feat: Add complete init system for wsssht tunnel setup tool

- Create wsssht.init init script by copying and modifying wssshc.init - Add wsssht logrotate script for log management - Create wsssht systemd service file for systemd integration - Implement wsssht-watchdog script for process monitoring and restart - Add /etc/default/wsssht configuration file - Update debian/rules to include wsssht init files in package - Modify debian/postinst to create wsssht user/group and setup init system - Enable both sysv init and systemd service integration - Configure proper permissions and ownership for wsssht daemon

feat: Add complete init system for wsssht tunnel setup tool
- Create wsssht.init init script by copying and modifying wssshc.init - Add wsssht logrotate script for log management - Create wsssht systemd service file for systemd integration - Implement wsssht-watchdog script for process monitoring and restart - Add /etc/default/wsssht configuration file - Update debian/rules to include wsssht init files in package - Modify debian/postinst to create wsssht user/group and setup init system - Enable both sysv init and systemd service integration - Configure proper permissions and ownership for wsssht daemon
9e3c9377 · Stefy Lanza (nextime / spora ) · 388bad08 · 9e3c9377 · 9e3c9377 · 9e3c9377
Commit 9e3c9377 authored Sep 19, 2025 by Stefy Lanza (nextime / spora )
7 changed files
--- a/wsssht.init
+++ b/wsssht.init
+#!/bin/bash
+#
+# wsssht        Startup script for WSSSH Tunnel Setup Tool
+#
+# chkconfig: 345 85 15
+# description: WSSSH Tunnel Setup Tool - Creates WebSocket tunnels for manual connections
+# processname: wsssht
+# pidfile: /var/run/wsssht.pid
+### BEGIN INIT INFO
+# Provides: wsssht
+# Required-Start: $local_fs $network $syslog
+# Required-Stop: $local_fs $network $syslog
+# Default-Start: 3 4 5
+# Default-Stop: 0 1 2 6
+# Short-Description: WSSSH Tunnel Setup Tool
+# Description: WSSSH Tunnel Setup Tool creates WebSocket tunnels for manual connections
+### END INIT INFO
+# Source function library (Debian/Ubuntu)
+. /lib/lsb/init-functions
+# Configuration
+NAME="wsssht"
+DAEMON="/usr/bin/wsssht"
+WATCHDOG="/usr/sbin/wsssht-watchdog"
+PIDFILE="/var/run/wsssht.pid"
+WATCHDOG_PIDFILE="/var/run/wsssht-watchdog.pid"
+DEFAULT_FILE="/etc/default/wsssht"
+CONFIG_SYSTEM="/etc/wsssht.conf"
+CONFIG_USER="$HOME/.config/wsssh/wsssht.conf"
+LOG_FACILITY="daemon"
+USER="wsssht"
+GROUP="wsssht"
+# Check if we're running as root
+if [ $(id -u) != 0 ]; then
+    echo "Error: This script must be run as root"
+    exit 1
+fi
+# Function to check if START is enabled in /etc/default/wsssht
+check_start_enabled() {
+    if [ ! -f "$DEFAULT_FILE" ]; then
+        echo "Configuration file $DEFAULT_FILE not found"
+        return 1
+    fi
+    # Read the START variable
+    START_VALUE=$(grep -E "^START=" "$DEFAULT_FILE" | cut -d'=' -f2 | tr -d '[:space:]')
+    if [ -z "$START_VALUE" ]; then
+        echo "START variable not found in $DEFAULT_FILE"
+        return 1
+    fi
+    # Check if START is set to a positive value
+    case "$START_VALUE" in
+        [Yy]|[Yy][Ee][Ss]|[Tt][Rr][Uu][Ee]|1)
+            return 0
+            ;;
+        *)
+            echo "START is set to '$START_VALUE', service will not start"
+            return 1
+            ;;
+    esac
+}
+# Function to find configuration file
+find_config_file() {
+    # Check system config first
+    if [ -f "$CONFIG_SYSTEM" ]; then
+        echo "$CONFIG_SYSTEM"
+        return 0
+    fi
+    # Check user config (run as wsssht user to get correct HOME)
+    if su - "$USER" -c "[ -f '$CONFIG_USER' ]" 2>/dev/null; then
+        echo "$CONFIG_USER"
+        return 0
+    fi
+    echo "No configuration file found"
+    return 1
+}
+# Function to check if process is running
+is_running() {
