feat: allow ipsec initiation

allows clients to re-initiate IPsec tunnels using the /api/v1/services/ipsec/apply endpoint with the initiate field.
also prevents IPsec read actions from returning null when no entries exist.

pfSense-pkg-API/files/etc/inc/api/models/APIServicesIPsecApplyCreate.inc

@@ -33,7 +33,14 @@ class APIServicesIPsecApplyCreate extends APIModel {
     }
 
     public function action() {
+        # Apply pending IPsec changes
         $this->apply();
+
+        # Allow clients to re-initiate tunnels with the new configuration.
+        if ($this->initial_data["initiate"] === true) {
+            $this->initiate();
+        }
+
         return APIResponse\get(0);
     }
 
@@ -48,4 +55,14 @@ class APIServicesIPsecApplyCreate extends APIModel {
             clear_subsystem_dirty('ipsec');
         }
     }
+
+    public static function initiate() {
+        global $config;
+
+        # Loop through each phase1 to terminate existing IKE connections and re-initiate all tunnels
+        foreach ($config["ipsec"]["phase1"] as $p1) {
+            ipsec_terminate_by_conid("ike", ipsec_conid($p1));
+            ipsec_initiate_by_conid("all", ipsec_conid($p1));
+        }
+    }
 }

pfSense-pkg-API/files/etc/inc/api/models/APIServicesIPsecPhase1Read.inc

@@ -24,6 +24,6 @@ class APIServicesIPsecPhase1Read extends APIModel {
     }
 
     public function action() {
-        return APIResponse\get(0, $this->config["ipsec"]["phase1"]);
+        return APIResponse\get(0, ($this->config["ipsec"]["phase1"]) ?: []);
     }
 }

pfSense-pkg-API/files/etc/inc/api/models/APIServicesIPsecPhase2Read.inc

@@ -24,6 +24,6 @@ class APIServicesIPsecPhase2Read extends APIModel {
     }
 
     public function action() {
-        return APIResponse\get(0, $this->config["ipsec"]["phase2"]);
+        return APIResponse\get(0, ($this->config["ipsec"]["phase2"]) ?: []);
     }
 }