awg-manager/shm_actions_script.sh

#!/bin/bash

set -e

EVENT="{{ event_name }}"
WG_MANAGER="/etc/wireguard/wg-manager.sh"
SESSION_ID="{{ user.gen_session.id }}"
API_URL="{{ config.api.url }}"

# We need the --fail-with-body option for curl.
# It has been added since curl 7.76.0, but almost all Linux distributions do not support it yet.
# If your distribution has an older version of curl, you can use it (just comment CURL_REPO)
CURL_REPO="https://github.com/moparisthebest/static-curl/releases/download/v7.86.0/curl-amd64"
CURL="/opt/curl/curl-amd64"
#CURL="curl"

echo "EVENT=$EVENT"

case $EVENT in
    INIT)
        SERVER_HOST="{{ server.settings.host_name }}"
        SERVER_INTERFACE="{{ server.settings.host_interface }}"
        if [ -z $SERVER_HOST ]; then
            echo "ERROR: set variable 'host_name' to server settings"
            exit 1
        fi

        echo "Check domain: $API_URL"
        HTTP_CODE=$(curl -s -o /dev/null -w "%{http_code}" $API_URL/shm/v1/test)
        if [ $HTTP_CODE -ne '200' ]; then
            echo "ERROR: incorrect API URL: $API_URL"
            echo "Got status: $HTTP_CODE"
            exit 1
        fi

        echo "Install required packages"
        apt update
        apt install -y \
            iproute2 \
            iptables \
            wireguard \
            wireguard-tools \
            qrencode \
            wget

        if [[ $CURL_REPO && ! -f $CURL ]]; then
            echo "Install modern curl"
            mkdir -p /opt/curl
            cd /opt/curl
            wget $CURL_REPO
            chmod 755 $CURL
        fi

        echo "Download wg-manager.sh"
        cd /etc/wireguard
        $CURL -s --fail-with-body https://danuk.github.io/wg-manager/wg-manager.sh > $WG_MANAGER

        echo "Init server"
        chmod 700 $WG_MANAGER
        if [ $SERVER_INTERFACE ]; then
            $WG_MANAGER -i -s $SERVER_HOST -I $SERVER_INTERFACE
        else
            $WG_MANAGER -i -s $SERVER_HOST
        fi
        ;;
    CREATE)
        echo "Create new user"
        USER_CFG=$($WG_MANAGER -u "{{ us.id }}" -c -p)

        echo "Upload user key to SHM"
        $CURL -s --fail-with-body -XPUT \
            -H "session-id: $SESSION_ID" \
            -H "Content-Type: text/plain" \
            $API_URL/shm/v1/storage/manage/vpn{{ us.id }} \
            --data-binary "$USER_CFG"
        echo "done"
        ;;
    ACTIVATE)
        echo "Activate user"
        $WG_MANAGER -u "{{ us.id }}" -U
        echo "done"
        ;;
    BLOCK)
        echo "Block user"
        $WG_MANAGER -u "{{ us.id }}" -L
        echo "done"
        ;;
    REMOVE)
        echo "Remove user"
        $WG_MANAGER -u "{{ us.id }}" -d

        echo "Remove user key from SHM"
        $CURL -s --fail-with-body -XDELETE \
            -H "session-id: $SESSION_ID" \
            $API_URL/shm/v1/storage/manage/vpn{{ us.id }}
        echo "done"
        ;;
    *)
        echo "Unknown event: $EVENT. Exit."
        exit 0
        ;;
esac
dnk: tune shm_actions_script.sh 2022-11-08 12:02:19 +00:00			`#!/bin/bash`

			`set -e`
dnk: add shm actions script 2022-11-07 09:23:30 +00:00
			`EVENT="{{ event_name }}"`
			`WG_MANAGER="/etc/wireguard/wg-manager.sh"`
dnk: tune shm_actions_script.sh 2022-11-08 12:02:19 +00:00			`SESSION_ID="{{ user.gen_session.id }}"`
dnk: check API URL before INIT 2023-01-24 18:14:00 +00:00			`API_URL="{{ config.api.url }}"`
dnk: tune shm_actions_script.sh 2022-11-08 12:02:19 +00:00
			`# We need the --fail-with-body option for curl.`
			`# It has been added since curl 7.76.0, but almost all Linux distributions do not support it yet.`
			`# If your distribution has an older version of curl, you can use it (just comment CURL_REPO)`
			`CURL_REPO="https://github.com/moparisthebest/static-curl/releases/download/v7.86.0/curl-amd64"`
			`CURL="/opt/curl/curl-amd64"`
			`#CURL="curl"`