+    if [ -f "$PIDFILE" ]; then
+        local pid=$(cat "$PIDFILE")
+        if [ -d "/proc/$pid" ]; then
+            return 0
+        else
+            # Stale PID file
+            rm -f "$PIDFILE"
+            return 1
+        fi
+    fi
+    return 1
+}
+# Function to start the daemon
+start() {
+    echo -n "Starting $NAME: "
+    # Check if daemon is already running
+    if is_running; then
+        local pid=$(cat "$PIDFILE")
+        echo "already running (PID: $pid)"
+        return 0
+    fi
+    # Check if START is enabled
+    if ! check_start_enabled; then
+        echo "disabled in $DEFAULT_FILE"
+        echo "To enable $NAME, set START=Y in $DEFAULT_FILE"
+        return 1
+    fi
+    # Find configuration file
+    CONFIG_FILE=$(find_config_file)
+    if [ $? -ne 0 ]; then
+        echo "configuration file not found"
+        echo "Please create a configuration file:"
+        echo "  System-wide: $CONFIG_SYSTEM"
+        echo "  User-specific: $CONFIG_USER"
+        echo "You can use the example configuration as a template:"
+        echo "  cp /usr/share/wsssh/wsssht.conf.example $CONFIG_SYSTEM"
+        return 1
+    fi
+    # Check if daemon executable exists
+    if [ ! -x "$DAEMON" ]; then
+        echo "daemon executable $DAEMON not found or not executable"
+        return 1
+    fi
+    # Create necessary directories
+    mkdir -p /var/run /var/log/wsssht
+    chown $USER:$GROUP /var/run /var/log/wsssht 2>/dev/null || true
+    # Start the daemon directly
+    echo "Starting daemon..."
+    if "$DAEMON" >> /var/log/wsssht/wsssht.log 2>&1 &
+    then
+        echo $! > "$PIDFILE"
+        echo "Daemon started successfully"
+    else
+        echo "FAILED"
+        echo "Could not start daemon"
+        return 1
+    fi
+    # Wait for daemon to be fully running
+    local count=0
+    while [ $count -lt 10 ] && ! is_running; do
+        echo "Waiting for daemon to start... ($count/10)"
+        sleep 1
+        count=$((count + 1))
+    done
+    if is_running; then
+        local pid=$(cat "$PIDFILE")
+        echo "Daemon is running (PID: $pid)"
+        # Stop any existing watchdog before starting a new one
+        if [ -f "$WATCHDOG_PIDFILE" ] || pgrep -f "wsssht-watchdog" >/dev/null 2>&1; then
+            echo "Stopping existing watchdog..."
+            $WATCHDOG stop >/dev/null 2>&1
+            sleep 2
+        fi
+        # Now start the watchdog to monitor the running daemon
+        echo "Starting watchdog..."
+        if [ -x "$WATCHDOG" ]; then
+            $WATCHDOG start >/dev/null 2>&1
+            # Wait for watchdog PID file to be created (max 5 seconds)
+            local count=0
+            while [ $count -lt 10 ] && [ ! -f "$WATCHDOG_PIDFILE" ]; do
+                sleep 0.5
+                count=$((count + 1))
+            done
+            if [ -f "$WATCHDOG_PIDFILE" ]; then
+                watchdog_pid=$(cat "$WATCHDOG_PIDFILE" 2>/dev/null)
+                if [ -n "$watchdog_pid" ] && kill -0 "$watchdog_pid" 2>/dev/null; then
+                    echo "OK"
+                    return 0
+                else
+                    echo "OK (daemon running, watchdog process not responding)"
+                    return 0
+                fi
+            else
+                echo "OK (daemon running, watchdog PID file not found)"
+                return 0
+            fi
+        else
+            echo "OK (daemon running, no watchdog available)"
+            return 0
+        fi
+    else
+        echo "FAILED"
+        echo "Daemon failed to start properly"
+        return 1
+    fi
+}
+# Function to stop the daemon
+stop() {
+    echo -n "Stopping $NAME: "
+    # First, try to stop the watchdog if it's running
+    if [ -f "$WATCHDOG_PIDFILE" ]; then
+        echo "Stopping watchdog..."
