blob: 7824bdc8cac6396d1878c5dcc90c6576ea92e53e (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
|
#!/sbin/openrc-run
name="inet2"
description="Sets up wireguard interfaces connected via the host's internet connection"
extra_started_commands="reloadwg"
run() {
printf '$ \x1b[32;1m%s\x1b[0m\n' "$*"
"$@"
}
step() {
printf '\x1b[34;1m>> %s\x1b[0m\n' "$*"
}
getval() {
/usr/local/bin/config.awk /run/inet2/inet2.conf "$@"
}
runscripts() {
if [ -n "$(getval "interface $2" "$1")" ]; then
step "Running $1 for $2"
getval "interface $2" "$1" | while read -r line; do
(eval "$line")
done
fi
}
start() {
rm -rf /run/inet2/config 2>/dev/null
rm -rf /run/inet2/wg 2>/dev/null
cp /config/inet2.conf /run/inet2/inet2.conf
mkdir /run/inet2/wg
getval Loopback | while read -r addr; do
run ip addr add "$addr" dev lo
done
getval interface | while read -r inter; do
step "Generating config for $inter"
run mkwgconfig.sh "$inter" /run/inet2/wg/"$inter"
# create the wireguard interface *in the default namespace*
step "Adding Wireguard interface $inter"
run ip link add name "$inter" type wireguard
# set up the new network from the config
step "Setting Wireguard config for $inter"
run wg setconf "$inter" /run/inet2/wg/"$inter"
# the config doesn't actually add any addresses, do that here
step "Adding host addresses for $inter"
getval "interface $inter" Address | while read -r addr; do
run ip addr add "$addr" dev "$inter"
done
runscripts PreUp "$inter"
step "Bringing interface up"
run ip link set dev "$inter" up
getval "interface $inter" Route | while read -r line; do
read -r route via addr2 < <(printf "%s" "$line")
if [ "$via" = "via" ]; then
run ip route add "$route" via "$addr2" dev "$inter"
else
run ip route add "$route" dev "$inter"
fi
done
runscripts PostUp "$inter"
done
step "Done!"
}
stop() {
if [ -f /run/inet2/inet2.conf ]; then
getval Loopback | while read -r addr; do
run ip addr del "$addr" dev lo
done
getval interface | while read -r inter; do
runscripts PreDown "$inter"
step "Bringing $inter down"
run ip link del "$inter"
runscripts PostDown "$inter"
done
rm -rf /run/inet2/inet2.conf
fi
}
# just reloads the wireguard configs for existing interfaces
# for if a peer's domain name resolves to a different ip address now
# and it needs to be re-resolved without taking down the connection
reloadwg() {
if [ -f /run/inet2/inet2.conf ]; then
getval interface | while read -r inter; do
step "Generating config for $inter"
run mkwgconfig.sh "$inter" /run/inet2/wg/"$inter" /config/inet2.conf
step "Setting Wireguard config for $inter"
run wg setconf "$inter" /run/inet2/wg/"$inter"
done
fi
}
|
