34c8c5
diff -up ./contrib/systemd/cjdns-loadmodules.service.sbin ./contrib/systemd/cjdns-loadmodules.service
da4d7b
--- ./contrib/systemd/cjdns-loadmodules.service.sbin	2017-01-13 21:43:05.413731242 -0500
da4d7b
+++ ./contrib/systemd/cjdns-loadmodules.service	2017-01-13 21:43:05.413731242 -0500
34c8c5
@@ -0,0 +1,13 @@
34c8c5
+[Unit]
34c8c5
+Description=Load cjdns kernel modules
34c8c5
+# Load kernel modules needed by cjdns so that it doesn't need the privilege
34c8c5
+Before=cjdns.service
34c8c5
+# Do not try to load modules in containers like openvz
34c8c5
+ConditionVirtualization=!container
34c8c5
+
34c8c5
+[Service]
34c8c5
+Type=oneshot
34c8c5
+ExecStart=/usr/sbin/modprobe tun
34c8c5
+
34c8c5
+[Install]
34c8c5
+WantedBy=multi-user.target
2f8dfd
diff -up ./contrib/systemd/cjdns-online.sh.sbin ./contrib/systemd/cjdns-online.sh
da4d7b
--- ./contrib/systemd/cjdns-online.sh.sbin	2017-01-13 21:43:05.414731254 -0500
da4d7b
+++ ./contrib/systemd/cjdns-online.sh	2017-01-13 21:43:05.414731254 -0500
a92f07
@@ -0,0 +1,90 @@
2f8dfd
+#!/bin/sh
2f8dfd
+#   Check whether cjdns IPs are available
2f8dfd
+#   Copyright (C) 2016  Stuart D. Gathman <stuart@gathman.org>
2f8dfd
+#
2f8dfd
+#   This program is free software: you can redistribute it and/or modify
2f8dfd
+#   it under the terms of the GNU General Public License as published by
2f8dfd
+#   the Free Software Foundation, either version 3 of the License, or
2f8dfd
+#   (at your option) any later version.
2f8dfd
+#
2f8dfd
+#   This program is distributed in the hope that it will be useful,
2f8dfd
+#   but WITHOUT ANY WARRANTY; without even the implied warranty of
2f8dfd
+#   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
2f8dfd
+#   GNU General Public License for more details.
2f8dfd
+#
2f8dfd
+#   You should have received a copy of the GNU General Public License
2f8dfd
+#   along with this program.  If not, see <http://www.gnu.org/licenses/>.
2f8dfd
+
2f8dfd
+cjdns_ips() {
2f8dfd
+  ip -6 -o addr | while read i dev fam ip rem; do
2f8dfd
+    case "$ip" in
2f8dfd
+    fc*:*/8) echo "${ip%/8}";;
2f8dfd
+    esac
2f8dfd
+  done
2f8dfd
+}
2f8dfd
+
a92f07
+cjdns_dev() {
a92f07
+  ip -6 -o addr | while read i dev fam ip rem; do
a92f07
+    case "$ip" in
a92f07
+    fc*:*/8) echo "${dev}";;
a92f07
+    esac
a92f07
+  done
a92f07
+}
a92f07
+
2f8dfd
+die() {
2f8dfd
+  echo "$1" >&2
2f8dfd
+  exit 1
2f8dfd
+}
2f8dfd
+
2f8dfd
+PROGRAM_NAME="/usr/bin/cjdns-online"
2f8dfd
+
a92f07
+ARGS=$(getopt -n $PROGRAM_NAME -o t:xiqsh \
a92f07
+	--long timeout:,exit,interface,quiet,wait-for-startup,help -- "$@")
2f8dfd
+
2f8dfd
+# Die if they fat finger arguments, this program may be run as root
2f8dfd
+[ $? = 0 ] || die "Error parsing arguments. Try $PROGRAM_NAME --help"
2f8dfd
+
2f8dfd
+help() {
2f8dfd
+        cat <
2f8dfd
+Usage: $PROGRAM_NAME [options]
2f8dfd
+        -t, --timeout <timeout_value>	time to wait in seconds, default 30
a92f07
+        -i, --interface 	output interface name instead of ip
2f8dfd
+        -x, --exit		exit immediately if cjdns is not online
2f8dfd
+        -q, --quiet		don't print anything
2f8dfd
+        -s, --wait-for-startup	wait for full startup instead of just tun dev
2f8dfd
+EOH
2f8dfd