+        $WATCHDOG stop >/dev/null 2>&1
+        sleep 2
+    fi
+    # Check if daemon is running via PID file
+    if is_running; then
+        echo "Stopping daemon via PID file..."
+        local pid=$(cat "$PIDFILE")
+        # Try to stop gracefully first
+        kill -TERM "$pid" 2>/dev/null
+        sleep 2
+        # Check if it's still running
+        if kill -0 "$pid" 2>/dev/null; then
+            # Force kill if still running
+            kill -KILL "$pid" 2>/dev/null
+            sleep 1
+        fi
+    fi
+    # Also kill any wsssht processes that might be running (regardless of PID file)
+    echo "Ensuring all wsssht processes are stopped..."
+    pkill -TERM -f "^/usr/bin/wsssht" 2>/dev/null || true
+    sleep 2
+    pkill -KILL -f "^/usr/bin/wsssht" 2>/dev/null || true
+    # Clean up PID files
+    rm -f "$PIDFILE" "$WATCHDOG_PIDFILE"
+    # Final check
+    if is_running; then
+        echo "FAILED"
+        return 1
+    else
+        echo "OK"
+        return 0
+    fi
+}
+# Function to restart the daemon
+restart() {
+    stop
+    sleep 2
+    start
+}
+# Function to check status
+status() {
+    # Check watchdog status
+    if [ -f "$WATCHDOG_PIDFILE" ]; then
+        local watchdog_pid=$(cat "$WATCHDOG_PIDFILE")
+        if kill -0 "$watchdog_pid" 2>/dev/null; then
+            echo "Watchdog is running (PID: $watchdog_pid)"
+        else
+            echo "Watchdog PID file exists but process is not running"
+            rm -f "$WATCHDOG_PIDFILE"
+        fi
+    else
+        echo "Watchdog is not running"
+    fi
+    # Check daemon status
+    if is_running; then
+        local pid=$(cat "$PIDFILE")
+        echo "$NAME daemon is running (PID: $pid)"
+        return 0
+    else
+        echo "$NAME daemon is not running"
+        return 3
+    fi
+}
+# Function to reload configuration
+reload() {
+    echo -n "Reloading $NAME configuration: "
+    if ! is_running; then
+        echo "not running"
+        return 1
+    fi
+    local pid=$(cat "$PIDFILE")
+    kill -HUP $pid 2>/dev/null
+    if [ $? -eq 0 ]; then
+        echo "OK"
+        return 0
+    else
+        echo "FAILED"
+        return 1
+    fi
+}
+# Main script logic
+case "$1" in
+    start)
+        start
+        ;;
+    stop)
+        stop
+        ;;
+    restart)
+        restart
+        ;;
+    reload)
+        reload
+        ;;
+    status)
+        status
+        ;;
+    condrestart|try-restart)
+        if is_running; then
+            restart
+        fi
+        ;;
+    *)
+        echo "Usage: $0 {start|stop|restart|reload|status|condrestart}"
+        exit 2
+        ;;
+esac
+exit $?
