192.168.67.2"
VPNKIT_LOWEST_IP="192.168.67.3"
VPNKIT_HIGHEST_IP="192.168.67.14"
VPNKIT_DEBUG=$VPNKIT_DEBUG

TAP_NAME=eth1

IP_ROUTE=
RESOLV_CONF=

relay () {
    socat UNIX-LISTEN:$SOCKET_PATH,fork,umask=007 EXEC:"$VPNKIT_NPIPERELAY_PATH -ep -s $PIPE_PATH",nofork
}

relay_wait () {
    echo "waiting for $SOCKET_PATH ..."
    while [ ! -S "$SOCKET_PATH" ]; do
        sleep 0.1
    done
    echo "found $SOCKET_PATH"
}

vpnkit () {
    WIN_PIPE_PATH=$(echo $PIPE_PATH | sed -e "s:/:\\\:g")
    CMD='"$VPNKIT_PATH" \
        --ethernet $WIN_PIPE_PATH \
        --listen-backlog $VPNKIT_BACKLOG \
        --gateway-ip $VPNKIT_GATEWAY_IP \
        --host-ip $VPNKIT_HOST_IP \
        --lowest-ip $VPNKIT_LOWEST_IP \
        --highest-ip $VPNKIT_HIGHEST_IP \
    '
    if [ "$VPNKIT_HTTP_CONFIG" ]; then
        CMD="$CMD"' --http "$VPNKIT_HTTP_CONFIG"'
    fi
    if [ "$VPNKIT_GATEWAY_FORWARD_CONFIG" ]; then
        CMD="$CMD"' --gateway-forwards "$VPNKIT_GATEWAY_FORWARD_CONFIG"'
    fi
    if [ "$VPNKIT_DEBUG" ]; then
        CMD="$CMD"' --debug'
    fi
    eval "$CMD"
}

tap () {
    vpnkit-tap-vsockd --tap $TAP_NAME --path $SOCKET_PATH
}

tap_wait () {
    echo "waiting for $TAP_NAME ..."
    while [ ! -e "/sys/class/net/$TAP_NAME" ]; do
        sleep 0.1
    done
    echo "found $TAP_NAME"
}

ipconfig () {
    ip a add $VPNKIT_LOWEST_IP/255.255.255.0 dev $TAP_NAME
    ip link set dev $TAP_NAME up
    IP_ROUTE=$(ip route | grep default)
    ip route del $IP_ROUTE
    ip route add default via $VPNKIT_GATEWAY_IP dev $TAP_NAME
    RESOLV_CONF=$(cat /etc/resolv.conf)
    echo "nameserver $VPNKIT_GATEWAY_IP" > /etc/resolv.conf
}

close () {
    ip link set dev $TAP_NAME down
    ip route add $IP_ROUTE
    echo "$RESOLV_CONF" > /etc/resolv.conf
    kill 0
}

if [ ${EUID:-$(id -u)} -ne 0 ]; then
    echo "Please run this script as root"
    exit 1
fi

relay &
relay_wait
vpnkit &
sleep 1
tap &
tap_wait
ipconfig
trap close exit
trap exit int term
wait