diff options
Diffstat (limited to '')
| -rwxr-xr-x | bin/inet2.sh (renamed from inet2.initd) | 90 | ||||
| -rwxr-xr-x | bin/mkbirdconfig.sh | 84 | ||||
| -rwxr-xr-x | bin/mkwgconfig.sh | 9 | ||||
| -rwxr-xr-x | lib/config.awk (renamed from bin/config.awk) | 0 |
4 files changed, 125 insertions, 58 deletions
diff --git a/inet2.initd b/bin/inet2.sh index 5fe8c7c..7a93cbb 100755 --- a/inet2.initd +++ b/bin/inet2.sh @@ -1,20 +1,6 @@ -#!/sbin/openrc-run -name="inet2" -description="Sets up wireguard interfaces connected via the host's internet connection" +#!/usr/bin/env sh -extra_started_commands="reloadwg" - -run() { - printf '$ \x1b[32;1m%s\x1b[0m\n' "$*" - "$@" -} -step() { - printf '\x1b[34;1m>> %s\x1b[0m\n' "$*" -} - -getval() { - /usr/local/bin/config.awk /run/inet2/inet2.conf "$@" -} +. /var/lib/inet2/inet2.sh runscripts() { if [ -n "$(getval "interface $2" "$1")" ]; then @@ -25,23 +11,24 @@ runscripts() { fi } - - start() { + step "Starting inet2" + step "Removing old Wireguard interfaces" for file in /sys/class/net/*; do # Clear all wireguard interfaces type=$(cat "$file/type") if [ "$type" = "65534" ]; then - ifname="$(basename $file)" - ip link del "$ifname" + ifname="$(basename $file)" + run ip link del "$ifname" fi done - rm -rf /run/inet2/config 2>/dev/null - rm -rf /run/inet2/wg 2>/dev/null - cp /config/inet2.conf /run/inet2/inet2.conf - mkdir /run/inet2/wg - + rm -fr /run/inet2/wg 2> /dev/null + mkdir -p /run/inet2/wg + + mkbirdconfig.sh + + step "Setting loopback addresses" getval Loopback | while read -r addr; do run ip addr add "$addr" dev lo done @@ -84,36 +71,35 @@ start() { } stop() { - if [ -f /run/inet2/inet2.conf ]; then - getval Loopback | while read -r addr; do - run ip addr del "$addr" dev lo - done + step "Stopping inet2" + step "Removing loopback" + getval Loopback | while read -r addr; do + run ip addr del "$addr" dev lo + done - getval interface | while read -r inter; do - runscripts PreDown "$inter" - - step "Bringing $inter down" - run ip link del "$inter" - - runscripts PostDown "$inter" - done + getval interface | while read -r inter; do + runscripts PreDown "$inter" - rm -rf /run/inet2/inet2.conf - fi + step "Bringing $inter down" + run ip link del "$inter" + + runscripts PostDown "$inter" + done } -# just reloads the wireguard configs for existing interfaces -# for if a peer's domain name resolves to a different ip address now -# and it needs to be re-resolved without taking down the connection -reloadwg() { - if [ -f /run/inet2/inet2.conf ]; then - getval interface | while read -r inter; do - step "Generating config for $inter" - run mkwgconfig.sh "$inter" /run/inet2/wg/"$inter" /config/inet2.conf - - step "Setting Wireguard config for $inter" - run wg setconf "$inter" /run/inet2/wg/"$inter" - done - fi +reload() { + getval interface | while read -r inter; do + step "Generating config for $inter" + run mkwgconfig.sh "$inter" /run/inet2/wg/"$inter" /config/inet2.conf + + step "Setting Wireguard config for $inter" + run wg setconf "$inter" /run/inet2/wg/"$inter" + done +} + +restart() { + stop + start } +$1 diff --git a/bin/mkbirdconfig.sh b/bin/mkbirdconfig.sh new file mode 100755 index 0000000..bf5c1f3 --- /dev/null +++ b/bin/mkbirdconfig.sh @@ -0,0 +1,84 @@ +#!/bin/sh + +. /var/lib/inet2/inet2.sh + +escapebird() { + sed -e 's/\\/\\\\/g;s/"/\\"/g' +} + +step "Creating Bird configuration" + +touch /var/log/bird.log +chown bird:bird /var/log/bird.log + +interfacelist=$( + echo " interface \"lo\" { stub; };" + getval interface | while read -r inter; do + val="$(getval "interface $inter" OSPF)" + if [ "$?" = "0" ]; then + echo " interface \"$(printf "%s" "$inter" | escapebird)\" {" + echo " type ptp;" + if [ -n "$val" ]; then + echo " $val;"; + fi + echo " };" + fi + done +) + +filter4=$(getval "Subnet" | grep -v ':' | while read -r line; do printf "%s+," "$line"; done | sed 's/,$//') +filter6=$(getval "Subnet" | grep ':' | while read -r line; do printf "%s+," "$line"; done | sed 's/,$//') + +(cat <<EOF +log "/var/log/bird.log" all; + +$(getval RouterID | while read -r line; do echo "router id $line;"; done) + +protocol kernel { + ipv4 { export filter { if net ~ [$filter4] then accept; else reject; }; }; +} + +protocol kernel { + ipv6 { export filter { if net ~ [$filter6] then accept; else reject; }; }; +} + +protocol device { +} + +protocol direct { + ipv4; + ipv6; +} + +protocol static { + ipv4; +} + +EOF + +cat <<EOF +protocol ospf v3 ospf4 { + ipv4 { + import all; + export filter { if source ~ [RTS_DEVICE, RTS_INHERIT] && net ~ [$filter4] then accept; else reject; }; + }; + area 0 { +$(getval "Stubnet" | grep -v ':' | while read -r net; do echo " stubnet $net {};"; done) +$interfacelist + }; +} +protocol ospf v3 ospf6 { + ipv6 { + import all; + export filter { if source ~ [RTS_DEVICE, RTS_INHERIT] && net ~ [$filter6] then accept; else reject; }; + }; + area 0 { +$(getval "Stubnet" | grep ':' | while read -r net; do echo " stubnet $net {};"; done) +$interfacelist + }; +} +EOF +) > /etc/bird.conf + +chown root:bird /etc/bird.conf +chmod 640 /etc/bird.conf diff --git a/bin/mkwgconfig.sh b/bin/mkwgconfig.sh index dcbb98f..6ee11a9 100755 --- a/bin/mkwgconfig.sh +++ b/bin/mkwgconfig.sh @@ -1,14 +1,11 @@ -#!/bin/sh +#!/usr/bin/env sh # args: /path/to/interface-config /path/to/output.conf inter="$1" -configfile="$3" -if [ -z "$configfile" ]; then - configfile=/run/inet2/inet2.conf -fi +configfile=/etc/inet2.conf getval() { - /usr/local/bin/config.awk "$configfile" "$@" + /var/lib/inet2/config.awk "$configfile" "$@" } k() { diff --git a/bin/config.awk b/lib/config.awk index 9d0a117..9d0a117 100755 --- a/bin/config.awk +++ b/lib/config.awk |