\ No newline at end of file
--- a/wssshtools/debian/postinst
+++ b/wssshtools/debian/postinst
@@ -46,19 +46,61 @@ case "$1" in
            usermod -g wssshc wssshc 2>/dev/null || true
        fi
-        # Create log directory
+        # Create log directory for wssshc
        if [ ! -d /var/log/wssshc ]; then
            mkdir -p /var/log/wssshc
            chown wssshc:wssshc /var/log/wssshc
            chmod 755 /var/log/wssshc
        fi
-        # Install watchdog script
+        # Install wssshc watchdog script
        if [ -f /usr/sbin/wssshc-watchdog ]; then
            chown wssshc:wssshc /usr/sbin/wssshc-watchdog
            chmod 755 /usr/sbin/wssshc-watchdog
        fi
+        # Create wsssht user and group if they don't exist
+        if ! getent group wsssht >/dev/null 2>&1; then
+            addgroup --system wsssht
+        fi
+        if ! getent passwd wsssht >/dev/null 2>&1; then
+            adduser --system --ingroup wsssht --home /var/lib/wsssht \
+                    --no-create-home --shell /bin/false wsssht
+        fi
+        # Create home directory for wsssht user
+        if [ ! -d /var/lib/wsssht ]; then
+            mkdir -p /var/lib/wsssht
+        fi
+        # Ensure wsssht user owns its home directory and can write to it
+        chown wsssht:wsssht /var/lib/wsssht
+        chmod 755 /var/lib/wsssht
+        # Ensure the user can actually write to its home directory
+        # Try to create a test file to verify write permissions
+        if ! su -s /bin/sh wsssht -c "touch /var/lib/wsssht/.test_write 2>/dev/null && rm /var/lib/wsssht/.test_write 2>/dev/null" 2>/dev/null; then
+            echo "Warning: wsssht user cannot write to /var/lib/wsssht, fixing permissions"
+            # Try to fix permissions by making directory writable
+            chmod 775 /var/lib/wsssht
+            # Also ensure the user is in the right group
+            usermod -g wsssht wsssht 2>/dev/null || true
+        fi
+        # Create log directory for wsssht
+        if [ ! -d /var/log/wsssht ]; then
+            mkdir -p /var/log/wsssht
+            chown wsssht:wsssht /var/log/wsssht
+            chmod 755 /var/log/wsssht
+        fi
+        # Install wsssht watchdog script
+        if [ -f /usr/sbin/wsssht-watchdog ]; then
+            chown wsssht:wsssht /usr/sbin/wsssht-watchdog
+            chmod 755 /usr/sbin/wsssht-watchdog
+        fi
        # Create /etc/default/wssshc if it doesn't exist
        if [ ! -f /etc/default/wssshc ]; then
            cat > /etc/default/wssshc << EOF
@@ -72,7 +114,20 @@ EOF
            chmod 644 /etc/default/wssshc
        fi
-        # Create example configuration file if it doesn't exist
+        # Create /etc/default/wsssht if it doesn't exist
+        if [ ! -f /etc/default/wsssht ]; then
+            cat > /etc/default/wsssht << EOF
+# WSSSH Tunnel Setup Tool (wsssht) configuration
+# Set to Y, 1, TRUE, true, YES, or yes to enable the service
+START=no
+# Additional configuration can be done in /etc/wsssht.conf
+# or ~/.config/wsssh/wsssht.conf
+EOF
+            chmod 644 /etc/default/wsssht
+        fi
+        # Create example configuration files if they don't exist
        if [ ! -f /etc/wssshc.conf.example ]; then
            if [ -f /usr/share/wsssh/wssshc.conf.example ]; then
                cp /usr/share/wsssh/wssshc.conf.example /etc/wssshc.conf.example
@@ -80,17 +135,34 @@ EOF
            fi
        fi
-        # Set up init script
+        if [ ! -f /etc/wsssht.conf.example ]; then
+            if [ -f /usr/share/wsssh/wsssht.conf.example ]; then
+                cp /usr/share/wsssh/wsssht.conf.example /etc/wsssht.conf.example
+                chmod 644 /etc/wsssht.conf.example
+            fi
+        fi
+        # Set up init scripts
        if [ -x /etc/init.d/wssshc ]; then
            update-rc.d wssshc defaults >/dev/null 2>&1 || true
        fi
-        # Enable systemd service if available and sysv init is not active
