mirror of
https://github.com/flynx/proxmox-utils.git
synced 2025-12-25 21:02:04 +00:00
Compare commits
3 Commits
31dbf3acd2
...
9472f995a0
| Author | SHA1 | Date | |
|---|---|---|---|
| 9472f995a0 | |||
| f6fbb2eec4 | |||
| 44307bfec7 |
@ -18,6 +18,7 @@ readConfig
|
||||
SOFTWARE=(
|
||||
make
|
||||
w3m links
|
||||
tree
|
||||
qrencode
|
||||
htop iftop iotop
|
||||
tmux
|
||||
|
||||
@ -100,16 +100,13 @@ echo "# Copying assets..."
|
||||
@ pct-push-r $ID ./assets /
|
||||
@ lxc-attach $ID -- chmod +x /root/getFreeClientIP
|
||||
|
||||
#echo "# Setup: wireguard server..."
|
||||
@ lxc-attach $ID -- bash -c "cd /root && make server"
|
||||
|
||||
echo "# Setup: wireguard default profile..."
|
||||
echo "# Setup: wireguard server and client profile..."
|
||||
@ lxc-attach $ID -- bash -c "cd /root \
|
||||
&& QRCODE=${QRCODE} make default.client"
|
||||
&& QRCODE=${QRCODE} make server default.client"
|
||||
|
||||
echo "# client config:"
|
||||
@ mkdir -p clients
|
||||
@ pct pull $ID /etc/wireguard/clients/default.conf clients/default.conf
|
||||
#echo "# client config:"
|
||||
#@ mkdir -p clients
|
||||
#@ pct pull $ID /etc/wireguard/clients/default.wg clients/default.conf
|
||||
|
||||
echo "# Post config..."
|
||||
pctSet $ID "${OPTS_STAGE_2}" $REBOOT
|
||||
|
||||
@ -1,3 +1,6 @@
|
||||
#----------------------------------------------------------------------
|
||||
#
|
||||
#----------------------------------------------------------------------
|
||||
|
||||
INTERFACE := wg0
|
||||
|
||||
@ -21,6 +24,8 @@ ALLOWED_IPS ?= ${ALLOWED_IPS}
|
||||
|
||||
|
||||
|
||||
#----------------------------------------------------------------------
|
||||
|
||||
%_id:
|
||||
@ mkdir -p $$(dirname $@)
|
||||
wg genkey 2> /dev/null > $@
|
||||
@ -31,6 +36,10 @@ ALLOWED_IPS ?= ${ALLOWED_IPS}
|
||||
cat $< | wg pubkey > $@
|
||||
|
||||
|
||||
%_ip:
