#!/bin/sh

add_redsocks_user() {
  getent group redsocks &>/dev/null || groupadd -r redsocks >/dev/null
  getent passwd redsocks &>/dev/null || useradd -r -g redsocks -d / -s /bin/false -c redsocks redsocks >/dev/null
  systemd-tmpfiles --create redsocks2.conf
}

post_install_permission () {
	setcap cap_net_bind_service,cap_net_admin+ep usr/bin/redsocks2 2>/dev/null
}

post_install() {
  add_redsocks_user
  post_install_permission
  cat << EOF
To launch redsocks2:

1. Start an ssh tunnel on port 4711
2. Start the redsocks2 and iptables daemons:

    rc.d start redsocks2 iptables

3. Load the redsocks2 iptables rules:

    iptables-restore /etc/iptables/redsocks2.rules
EOF
}

post_upgrade() {
  add_redsocks_user
  post_install_permission
}

post_remove() {
  getent passwd redsocks &>/dev/null && userdel redsocks >/dev/null
  getent group redsocks &>/dev/null && groupdel redsocks >/dev/null
  true
}