diff options
| author | Freya Murphy <freya@freyacat.org> | 2023-11-10 19:44:48 -0500 |
|---|---|---|
| committer | Freya Murphy <freya@freyacat.org> | 2023-11-10 19:44:48 -0500 |
| commit | 8b7fe69ca362bf7f78fee7207ddd10d8697ae02a (patch) | |
| tree | e9c38ea4589360bafd434603feb6bcd95629556b /inet2.initd | |
| download | freyanet-8b7fe69ca362bf7f78fee7207ddd10d8697ae02a.tar.gz freyanet-8b7fe69ca362bf7f78fee7207ddd10d8697ae02a.tar.bz2 freyanet-8b7fe69ca362bf7f78fee7207ddd10d8697ae02a.zip | |
things
Diffstat (limited to 'inet2.initd')
| -rwxr-xr-x | inet2.initd | 108 |
1 files changed, 108 insertions, 0 deletions
diff --git a/inet2.initd b/inet2.initd new file mode 100755 index 0000000..7824bdc --- /dev/null +++ b/inet2.initd @@ -0,0 +1,108 @@ +#!/sbin/openrc-run +name="inet2" +description="Sets up wireguard interfaces connected via the host's internet connection" + +extra_started_commands="reloadwg" + +run() { + printf '$ \x1b[32;1m%s\x1b[0m\n' "$*" + "$@" +} +step() { + printf '\x1b[34;1m>> %s\x1b[0m\n' "$*" +} + +getval() { + /usr/local/bin/config.awk /run/inet2/inet2.conf "$@" +} + +runscripts() { + if [ -n "$(getval "interface $2" "$1")" ]; then + step "Running $1 for $2" + getval "interface $2" "$1" | while read -r line; do + (eval "$line") + done + fi +} + +start() { + rm -rf /run/inet2/config 2>/dev/null + rm -rf /run/inet2/wg 2>/dev/null + cp /config/inet2.conf /run/inet2/inet2.conf + mkdir /run/inet2/wg + + getval Loopback | while read -r addr; do + run ip addr add "$addr" dev lo + done + + getval interface | while read -r inter; do + step "Generating config for $inter" + run mkwgconfig.sh "$inter" /run/inet2/wg/"$inter" + + # create the wireguard interface *in the default namespace* + step "Adding Wireguard interface $inter" + run ip link add name "$inter" type wireguard + + # set up the new network from the config + step "Setting Wireguard config for $inter" + run wg setconf "$inter" /run/inet2/wg/"$inter" + + # the config doesn't actually add any addresses, do that here + step "Adding host addresses for $inter" + getval "interface $inter" Address | while read -r addr; do + run ip addr add "$addr" dev "$inter" + done + + runscripts PreUp "$inter" + + step "Bringing interface up" + run ip link set dev "$inter" up + + getval "interface $inter" Route | while read -r line; do + read -r route via addr2 < <(printf "%s" "$line") + if [ "$via" = "via" ]; then + run ip route add "$route" via "$addr2" dev "$inter" + else + run ip route add "$route" dev "$inter" + fi + done + + runscripts PostUp "$inter" + done + step "Done!" +} + +stop() { + if [ -f /run/inet2/inet2.conf ]; then + getval Loopback | while read -r addr; do + run ip addr del "$addr" dev lo + done + + getval interface | while read -r inter; do + runscripts PreDown "$inter" + + step "Bringing $inter down" + run ip link del "$inter" + + runscripts PostDown "$inter" + done + + rm -rf /run/inet2/inet2.conf + fi +} + +# just reloads the wireguard configs for existing interfaces +# for if a peer's domain name resolves to a different ip address now +# and it needs to be re-resolved without taking down the connection +reloadwg() { + if [ -f /run/inet2/inet2.conf ]; then + getval interface | while read -r inter; do + step "Generating config for $inter" + run mkwgconfig.sh "$inter" /run/inet2/wg/"$inter" /config/inet2.conf + + step "Setting Wireguard config for $inter" + run wg setconf "$inter" /run/inet2/wg/"$inter" + done + fi +} + |