rewrite post-merge to auto-generate tinc config

scripts/post-merge

@@ -1,10 +1,57 @@
 #!/bin/bash
 
-# post-merge hook für Debian um tinc zu reloaden
+# post-merge hook for Debian systems
+#
+# 1. copy to .git/hooks
+# 2. to test run "git pull -q"
+# 3. create cronjob, which runs "git pull -q" in your ${icvpn} dir
 #
-# 1. nach .git/hooks kopieren
-# 2. git pull -q ausführen zum testen
-# 3. cronjob erstellen, der git pull -q im richtigen
-#    Verzeichnis ausführt
 
-/etc/init.d/tinc reload icvpn
+icvpndir=/etc/tinc/icvpn/
+tinccfg=tinc.conf
+export icvpndir tinccfg
+
+PATH="/sbin:/bin:/usr/sbin:/usr/bin"
+tmpfile=$(mktemp)
+export PATH tmpfile
+
+# get changed files
+changed_files="$(git diff-tree -r --name-only --no-commit-id ORIG_HEAD HEAD)"
+
+# run $2 if $1 matches changed files
+check_run() {
+	echo "$changed_files" | grep --quiet "$1" && eval "$2"
+}
+
+# generate ${tinccfg}
+gen_conf() {
+	test -w ${icvpndir}/${tinccfg} || \
+		{ echo "ERR: ${tinccfg} (${icvpndir}/${tinccfg}) is not writeable, exiting." >&2; exit 1; }
+
+	# remove all ConnectTo Statements
+	grep -v 'ConnectTo' ${icvpndir}/${tinccfg} > ${tmpfile}
+	# add ConnectTo Statements for all hosts
+	for host in ${icvpndir}/hosts/[a-zA-Z]*; do
+		echo "ConnectTo = ${host##*/}" >> ${tmpfile}
+	done
+
+	test -s ${tmpfile} || \
+		{ echo "ERR: generated config was empty, zeh sky is falling, exiting." >&2; exit 2; }
+
+	num_connectto=$(grep -s ConnectTo ${tmpfile} | wc -l)
+	[ ${num_connectto} -gt 20 ] || \
+		{ echo "ERR: generated config has ${num_connectto} <= 20 ConnectTo lines, safety 1st, exiting." >&2; exit 30; }
+	num_all=$(cat ${tmpfile} | wc -l)
+	[ ${num_all} -gt 25 ] || \
+		{ echo "ERR: generated config has ${num_all} <= 25 lines, safety 1st, exiting." >&2; exit 31; }
+
+	cp -f ${icvpndir}/${tinccfg} ${icvpndir}/${tinccfg}.old
+	cat ${tmpfile} > ${icvpndir}/${tinccfg}
+
+	invoke-rc.d tinc reload icvpn
+}
+
+check_run hosts/[a-zA-Z] gen_conf
+
+rm -f ${tmpfile}
+exit 0