#!/sbin/openrc-run

name=kanidmd
command="/usr/bin/kanidmd"
command_args="server -c /etc/kanidm/server.toml"
command_user="kanidmd:kanidmd"
command_background=true
pidfile="/run/$RC_SVCNAME.pid"

depend() {
	need net
	after firewall
}

start_pre() {
	checkpath --directory --owner $command_user --mode 0775 \
		/run/$RC_SVCNAME

	if ! [ -e /var/lib/kanidm/chain.pem ]; then
		eerror "Certificate /var/lib/kanidm/chain.pem doesn't exist."
		eerror "You can generate a self-signed certificate with"
		eerror "	kanidmd cert-generate -c /etc/kanidm/server.toml"
		return 1
	fi
}
