.pct-helpers

@@ -347,7 +347,7 @@ buildAssets(){
 	)
 	for var in ${DFL_VARS[@]} ; do
 		local val=${!var}
-		PATTERNS+=("-e 's/\\\${${var}}/${val//\//\\/}/g'")
+		PATTERNS+=("-e 's/\\\${${var}}/${val/\//\\/}/g'")
 	done
 	local IP_VARS=(
 		GATE_LAN_IPn
@@ -365,7 +365,7 @@ buildAssets(){
 	# args...
 	for var in $@ ; do
 		local val=${!var}
-		PATTERNS+=("-e 's/\\\${${var}}/${val//\//\\/}/g'")
+		PATTERNS+=("-e 's/\\\${${var}}/${val/\//\\/}/g'")
 	done
 
 	local TEMPLATES=($(find "$template_dir" -type f))

wireguard/make.sh

@@ -35,16 +35,12 @@ LAN_GATE=-
 
 REBOOT=${REBOOT:=1}
 
-# Wireguard config...
 DFL_ENDPOINT=${DFL_ENDPOINT:=$(dig +short ${DOMAIN:-$DFL_DOMAIN} | tail -1)}
 xread "Wireguard endpoint: " ENDPOINT
 
 DFL_ENDPOINT_PORT=${DFL_ENDPOINT_PORT:=51820}
 xread "Wireguard endpoint port: " ENDPOINT_PORT
 
-CLIENT_IPS=${CLIENT_IPS:-10.42.0.0/16}
-ALLOWED_IPS=${ALLOWED_IPS:-0.0.0.0/0,${CLIENT_IPS}}
-
 
 readVars
 
@@ -77,7 +73,7 @@ OPTS_STAGE_2="\
 #----------------------------------------------------------------------
 
 echo "# Building config..."
-buildAssets ENDPOINT ENDPOINT_PORT DNS CLIENT_IPS ALLOWED_IPS
+buildAssets ENDPOINT ENDPOINT_PORT DNS
 
 echo "# Creating CT..."
 pctCreateAlpine $ID "${OPTS_STAGE_1}" "$PASS"
@@ -87,13 +83,15 @@ echo "# Installing dependencies..."
 
 echo "# Copying assets..."
 @ pct-push-r $ID ./assets /
-@ lxc-attach $ID -- chmod +x /root/getFreeClientIP
 
 #echo "# Setup: wireguard server..."
 @ lxc-attach $ID -- bash -c 'cd /root && make server'
 
 echo "# Setup: wireguard default profile..."
-@ lxc-attach $ID -- bash -c "cd /root && make default.client" 
+@ lxc-attach $ID -- bash -c "cd /root && \
+	CLIENT_IP=10.42.0.1/32 \
+	ALLOWED_IPS=0.0.0.0/0 \
+		make default.client" 
 @ lxc-attach $ID -- chmod 600 /etc/wireguard/wg0.conf
 
 echo "# client config:"

wireguard/templates/root/Makefile

@@ -11,13 +11,14 @@ SERVER_PUBLIC_KEY := $(SERVER_DIR)/server_id.pub
 CLIENT_TPL := templates/client.conf
 CLIENT_DIR := $(SERVER_DIR)/clients/
 
-
-ENDPOINT ?= ${ENDPOINT}
+CLIENT_IPS ?= 10.42.0.0/16
 ENDPOINT_PORT ?= ${ENDPOINT_PORT}
-DNS ?= ${DNS}
-CLIENT_IPS ?= ${CLIENT_IPS}
-ALLOWED_IPS ?= ${ALLOWED_IPS}
+ENDPOINT ?= ${ENDPOINT}
 
+DNS ?= ${DNS}
+ALLOWED_IPS ?= 0.0.0.0/0
+# XXX need to generate this...
+CLIENT_IP ?= 10.42.0.1/32
 
 
 %_id:
@@ -49,13 +50,13 @@ $(SERVER_CONF): $(SERVER_TPL) $(SERVER_KEY)
 			-e 's/\$${\ENDPOINT}/$(ENDPOINT)/g' \
 			-e 's/\$${\ENDPOINT_PORT}/$(ENDPOINT_PORT)/g' \
 			-e 's/\$${\ALLOWED_IPS}/$(subst /,\/,$(ALLOWED_IPS))/g' \
-			-e 's/\$${\CLIENT_IP}/$(shell ./getFreeClientIP)\/32/g' \
+			-e 's/\$${\CLIENT_IP}/$(subst /,\/,$(CLIENT_IP))/g' \
 			-e 's/\$${\CLIENT_PRIVATE_KEY}/'$$(sed -e 's/\//\\\//g' "$(CLIENT_DIR)/$*_id")'/g' \
 			-e 's/\$${\SERVER_PUBLIC_KEY}/'$$(sed -e 's/\//\\\//g' "$(SERVER_PUBLIC_KEY)")'/g' \
 		> "$(CLIENT_DIR)/$*.conf"
 	cat "$(SERVER_CLIENT_TPL)" \
 		| sed \
-			-e 's/\$${\CLIENT_IP}/$(shell ./getFreeClientIP)\/32/g' \
+			-e 's/\$${\CLIENT_IP}/$(subst /,\/,$(CLIENT_IP))/g' \
 			-e 's/\$${\ENDPOINT}/$(ENDPOINT)/g' \
 			-e 's/\$${\ENDPOINT_PORT}/$(ENDPOINT_PORT)/g' \
 			-e 's/\$${\CLIENT_PUBLIC_KEY}/'$$(sed -e 's/\//\\\//g' "$(CLIENT_DIR)/$*_id.pub")'/g' \

wireguard/templates/root/getFreeClientIP

@@ -1,19 +0,0 @@
-#!/usr/bin/env bash
-
-CLIENT_IPS=${CLIENT_IPS}
-
-BASE_IP=${CLIENT_IPS/.0\/*}
-IPs=($(cat /etc/wireguard/clients/* 2> /dev/null \
-	| grep Address \
-	| cut -d'.' -f 4 \
-	| cut -d '/' -f 1 \
-	| sort))
-IPs=${IPs[@]}
-
-i=1
-while [ "$( echo $IPs | fgrep -w $i )" ] ; do
-	i=$(( i + 1 ))
-done
-
-echo $BASE_IP.$i
-