+        exit 2
2f8dfd
+}
2f8dfd
+
2f8dfd
+let timeout="30"
2f8dfd
+let nowait="0"
2f8dfd
+let quiet="0"
2f8dfd
+let startup="0"
a92f07
+let interface="0"
2f8dfd
+
2f8dfd
+eval set -- "$ARGS"
2f8dfd
+while true; do
2f8dfd
+  case "$1" in
2f8dfd
+    -t|--timeout)	   let timeout="$2" || help; shift 2; continue;;
a92f07
+    -i|--interface)	   let interface="1"; shift;;
2f8dfd
+    -x|--exit)		   let nowait="1"; shift;;
2f8dfd
+    -q|--quiet)		   let quiet="1"; shift;;
2f8dfd
+    -s|--wait-for-startup) let startup="1"; shift;;
2f8dfd
+    --) shift; break;;
2f8dfd
+    *)	help;;
2f8dfd
+  esac
2f8dfd
+done
2f8dfd
+
2f8dfd
+let started="$(date +%s)"
2f8dfd
+while test -z "$(cjdns_ips)"; do
2f8dfd
+  let elapsed="$(date +%s) - $started"
2f8dfd
+  [ $elapsed -gt $timeout ] && exit 1
2f8dfd
+  sleep 2
2f8dfd
+done
2f8dfd
+if [ "$quiet" -eq 0 ]; then
a92f07
+  if [ "$interface" -eq 0 ]; then
a92f07
+    cjdns_ips
a92f07
+  else
a92f07
+    cjdns_dev
a92f07
+  fi
2f8dfd
+fi
2f8dfd
diff -up ./contrib/systemd/cjdns-wait-online.service.sbin ./contrib/systemd/cjdns-wait-online.service
da4d7b
--- ./contrib/systemd/cjdns-wait-online.service.sbin	2017-01-13 21:43:05.414731254 -0500
da4d7b
+++ ./contrib/systemd/cjdns-wait-online.service	2017-01-13 21:43:05.414731254 -0500
2f8dfd
@@ -0,0 +1,13 @@
2f8dfd
+[Unit]
2f8dfd
+Description=CJDNS Wait Online
2f8dfd
+Requisite=cjdns.service
2f8dfd
+After=cjdns.service
2f8dfd
+Wants=network.target
2f8dfd
+Before=network-online.target
2f8dfd
+
2f8dfd
+[Service]
2f8dfd
+Type=oneshot
2f8dfd
+ExecStart=/usr/bin/cjdns-online -s -q --timeout=30
2f8dfd
+
2f8dfd
+[Install]
2f8dfd
+WantedBy=multi-user.target
2f8dfd
diff -up ./contrib/upstart/cjdns.conf.sbin ./contrib/upstart/cjdns.conf
da4d7b
--- ./contrib/upstart/cjdns.conf.sbin	2016-10-11 17:39:44.000000000 -0400
da4d7b
+++ ./contrib/upstart/cjdns.conf	2017-01-13 21:45:35.268491363 -0500
8431b6
@@ -13,10 +13,16 @@ pre-start script
2f8dfd
     if ! [ -s /etc/cjdroute.conf ]; then
2f8dfd
         ( # start a subshell to avoid side effects of umask later on
2f8dfd
             umask 077 # to create the file with 600 permissions without races
2f8dfd
-            /usr/bin/cjdroute --genconf > /etc/cjdroute.conf
2f8dfd
+	    # use cat because cjdroute can't write directly to /etc
2f8dfd
+            /usr/sbin/cjdroute --genconf | cat > /etc/cjdroute.conf
2f8dfd
         ) # exit subshell; umask no longer applies
2f8dfd
         echo 'WARNING: A new cjdns cjdroute.conf file has been generated.'
2f8dfd
     fi
2f8dfd
+    # preload tun driver, since we prevent module_request
8431b6
+    case $(wc -c /proc/modules) in
8431b6
+    0*) ;;
8431b6
+    *) /sbin/modprobe tun;;
8431b6
+    esac
2f8dfd
 
2f8dfd
     # If you need a non-standard setup, as described in
2f8dfd
     # https://github.com/cjdelisle/cjdns#non-standard-setups,
da4d7b
@@ -25,4 +31,10 @@ pre-start script
2f8dfd
     # see http://upstart.ubuntu.com/cookbook/#setuid
2f8dfd
 end script
2f8dfd
 
2f8dfd
-exec /usr/bin/cjdroute --nobg < /etc/cjdroute.conf
da4d7b
+script
da4d7b
+  exec /usr/sbin/cjdroute --nobg < /etc/cjdroute.conf
da4d7b
+end script
da4d7b
+
da4d7b
+post-start script
da4d7b
+  . /usr/libexec/cjdns/cjdns-up
da4d7b
+end script