+        if [ -x /etc/init.d/wsssht ]; then
+            update-rc.d wsssht defaults >/dev/null 2>&1 || true
+        fi
+        # Enable systemd services if available and sysv init is not active
        if [ -f /lib/systemd/system/wssshc.service ] && command -v systemctl >/dev/null 2>&1; then
            if ! systemctl is-active wssshc >/dev/null 2>&1 && [ ! -f /var/run/wssshc-watchdog.pid ]; then
                systemctl enable wssshc.service >/dev/null 2>&1 || true
            fi
        fi
+        if [ -f /lib/systemd/system/wsssht.service ] && command -v systemctl >/dev/null 2>&1; then
+            if ! systemctl is-active wsssht >/dev/null 2>&1 && [ ! -f /var/run/wsssht-watchdog.pid ]; then
+                systemctl enable wsssht.service >/dev/null 2>&1 || true
+            fi
+        fi
    ;;
    abort-upgrade|abort-remove|abort-deconfigure)

--- a/wssshtools/debian/rules
+++ b/wssshtools/debian/rules
@@ -44,15 +44,24 @@ override_dh_auto_install:
 	install -m 644 ../wssshc.conf.example debian/wsssh-tools/usr/share/wsssh/
 	install -m 644 debian/wssshc.default debian/wsssh-tools/etc/default/wssshc
-	# Install wsssht configuration file
+	# Install wsssht init script
-	install -m 644 ../wssht.conf.example debian/wsssh-tools/usr/share/wsssh/
+	install -m 755 ../wsssht.init debian/wsssh-tools/etc/init.d/wsssht
+	# Install wsssht watchdog script
+	install -m 755 debian/wsssht-watchdog debian/wsssh-tools/usr/sbin/wsssht-watchdog
+	# Install wsssht configuration files
+	install -m 644 ../wsssht.conf.example debian/wsssh-tools/usr/share/wsssh/
+	install -m 644 debian/wsssht.default debian/wsssh-tools/etc/default/wsssht
 	# Install logrotate configuration
 	install -m 644 debian/wssshc.logrotate debian/wsssh-tools/etc/logrotate.d/wssshc
+	install -m 644 debian/wsssht.logrotate debian/wsssh-tools/etc/logrotate.d/wsssht
 	# Install systemd service file
 	mkdir -p debian/wsssh-tools/lib/systemd/system
 	install -m 644 debian/wssshc.service debian/wsssh-tools/lib/systemd/system/
+	install -m 644 debian/wsssht.service debian/wsssh-tools/lib/systemd/system/
 	# Install Python scripts
 	install -m 755 ../wssshd.py debian/wsssh-tools/usr/bin/

--- a/wssshtools/debian/wsssht-watchdog
+++ b/wssshtools/debian/wsssht-watchdog
+#!/bin/bash
+# WSSSH Tunnel Setup Tool Watchdog Script
+# Copyright (C) 2024 Stefy Lanza <stefy@nexlab.net> and SexHack.me
+#
+# This program is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+# Configuration
+DAEMON_NAME="wsssht"
+DAEMON_PATH="/usr/bin/wsssht"
+PID_FILE="/var/run/wsssht.pid"
+WATCHDOG_PID_FILE="/var/run/wsssht-watchdog.pid"
+LOG_FILE="/var/log/wsssht/watchdog.log"
+CHECK_INTERVAL=30
+MAX_RESTARTS=20
+RESTART_WINDOW=60  # 1 minute
+# Default configuration values (can be overridden by /etc/default/wsssht)
+START=yes
+DAEMON_ARGS=""
+# Load configuration if available
+if [ -f /etc/default/wsssht ]; then
+    . /etc/default/wsssht
+fi
+# Function to log messages
+log_message() {
+    local timestamp=$(date '+%Y-%m-%d %H:%M:%S')
+    echo "[$timestamp] $*" >> "$LOG_FILE"
+    logger -t "$DAEMON_NAME-watchdog" "$*"
+}
+# Function to check if daemon is running (double-check process)
+is_daemon_running() {
+    if [ -f "$PID_FILE" ]; then
+        local pid=$(cat "$PID_FILE")
+        # First check if process exists
+        if kill -0 "$pid" 2>/dev/null; then
+            # Double-check: verify the process is actually our daemon
+            if ps -p "$pid" -o comm= 2>/dev/null | grep -q "^wsssht$"; then
+                return 0  # Running and correct process
+            else
+                log_message "PID file exists but process $pid is not wsssht"
+                rm -f "$PID_FILE"
+            fi
+        else
+            log_message "PID file exists but process $pid is not running"
+            rm -f "$PID_FILE"
+        fi
+    fi
+    return 1  # Not running
+}
+# Function to start daemon
+start_daemon() {
+    log_message "Starting $DAEMON_NAME daemon..."
