shimun/wireguard-user
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
wireguard-user/init.sh
shimunn 8300e94414
Some checks are pending
continuous-integration/drone/push Build encountered an error
Details
added structopt
2019-01-19 19:36:56 +01:00

59 lines
1.5 KiB
Bash
Executable File
Raw Blame History

#!/bin/sh
umask 077
set -e
WG_IF=${WG_INTERFACE:-wg0}
PHY_IF=${WG_HOST_INTERFACE:-$(ip route | awk '/default/ { print $5 }')}
ADDRESS=${WG_ADDRESS:-10.200.200.1/24}
function shutdown() {
CONF=$(wg showconf $WG_IF)
if [ ! -z "$CONF" ]; then
echo "$CONF" > /etc/wireguard/$WG_IF.conf
fi
ip link del dev $WG_IF
setup_iptables "D"
}
function setup_iptables() {
if [ ! -z "$WG_REDIRECT_DNS" ]; then
iptables -t nat -$1 OUTPUT -p udp --dport 53 -j DNAT --to $WG_REDIRECT_DNS
iptables -t nat -$1 OUTPUT -p tcp --dport 53 -j DNAT --to $WG_REDIRECT_DNS
fi
iptables -$1 FORWARD -i $WG_IF -j ACCEPT
iptables -$1 FORWARD -i $WG_IF -o $PHY_IF -m state --state RELATED,ESTABLISHED -j ACCEPT
iptables -$1 FORWARD -i $PHY_IF -o $WG_IF -m state --state RELATED,ESTABLISHED -j ACCEPT
iptables -t nat -$1 POSTROUTING -s $ADDRESS -o $PHY_IF -j MASQUERADE;
}
/usr/bin/wireguard-go $WG_IF
if [ ! -f "/etc/wireguard/$WG_IF.conf" ]; then
mkdir -p /etc/wireguard/keys
wg genkey | tee /etc/wireguard/keys/$WG_IF | wg pubkey > /etc/wireguard/keys/$WG_IF.pub
wg set $WG_IF private-key /etc/wireguard/keys/$WG_IF
wg set $WG_IF listen-port 51820
else
wg setconf $WG_IF /etc/wireguard/$WG_IF.conf
fi
trap shutdown EXIT SIGTERM SIGTERM
ip link set up dev $WG_IF
ip address add $ADDRESS dev $WG_IF
setup_iptables "A"
sleep 3
if [ -e "/usr/bin/wg-event-gen" ]; then
export WG_EVENT_SOCKET=/var/run/wireguard/$WG_IF.sock
/usr/bin/wg-event-gen
else
while [ -e "/sys/class/net/$WG_IF/operstate" ]; do
sleep 10
done
fi
shutdown
Reference in New Issue View Git Blame Copy Permalink