flynx/proxmox-utils
1
0
Fork 0
mirror of https://github.com/flynx/proxmox-utils.git synced 2025-12-25 12:52:04 +00:00
Code Issues Packages Projects Releases Wiki Activity

Compare commits

base: flynx:61ac0642156ec661f84ec42135af1ddeceeb379c
Branches Tags
flynx:master
..
compare: flynx:15bd2978e7119098c04b1e0c9ce4d3151ee8a499
Branches Tags
flynx:master

No commits in common. "61ac0642156ec661f84ec42135af1ddeceeb379c" and "15bd2978e7119098c04b1e0c9ce4d3151ee8a499" have entirely different histories.
61ac064215 ... 15bd2978e7

4 changed files with 15 additions and 35 deletions
Show Stats Expand all files Collapse all files

4
.pct-helpers
View File

@ -347,7 +347,7 @@ buildAssets(){
) )
for var in ${DFL_VARS[@]} ; do for var in ${DFL_VARS[@]} ; do
local val=${!var} local val=${!var}
PATTERNS+=("-e 's/\\\${${var}}/${val//\//\\/}/g'") PATTERNS+=("-e 's/\\\${${var}}/${val/\//\\/}/g'")
done done
local IP_VARS=( local IP_VARS=(
GATE_LAN_IPn GATE_LAN_IPn
@ -365,7 +365,7 @@ buildAssets(){
# args... # args...
for var in $@ ; do for var in $@ ; do
local val=${!var} local val=${!var}
PATTERNS+=("-e 's/\\\${${var}}/${val//\//\\/}/g'") PATTERNS+=("-e 's/\\\${${var}}/${val/\//\\/}/g'")
done done
local TEMPLATES=($(find "$template_dir" -type f)) local TEMPLATES=($(find "$template_dir" -type f))

12
wireguard/make.sh
View File

@ -35,16 +35,12 @@ LAN_GATE=-
REBOOT=${REBOOT:=1} REBOOT=${REBOOT:=1}
# Wireguard config...
DFL_ENDPOINT=${DFL_ENDPOINT:=$(dig +short ${DOMAIN:-$DFL_DOMAIN} | tail -1)} DFL_ENDPOINT=${DFL_ENDPOINT:=$(dig +short ${DOMAIN:-$DFL_DOMAIN} | tail -1)}
xread "Wireguard endpoint: " ENDPOINT xread "Wireguard endpoint: " ENDPOINT
DFL_ENDPOINT_PORT=${DFL_ENDPOINT_PORT:=51820} DFL_ENDPOINT_PORT=${DFL_ENDPOINT_PORT:=51820}
xread "Wireguard endpoint port: " ENDPOINT_PORT xread "Wireguard endpoint port: " ENDPOINT_PORT
CLIENT_IPS=${CLIENT_IPS:-10.42.0.0/16}
ALLOWED_IPS=${ALLOWED_IPS:-0.0.0.0/0,${CLIENT_IPS}}
readVars readVars
@ -77,7 +73,7 @@ OPTS_STAGE_2="\
#---------------------------------------------------------------------- #----------------------------------------------------------------------
echo "# Building config..." echo "# Building config..."
buildAssets ENDPOINT ENDPOINT_PORT DNS CLIENT_IPS ALLOWED_IPS buildAssets ENDPOINT ENDPOINT_PORT DNS
echo "# Creating CT..." echo "# Creating CT..."
pctCreateAlpine $ID "${OPTS_STAGE_1}" "$PASS" pctCreateAlpine $ID "${OPTS_STAGE_1}" "$PASS"
@ -87,13 +83,15 @@ echo "# Installing dependencies..."
echo "# Copying assets..." echo "# Copying assets..."
@ pct-push-r $ID ./assets / @ pct-push-r $ID ./assets /
@ lxc-attach $ID -- chmod +x /root/getFreeClientIP
#echo "# Setup: wireguard server..." #echo "# Setup: wireguard server..."
@ lxc-attach $ID -- bash -c 'cd /root && make server' @ lxc-attach $ID -- bash -c 'cd /root && make server'
echo "# Setup: wireguard default profile..." echo "# Setup: wireguard default profile..."
@ lxc-attach $ID -- bash -c "cd /root && make default.client" @ lxc-attach $ID -- bash -c "cd /root && \
CLIENT_IP=10.42.0.1/32 \
ALLOWED_IPS=0.0.0.0/0 \
make default.client"
@ lxc-attach $ID -- chmod 600 /etc/wireguard/wg0.conf @ lxc-attach $ID -- chmod 600 /etc/wireguard/wg0.conf
echo "# client config:" echo "# client config:"