+    # Create necessary directories
+    mkdir -p /var/log/wsssht 2>/dev/null || log_message "Warning: Could not create /var/log/wsssht"
+    chown wsssht:wsssht /var/log/wsssht 2>/dev/null || log_message "Warning: Could not chown /var/log/wsssht"
+    # Check if daemon binary exists
+    if [ ! -x "$DAEMON_PATH" ]; then
+        log_message "Error: Daemon binary $DAEMON_PATH not found or not executable"
+        return 1
+    fi
+    # Try to start daemon as wsssht user, fallback to current user if that fails
+    log_message "Attempting to start daemon with start-stop-daemon..."
+    if [ -n "$DAEMON_ARGS" ]; then
+        start-stop-daemon --start --quiet --pidfile "$PID_FILE" \
+            --chuid wsssht:wsssht --background --make-pidfile \
+            --exec "$DAEMON_PATH" -- $DAEMON_ARGS 2>/dev/null
+        local result=$?
+    else
+        start-stop-daemon --start --quiet --pidfile "$PID_FILE" \
+            --chuid wsssht:wsssht --background --make-pidfile \
+            --exec "$DAEMON_PATH" 2>/dev/null
+        local result=$?
+    fi
+    # If start-stop-daemon failed, try running directly
+    if [ $result -ne 0 ]; then
+        log_message "start-stop-daemon failed (exit code: $result), trying direct execution..."
+        if [ -n "$DAEMON_ARGS" ]; then
+            "$DAEMON_PATH" $DAEMON_ARGS &
+            echo $! > "$PID_FILE"
+        else
+            "$DAEMON_PATH" &
+            echo $! > "$PID_FILE"
+        fi
+        result=$?
+    fi
+    if [ $result -eq 0 ]; then
+        log_message "$DAEMON_NAME started successfully"
+        return 0
+    else
+        log_message "Failed to start $DAEMON_NAME (exit code: $result)"
+        return 1
+    fi
+}
+# Function to check restart limits
+check_restart_limits() {
+    local current_time=$(date +%s)
+    local restart_count=0
+    local window_start=$((current_time - RESTART_WINDOW))
+    # Count successful starts within the restart window
+    if [ -f "$LOG_FILE" ]; then
+        # Count starts in the last RESTART_WINDOW seconds
+        restart_count=$(awk -v window_start="$window_start" '
+            BEGIN { count = 0 }
+            {
+                # Extract timestamp from log line [YYYY-MM-DD HH:MM:SS]
+                if (match($0, /\[([0-9]{4}-[0-9]{2}-[0-9]{2} [0-9]{2}:[0-9]{2}:[0-9]{2})\]/, arr)) {
+                    timestamp = arr[1]
+                    # Convert to epoch time
+                    cmd = "date -d \"" timestamp "\" +%s 2>/dev/null"
+                    cmd | getline epoch_time
+                    close(cmd)
+                    if (epoch_time >= window_start && $0 ~ /started successfully/) {
+                        count++
+                    }
+                }
+            }
+            END { print count }
+        ' "$LOG_FILE" 2>/dev/null || echo "0")
+    fi
+    if [ "$restart_count" -ge "$MAX_RESTARTS" ]; then
+        log_message "Too many restarts ($restart_count) in $RESTART_WINDOW seconds. Watchdog will exit."
+        return 1
+    fi
+    return 0
+}
+# Function to stop daemon (double-check process)
+stop_daemon() {
+    log_message "Stopping $DAEMON_NAME daemon..."
+    if [ -f "$PID_FILE" ]; then
+        local pid=$(cat "$PID_FILE")
+        # Double-check: verify the process is actually our daemon
+        if ps -p "$pid" -o comm= 2>/dev/null | grep -q "^wsssht$"; then
+            start-stop-daemon --stop --quiet --pidfile "$PID_FILE" --retry=TERM/30/KILL/5
+            local result=$?
+            rm -f "$PID_FILE"
+            return $result
+        else
+            log_message "PID file exists but process $pid is not wsssht"
+            rm -f "$PID_FILE"
+            return 1
+        fi
+    else
+        log_message "PID file not found, daemon may not be running"
+        return 1
+    fi
+}
+# Function to cleanup on exit
+cleanup() {
+    log_message "Watchdog shutting down..."
