Mercurial > hgrepos > FreeBSD > ports > sysutils > local-bsdtools
changeset 460:4bd501f9e955
Allow to configure the configuration directory for fwireguard
| author | Franz Glasner <fzglas.hg@dom66.de> |
|---|---|
| date | Tue, 11 Jun 2024 03:26:49 +0200 |
| parents | 345f1270e41e |
| children | f8858fc8c7f3 |
| files | files/fwireguard.in |
| diffstat | 1 files changed, 20 insertions(+), 16 deletions(-) [+] |
line wrap: on
line diff
--- a/files/fwireguard.in Tue Jun 11 03:17:51 2024 +0200 +++ b/files/fwireguard.in Tue Jun 11 03:26:49 2024 +0200 @@ -10,6 +10,8 @@ # fwireguard_enable (bool): Set to "YES" to enable wireguard (default: "NO") # fwireguard_wait (str): wait (sleep) this time before calling post-start # when configuring an interface (default: 2s) +# fwireguard_configdir (str): Where fwireguard finds its configuration +# (default: %%PREFIX%%/etc/fwireguard) # # NOTE: All wireguard interfaces must be mentioned in "cloned_interfaces". # @@ -26,40 +28,41 @@ reload_cmd="${name}_reload" status_cmd="${name}_status" - load_rc_config $name - : ${fwireguard_enable:="NO"} : ${fwireguard_wait="2s"} +: ${fwireguard_configdir:="%%PREFIX%%/etc/fwireguard"} fwireguard_start() { - local _d _f _if - _d="%%PREFIX%%/etc/fwireguard" - if [ ! -d "${_d}" ]; then mkdir "${_d}"; fi + local _f _if + + if [ ! -d "${fwireguard_configdir}" ]; then + mkdir "${fwireguard_configdir}" + fi for _if in `/sbin/ifconfig -g wg`; do - _f="${_d}/${_if}.key" + _f="${fwireguard_configdir}/${_if}.key" if [ ! -f "${_f}" ]; then echo "Generating secret key for ${_if} in ${_f}" (umask 0077; /usr/bin/wg genkey > "${_f}") fi - _f="${_d}/${_if}.pub" + _f="${fwireguard_configdir}/${_if}.pub" if [ ! -f "${_f}" ]; then echo "Generating public key for ${_if} in ${_f}" - /usr/bin/wg pubkey < ${_d}/${_if}.key > "${_f}" + /usr/bin/wg pubkey < ${fwireguard_configdir}/${_if}.key > "${_f}" fi - _f="${_d}/${_if}.conf" + _f="${fwireguard_configdir}/${_if}.conf" if [ ! -f "${_f}" ]; then echo "Generating minimal config for ${_if} in ${_f}" umask 0077 echo "[Interface]" > "${_f}" /usr/bin/printf 'PrivateKey\t\t= ' >> "${_f}" - /bin/cat "${_d}/${_if}.key" >> "${_f}" + /bin/cat "${fwireguard_configdir}/${_if}.key" >> "${_f}" echo -e "#ListenPort\t\t= 51820" >> "${_f}" echo -e "#FwMark\t\t\t= 0x12345678\n" >> "${_f}" echo "#[Peer]" >> "${_f}" @@ -73,11 +76,11 @@ /sbin/ifconfig "${_if}" destroy /sbin/ifconfig "${_if}" create # will take ifconfig_wgX="inet values" from /etc/rc.conf /usr/bin/wg setconf "${_if}" "${_f}" - if [ -x "${_d}/${_if}.post-start" ]; then + if [ -x "${fwireguard_configdir}/${_if}.post-start" ]; then if [ -n "${fwireguard_wait}" ]; then /bin/sleep "${fwireguard_wait}" fi - "${_d}/${_if}.post-start" + "${fwireguard_configdir}/${_if}.post-start" fi # /usr/bin/wg syncconf ${_if} ${_f} done @@ -86,11 +89,11 @@ fwireguard_stop() { - local _d _if - _d="%%PREFIX%%/etc/fwireguard" + local _if + for _if in `/sbin/ifconfig -g wg`; do - if [ -x "${_d}/${_if}.pre-stop" ]; then - "${_d}/${_if}.pre-stop" + if [ -x "${fwireguard_configdir}/${_if}.pre-stop" ]; then + "${fwireguard_configdir}/${_if}.pre-stop" fi /sbin/ifconfig "${_if}" down done @@ -106,6 +109,7 @@ fwireguard_status() { local _if + for _if in `/sbin/ifconfig -g wg`; do /usr/bin/wg show "${_if}" done