15
wireguard/templates/root/Makefile
View File

@ -11,13 +11,14 @@ SERVER_PUBLIC_KEY := $(SERVER_DIR)/server_id.pub
CLIENT_TPL := templates/client.conf CLIENT_TPL := templates/client.conf
CLIENT_DIR := $(SERVER_DIR)/clients/ CLIENT_DIR := $(SERVER_DIR)/clients/
CLIENT_IPS ?= 10.42.0.0/16
ENDPOINT ?= ${ENDPOINT}
ENDPOINT_PORT ?= ${ENDPOINT_PORT} ENDPOINT_PORT ?= ${ENDPOINT_PORT}
DNS ?= ${DNS} ENDPOINT ?= ${ENDPOINT}
CLIENT_IPS ?= ${CLIENT_IPS}
ALLOWED_IPS ?= ${ALLOWED_IPS}
DNS ?= ${DNS}
ALLOWED_IPS ?= 0.0.0.0/0
# XXX need to generate this...
CLIENT_IP ?= 10.42.0.1/32
%_id: %_id:
@ -49,13 +50,13 @@ $(SERVER_CONF): $(SERVER_TPL) $(SERVER_KEY)
-e 's/\$${\ENDPOINT}/$(ENDPOINT)/g' \ -e 's/\$${\ENDPOINT}/$(ENDPOINT)/g' \
-e 's/\$${\ENDPOINT_PORT}/$(ENDPOINT_PORT)/g' \ -e 's/\$${\ENDPOINT_PORT}/$(ENDPOINT_PORT)/g' \
-e 's/\$${\ALLOWED_IPS}/$(subst /,\/,$(ALLOWED_IPS))/g' \ -e 's/\$${\ALLOWED_IPS}/$(subst /,\/,$(ALLOWED_IPS))/g' \
-e 's/\$${\CLIENT_IP}/$(shell ./getFreeClientIP)\/32/g' \ -e 's/\$${\CLIENT_IP}/$(subst /,\/,$(CLIENT_IP))/g' \
-e 's/\$${\CLIENT_PRIVATE_KEY}/'$$(sed -e 's/\//\\\//g' "$(CLIENT_DIR)/$*_id")'/g' \ -e 's/\$${\CLIENT_PRIVATE_KEY}/'$$(sed -e 's/\//\\\//g' "$(CLIENT_DIR)/$*_id")'/g' \
-e 's/\$${\SERVER_PUBLIC_KEY}/'$$(sed -e 's/\//\\\//g' "$(SERVER_PUBLIC_KEY)")'/g' \ -e 's/\$${\SERVER_PUBLIC_KEY}/'$$(sed -e 's/\//\\\//g' "$(SERVER_PUBLIC_KEY)")'/g' \
> "$(CLIENT_DIR)/$*.conf" > "$(CLIENT_DIR)/$*.conf"
cat "$(SERVER_CLIENT_TPL)" \ cat "$(SERVER_CLIENT_TPL)" \
| sed \ | sed \
-e 's/\$${\CLIENT_IP}/$(shell ./getFreeClientIP)\/32/g' \ -e 's/\$${\CLIENT_IP}/$(subst /,\/,$(CLIENT_IP))/g' \
-e 's/\$${\ENDPOINT}/$(ENDPOINT)/g' \ -e 's/\$${\ENDPOINT}/$(ENDPOINT)/g' \
-e 's/\$${\ENDPOINT_PORT}/$(ENDPOINT_PORT)/g' \ -e 's/\$${\ENDPOINT_PORT}/$(ENDPOINT_PORT)/g' \
-e 's/\$${\CLIENT_PUBLIC_KEY}/'$$(sed -e 's/\//\\\//g' "$(CLIENT_DIR)/$*_id.pub")'/g' \ -e 's/\$${\CLIENT_PUBLIC_KEY}/'$$(sed -e 's/\//\\\//g' "$(CLIENT_DIR)/$*_id.pub")'/g' \

19
wireguard/templates/root/getFreeClientIP
View File

@ -1,19 +0,0 @@
#!/usr/bin/env bash
CLIENT_IPS=${CLIENT_IPS}
BASE_IP=${CLIENT_IPS/.0\/*}
IPs=($(cat /etc/wireguard/clients/* 2> /dev/null \
| grep Address \
| cut -d'.' -f 4 \
| cut -d '/' -f 1 \
| sort))
IPs=${IPs[@]}
i=1
while [ "$( echo $IPs | fgrep -w $i )" ] ; do
i=$(( i + 1 ))
done
echo $BASE_IP.$i