+    if [ -f "$WATCHDOG_PID_FILE" ]; then
+        rm -f "$WATCHDOG_PID_FILE"
+    fi
+    exit 0
+}
+# Trap signals
+trap cleanup SIGTERM SIGINT
+# Main watchdog function (continuous monitoring)
+main() {
+    # Debug: Log the START value
+    log_message "START configuration value: '$START'"
+    # Check if START is enabled (accept various forms: yes, YES, Y, 1, true, TRUE)
+    START_LOWER=$(echo "$START" | tr '[:upper:]' '[:lower:]')
+    log_message "START_LOWER: '$START_LOWER'"
+    if [ "$START_LOWER" != "yes" ] && [ "$START_LOWER" != "y" ] && [ "$START_LOWER" != "1" ] && [ "$START_LOWER" != "true" ]; then
+        log_message "START is not set to a valid enabled value in /etc/default/wsssht. Exiting."
+        exit 0
+    fi
+    log_message "START validation passed, proceeding with watchdog initialization"
+    log_message "Watchdog started for $DAEMON_NAME"
+    log_message "Check interval: $CHECK_INTERVAL seconds"
+    log_message "Max restarts: $MAX_RESTARTS per $RESTART_WINDOW seconds"
+    log_message "Entering monitoring loop"
+    local loop_count=0
+    while true; do
+        loop_count=$((loop_count + 1))
+        log_message "Monitoring loop iteration $loop_count"
+        if ! is_daemon_running; then
+            log_message "$DAEMON_NAME is not running"
+            # Check restart limits before attempting to start
+            if ! check_restart_limits; then
+                log_message "Restart limits exceeded, watchdog will exit"
+                break
+            fi
+            # Attempt to start daemon
+            if start_daemon; then
+                log_message "$DAEMON_NAME restarted successfully"
+                # Give daemon time to fully start before checking
+                sleep 3
+            else
+                log_message "Failed to restart $DAEMON_NAME"
+                # If daemon fails to start, exit watchdog
+                log_message "Watchdog exiting due to daemon restart failure"
+                break
+            fi
+        else
+            log_message "$DAEMON_NAME is running, monitoring continues"
+        fi
+        log_message "Sleeping for $CHECK_INTERVAL seconds"
+        sleep "$CHECK_INTERVAL"
+    done
+    log_message "Watchdog exiting"
+    cleanup
+}
+# Handle command line arguments
+case "$1" in
+    start)
+        echo "Starting watchdog..."
+        if [ -f "$WATCHDOG_PID_FILE" ]; then
+            echo "Watchdog is already running"
+            exit 1
+        fi
+        echo "Calling main() function..."
+        # Run main() function in background and capture its PID
+        main &
+        MAIN_PID=$!
+        # Create PID file with the background process PID
+        echo $MAIN_PID > "$WATCHDOG_PID_FILE"
+        # Give it a moment to start
+        sleep 1
+        # Check if the process is still running
+        if kill -0 $MAIN_PID 2>/dev/null; then
+            echo "Watchdog started successfully (PID: $MAIN_PID)"
+            exit 0  # Exit immediately to avoid killing background main process
+        else
+            echo "Watchdog failed to start"
+            rm -f "$WATCHDOG_PID_FILE"
+            exit 1
+        fi
+        ;;
+    stop)
+        # First, try to stop the process from PID file
+        if [ -f "$WATCHDOG_PID_FILE" ]; then
+            watchdog_pid=$(cat "$WATCHDOG_PID_FILE")
+            # Double-check: verify the process is actually our watchdog
+            if ps -p "$watchdog_pid" -o comm= 2>/dev/null | grep -q "wsssht-watchdog"; then
+                kill "$watchdog_pid" 2>/dev/null
+                rm -f "$WATCHDOG_PID_FILE"
+                echo "Watchdog stopped (from PID file)"
+            else
+                echo "PID file exists but process is not wsssht-watchdog"
+                rm -f "$WATCHDOG_PID_FILE"