|
||||
./getFreeClientIP > $@
|
||||
|
||||
|
||||
# NOTE: the first letter of each pattern is quoted to prevent it from
|
||||
# being substituted when generating this Makefile from template.
|
||||
$(SERVER_CONF): $(SERVER_TPL) $(SERVER_KEY)
|
||||
@ -44,46 +53,55 @@ $(SERVER_CONF): $(SERVER_TPL) $(SERVER_KEY)
|
||||
wg-quick up $(INTERFACE)
|
||||
|
||||
|
||||
# XXX need to figure out a way to link this to the .config file without
|
||||
# conflicting with the server's wg0.conf
|
||||
%.client: $(CLIENT_TPL) $(SERVER_CLIENT_TPL) \
|
||||
$(CLIENT_DIR)/%_id $(CLIENT_DIR)/%_id.pub \
|
||||
.PRECIOUS: %.wg
|
||||
%.wg: $(CLIENT_TPL) $(SERVER_CLIENT_TPL) \
|
||||
%_id %_id.pub %_ip \
|
||||
$(SERVER_CONF) $(SERVER_PUBLIC_KEY)
|
||||
@ mkdir -p $(CLIENT_DIR)
|
||||
@ mkdir -p $(shell dirname "$*")
|
||||
cat "$<" \
|
||||
| sed \
|
||||
-e 's/\$${\DNS}/$(DNS)/g' \
|
||||
-e 's/\$${\ENDPOINT}/$(ENDPOINT)/g' \
|
||||
-e 's/\$${\ENDPOINT_PORT}/$(ENDPOINT_PORT)/g' \
|
||||
-e 's/\$${\ALLOWED_IPS}/$(subst /,\/,$(ALLOWED_IPS))/g' \
|
||||
-e 's/\$${\CLIENT_IP}/$(shell ./getFreeClientIP)\/32/g' \
|
||||
-e 's/\$${\CLIENT_PRIVATE_KEY}/'$$(sed -e 's/\//\\\//g' "$(CLIENT_DIR)/$*_id")'/g' \
|
||||
-e 's/\$${\SERVER_PUBLIC_KEY}/'$$(sed -e 's/\//\\\//g' "$(SERVER_PUBLIC_KEY)")'/g' \
|
||||
> "$(CLIENT_DIR)/$*.conf"
|
||||
-e 's/\$${\CLIENT_IP}/$(shell cat $*_ip)\/32/g' \
|
||||
-e 's/\$${\CLIENT_PRIVATE_KEY}/$(shell sed -e 's/\//\\\//g' "$*_id")/g' \
|
||||
-e 's/\$${\SERVER_PUBLIC_KEY}/$(shell sed -e 's/\//\\\//g' "$(SERVER_PUBLIC_KEY)")/g' \
|
||||
> "$@"
|
||||
cat "$(SERVER_CLIENT_TPL)" \
|
||||
| sed \
|
||||
-e 's/\$${\CLIENT_IP}/$(shell ./getFreeClientIP)\/32/g' \
|
||||
-e 's/\$${\CLIENT_IP}/$(shell cat $*_ip)\/32/g' \
|
||||
-e 's/\$${\ENDPOINT}/$(ENDPOINT)/g' \
|
||||
-e 's/\$${\ENDPOINT_PORT}/$(ENDPOINT_PORT)/g' \
|
||||
-e 's/\$${\CLIENT_PUBLIC_KEY}/'$$(sed -e 's/\//\\\//g' "$(CLIENT_DIR)/$*_id.pub")'/g' \
|
||||
-e 's/\$${\SERVER_PUBLIC_KEY}/'$$(sed -e 's/\//\\\//g' "$(SERVER_PUBLIC_KEY)")'/g' \
|
||||
-e 's/\$${\CLIENT_PUBLIC_KEY}/$(shell sed -e 's/\//\\\//g' "$*_id.pub")/g' \
|
||||
-e 's/\$${\SERVER_PUBLIC_KEY}/$(shell sed -e 's/\//\\\//g' "$(SERVER_PUBLIC_KEY)")/g' \
|
||||
>> "$(SERVER_CONF)"
|
||||
make update $*.show
|
||||
|
||||
|
||||
%.show: $(CLIENT_DIR)/%.conf
|
||||
.PHONY: %.show
|
||||
%.show: %.wg
|
||||
@ [ "$(QRCODE)" == "1" ] \
|
||||
&& ( echo "# Profile: $*" \
|
||||
&& qrencode -t UTF8 -r "$(CLIENT_DIR)/$*.conf" )
|
||||
@ cat "$(CLIENT_DIR)/$*.conf"
|
||||
&& qrencode -t UTF8 -r "$<" )
|
||||
@ cat "$<"
|
||||
@ echo
|
||||
|
||||
|
||||
.PHONY: %.client
|
||||
%.client: $(CLIENT_DIR)/%.wg update $(CLIENT_DIR)/%.show
|
||||
@
|
||||
|
||||
|
||||
#----------------------------------------------------------------------
|
||||
|
||||
.PHONY: update
|
||||
update:
|
||||
wg syncconf $(INTERFACE) <(wg-quick strip $(INTERFACE))
|
||||
|
||||
|
||||
.PHONY: server
|
||||
server: $(SERVER_CONF)
|
||||
|
||||
|
||||
|
||||
#----------------------------------------------------------------------
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user