Skip to content

Commit c9de469

Browse files
ipitioipitio
committed
better wg call
1 parent 7efc0fd commit c9de469

File tree

5 files changed

+17
-19
lines changed

5 files changed

+17
-19
lines changed

debian/control

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -4,7 +4,7 @@ Homepage: https://github.com/ipitio/closure
44
Standards-Version: 3.9.2
55

66
Package: closure
7-
Version: 1.6.16
7+
Version: 1.6.17
88
Maintainer: ipitio <[email protected]>
99
Depends: curl, flatpak, gpg, hostapd, isc-dhcp-server, iw, macchanger, netplan.io, network-manager, net-tools, qrencode, rfkill, wireguard, wireless-tools, wget
1010
Recommends: containerd.io, docker-ce, docker-ce-cli, docker-buildx-plugin, docker-compose-plugin

init.sh

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -160,7 +160,7 @@ else
160160
echo "grep -qP '\d+' <<<\"\$SSH_CLIENT\" || sudo $active_path $CLS_STARTUP_ARGS" | sudo tee -a /home/"$CLS_ACTIVE_USER"/.profile >/dev/null
161161
fi
162162

163-
if $CLS_DOCKER; then
163+
if [ "$CLS_DOCKER" = "true" ]; then
164164
sudo mkdir -p /etc/docker
165165
echo '{
166166
"ipv6": true,

lib.sh

Lines changed: 9 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -46,12 +46,15 @@ sudo() {
4646
fi
4747
}
4848

49+
# shellcheck disable=SC2120
4950
wg() {
50-
if $CLS_DOCKER; then
51-
sudo docker exec wireguard wg "$@"
52-
else
53-
command wg "$@"
54-
fi
51+
sudo bash <<EOF
52+
if [ "$CLS_DOCKER" = "true" ]; then
53+
docker exec wireguard wg ${@@Q}
54+
else
55+
command wg ${@@Q}
56+
fi
57+
EOF
5558
}
5659

5760
get_local_iface() {
@@ -64,6 +67,7 @@ get_local_ip() {
6467
ip r | grep -q '^default via' || sudo ip r add default via "$(nmcli dev show "$CLS_LOCAL_IFACE" | grep -oP '((?<=GATEWAY:)[^-]*|/0.*?= [^,]+)' | grep -oE '[^ ]+$' | head -n1)" dev "$CLS_LOCAL_IFACE" &>/dev/null
6568
CLS_GATEWAY=$(ip r | grep -oP '^default via \K\S+')
6669
CLS_LOCAL_IP=$(ip a show "$CLS_LOCAL_IFACE" | grep -oP 'inet \K\S+' | cut -d/ -f1)
70+
wg | grep -oE 'endpoint: [^:]+' | grep -oE '\S+$' | while read -r endpoint; do route -n | grep -q "$endpoint" || sudo route add -net "$endpoint" netmask 255.255.255.255 gw "$CLS_GATEWAY" &>/dev/null; done
6771
}
6872

6973
restart_isc() {

start.sh

Lines changed: 5 additions & 11 deletions
Original file line numberDiff line numberDiff line change
@@ -20,7 +20,7 @@ if ! ${CLS_WG_ONLY:-false}; then
2020
if [ -n "$WIFI" ]; then
2121
WIFI=${WIFI//\"/\\\"}
2222

23-
if $ADD; then
23+
if [ "$ADD" = "true" ]; then
2424
! $PORTAL || jq "(. | select([\"$WIFI\"]) | .[\"$WIFI\"]) = \"$MAC\"" config/wifis.json | sudo tee config/new.wifis.json
2525
[[ ! -f config/new.wifis.json || ! -s config/new.wifis.json ]] || sudo mv -f config/new.wifis.json config/wifis.json
2626
wpa_ssid=".network.wifis.[\"$CLS_WIFACE\"].access-points.[\"$WIFI\"]"
@@ -70,7 +70,7 @@ if ! ${CLS_WG_ONLY:-false}; then
7070
eval "start_hostapd ${*@Q}" &
7171
fi
7272

73-
if $CLS_DOCKER; then
73+
if [ "$CLS_DOCKER" = "true" ]; then
7474
sudo systemctl enable --now docker
7575

7676
for table in nat filter; do
@@ -82,7 +82,7 @@ if $CLS_DOCKER; then
8282
else
8383
sudo sysctl -w net.ipv4.ip_forward=0
8484
sudo sysctl -w net.ipv6.conf.all.forwarding=0
85-
for iface in $(sudo wg | grep -oP '(?<=interface: ).+'); do sudo wg-quick down "$iface"; done
85+
for iface in $(wg | grep -oP '(?<=interface: ).+'); do sudo wg-quick down "$iface"; done
8686
fi
8787

8888
eval "cast pre-up ${*@Q}"
@@ -104,17 +104,11 @@ eval "cast pre-up ${*@Q}"
104104
get_local_ip
105105

106106
if ! ip rule show table 7 2>/dev/null | grep -qP '0x55' || ! ip route show table 7 2>/dev/null | grep -q default; then
107-
ip route show table 7 2>/dev/null | grep -q default || sudo ip route add default via "$(ip r | grep -oP 'default via \K\S+')" dev "$CLS_LOCAL_IFACE" table 7 &>/dev/null
107+
ip route show table 7 2>/dev/null | grep -q default || sudo ip route add default via "$CLS_GATEWAY" dev "$CLS_LOCAL_IFACE" table 7 &>/dev/null
108108
ip rule show table 7 2>/dev/null | grep -qP '0x55' || sudo ip rule add fwmark 0x55 table 7 &>/dev/null
109109
sudo ip route flush cache
110110
fi
111111

112-
if [ -n "$CLS_EXTERN_IFACE" ] && [[ "$CLS_TYPE_NODE" =~ (hub|saah) ]] && ip a show "$CLS_EXTERN_IFACE" | grep -q UP; then
113-
sudo wg | grep -oE 'endpoint: [^:]+' | grep -oE '\S+$' | while read -r endpoint; do
114-
route -n | grep -q "$endpoint" || sudo route add -net "$endpoint" netmask 255.255.255.255 gw "$(ip r | grep -oP 'default via \K\S+')" &>/dev/null
115-
done
116-
fi
117-
118112
if ! is_ip "$SERVERURL"; then
119113
core_ip_now=$(get_server_ip)
120114

@@ -133,7 +127,7 @@ eval "cast pre-up ${*@Q}"
133127
exec sudo CLS_WG_ONLY=false bash restart.sh ${@@Q}
134128
) &
135129

136-
if $CLS_DOCKER; then
130+
if [ "$CLS_DOCKER" = "true" ]; then
137131
sudo systemctl stop isc-dhcp-server
138132

139133
# prod starts wg

wireguard/add.sh

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -18,7 +18,7 @@ if ! grep -q "$1" <<<"$PEERS"; then
1818
PEERS="$new_peers"
1919
sudo mv -f wireguard/config/wg_confs/"$CLS_INTERN_IFACE".conf wireguard/config/wg_confs/"$CLS_INTERN_IFACE".conf.bak
2020

21-
if $CLS_DOCKER; then
21+
if [ "$CLS_DOCKER" = "true" ]; then
2222
sudo CLS_WG_ONLY=true bash restart.sh ${@@Q}
2323
else
2424
bash wireguard/etc/run

0 commit comments

Comments
 (0)