+            fi
+        fi
+        # Also kill any other watchdog processes that might be running
+        # Find all bash processes running our watchdog script
+        watchdog_processes=$(ps aux | grep "/usr/sbin/wsssht-watchdog start" | grep -v grep | awk '{print $2}')
+        if [ -n "$watchdog_processes" ]; then
+            echo "Found additional watchdog processes: $watchdog_processes"
+            for pid in $watchdog_processes; do
+                if [ "$pid" != "$$" ]; then  # Don't kill ourselves
+                    kill "$pid" 2>/dev/null && echo "Killed watchdog process $pid"
+                fi
+            done
+        fi
+        # Clean up any remaining PID files
+        rm -f "$WATCHDOG_PID_FILE" 2>/dev/null
+        echo "Watchdog stop process completed"
+        ;;
+    status)
+        if [ -f "$WATCHDOG_PID_FILE" ]; then
+            watchdog_pid=$(cat "$WATCHDOG_PID_FILE")
+            if kill -0 "$watchdog_pid" 2>/dev/null; then
+                # Double-check: verify the process is actually our watchdog
+                if ps -p "$watchdog_pid" -o comm= 2>/dev/null | grep -q "wsssht-watchdog"; then
+                    echo "Watchdog is running (PID: $watchdog_pid)"
+                else
+                    echo "Watchdog PID file exists but process is not wsssht-watchdog"
+                    rm -f "$WATCHDOG_PID_FILE"
+                fi
+            else
+                echo "Watchdog PID file exists but process is not running"
+                rm -f "$WATCHDOG_PID_FILE"
+            fi
+        else
+            echo "Watchdog is not running"
+        fi
+        # Also check daemon status
+        if is_daemon_running; then
+            daemon_pid=$(cat "$PID_FILE")
+            echo "Daemon is running (PID: $daemon_pid)"
+        else
+            echo "Daemon is not running"
+        fi
+        ;;
+    restart)
+        $0 stop
+        sleep 2
+        $0 start
+        ;;
+    *)
+        echo "Usage: $0 {start|stop|status|restart}"
+        exit 1
+        ;;
+esac
+exit 0
\ No newline at end of file
--- a/wssshtools/debian/wsssht.default
+++ b/wssshtools/debian/wsssht.default
+# WSSSH Tunnel Setup Tool (wsssht) configuration
+# Set to Y, 1, TRUE, true, YES, or yes to enable the service
+START=no
+# Additional configuration can be done in /etc/wsssht.conf
+# or ~/.config/wsssh/wsssht.conf
\ No newline at end of file
--- a/wssshtools/debian/wsssht.logrotate
+++ b/wssshtools/debian/wsssht.logrotate
+/var/log/wsssht/wsssht.log {
+    weekly
+    missingok
+    rotate 52
+    compress
+    delaycompress
+    notifempty
+    create 644 wsssht wsssht
+    postrotate
+        if [ -f /var/run/wsssht.pid ]; then
+            kill -HUP $(cat /var/run/wsssht.pid) 2>/dev/null || true
+        fi
+    endscript
+}
+/var/log/wsssht/watchdog.log {
+    weekly
+    missingok
+    rotate 52
+    compress
+    delaycompress
+    notifempty
+    create 644 wsssht wsssht
+    postrotate
+        if [ -f /var/run/wsssht-watchdog.pid ]; then
+            kill -HUP $(cat /var/run/wsssht-watchdog.pid) 2>/dev/null || true
+        fi
+    endscript
+}
\ No newline at end of file
--- a/wssshtools/debian/wsssht.service
+++ b/wssshtools/debian/wsssht.service
+[Unit]
+Description=WSSSH Tunnel Setup Tool
+After=network.target syslog.target
+Requires=network.target
+ConditionPathExists=!/etc/init.d/wsssht
+ConditionPathExists=!/var/run/wsssht-watchdog.pid
+[Service]
+Type=forking
+User=wsssht
+Group=wsssht
+EnvironmentFile=-/etc/default/wsssht
+ExecStart=/usr/sbin/wsssht-watchdog start
+ExecStop=/usr/sbin/wsssht-watchdog stop
+ExecReload=/usr/sbin/wsssht-watchdog restart
+PIDFile=/var/run/wsssht-watchdog.pid
+Restart=on-failure
+RestartSec=5
+[Install]
+WantedBy=multi-user.target
\ No newline at end of file