			`echo "EVENT=$EVENT"`
dnk: add shm actions script 2022-11-07 09:23:30 +00:00
			`case $EVENT in`
			`INIT)`
			`SERVER_HOST="{{ server.settings.host_name }}"`
dnk: add option `Interface` 2022-08-31 15:36:12 +00:00			`SERVER_INTERFACE="{{ server.settings.host_interface }}"`
dnk: add shm actions script 2022-11-07 09:23:30 +00:00			`if [ -z $SERVER_HOST ]; then`
			`echo "ERROR: set variable 'host_name' to server settings"`
			`exit 1`
			`fi`

dnk: add verbose messages 2023-02-10 13:27:08 +00:00			`echo "Check domain: $API_URL"`
dnk: check API URL before INIT 2023-01-24 18:14:00 +00:00			`HTTP_CODE=$(curl -s -o /dev/null -w "%{http_code}" $API_URL/shm/v1/test)`
dnk: fixup 2023-01-24 18:24:48 +00:00			`if [ $HTTP_CODE -ne '200' ]; then`
dnk: check API URL before INIT 2023-01-24 18:14:00 +00:00			`echo "ERROR: incorrect API URL: $API_URL"`
dnk: fixup 2023-01-24 18:30:49 +00:00			`echo "Got status: $HTTP_CODE"`
dnk: check API URL before INIT 2023-01-24 18:14:00 +00:00			`exit 1`
			`fi`

dnk: add verbose messages 2023-02-10 13:27:08 +00:00			`echo "Install required packages"`
dnk: add shm actions script 2022-11-07 09:23:30 +00:00			`apt update`
			`apt install -y \`
dnk: add some packages for ubuntu:22.04 2022-12-13 18:14:41 +00:00			`iproute2 \`
			`iptables \`
dnk: add shm actions script 2022-11-07 09:23:30 +00:00			`wireguard \`
			`wireguard-tools \`
			`qrencode \`
dnk: tune shm_actions_script.sh 2022-11-08 12:02:19 +00:00			`wget`

			`if [[ $CURL_REPO && ! -f $CURL ]]; then`
dnk: add verbose messages 2023-02-10 13:27:08 +00:00			`echo "Install modern curl"`
dnk: tune shm_actions_script.sh 2022-11-08 12:02:19 +00:00			`mkdir -p /opt/curl`
			`cd /opt/curl`
			`wget $CURL_REPO`
			`chmod 755 $CURL`
			`fi`

dnk: add verbose messages 2023-02-10 13:27:08 +00:00			`echo "Download wg-manager.sh"`
dnk: add shm actions script 2022-11-07 09:23:30 +00:00			`cd /etc/wireguard`
dnk: tune shm_actions_script.sh 2022-11-08 12:02:19 +00:00			`$CURL -s --fail-with-body https://danuk.github.io/wg-manager/wg-manager.sh > $WG_MANAGER`
dnk: add verbose messages 2023-02-10 13:27:08 +00:00
			`echo "Init server"`
dnk: add shm actions script 2022-11-07 09:23:30 +00:00			`chmod 700 $WG_MANAGER`
dnk: add option `Interface` 2022-08-31 15:36:12 +00:00			`if [ $SERVER_INTERFACE ]; then`
			`$WG_MANAGER -i -s $SERVER_HOST -I $SERVER_INTERFACE`
			`else`
			`$WG_MANAGER -i -s $SERVER_HOST`
			`fi`
dnk: add shm actions script 2022-11-07 09:23:30 +00:00			`;;`
			`CREATE)`
dnk: add verbose messages 2023-02-10 13:27:08 +00:00			`echo "Create new user"`
dnk: fixup 2022-11-08 12:54:29 +00:00			`USER_CFG=$($WG_MANAGER -u "{{ us.id }}" -c -p)`
dnk: add shm actions script 2022-11-07 09:23:30 +00:00
dnk: add verbose messages 2023-02-10 13:27:08 +00:00			`echo "Upload user key to SHM"`
dnk: tune shm_actions_script.sh 2022-11-08 12:02:19 +00:00			`$CURL -s --fail-with-body -XPUT \`
dnk: add shm actions script 2022-11-07 09:23:30 +00:00			`-H "session-id: $SESSION_ID" \`
			`-H "Content-Type: text/plain" \`
dnk: check API URL before INIT 2023-01-24 18:14:00 +00:00			`$API_URL/shm/v1/storage/manage/vpn{{ us.id }} \`
dnk: fixup 2022-11-08 12:54:29 +00:00			`--data-binary "$USER_CFG"`
dnk: tune shm_actions_script.sh 2022-11-08 12:02:19 +00:00			`echo "done"`
			`;;`
			`ACTIVATE)`
dnk: add verbose messages 2023-02-10 13:27:08 +00:00			`echo "Activate user"`
dnk: tune shm_actions_script.sh 2022-11-08 12:02:19 +00:00			`$WG_MANAGER -u "{{ us.id }}" -U`
			`echo "done"`
			`;;`
			`BLOCK)`
dnk: add verbose messages 2023-02-10 13:27:08 +00:00			`echo "Block user"`
dnk: tune shm_actions_script.sh 2022-11-08 12:02:19 +00:00			`$WG_MANAGER -u "{{ us.id }}" -L`
dnk: add shm actions script 2022-11-07 09:23:30 +00:00			`echo "done"`
			`;;`
			`REMOVE)`
dnk: add verbose messages 2023-02-10 13:27:08 +00:00			`echo "Remove user"`
dnk: tune shm_actions_script.sh 2022-11-08 12:02:19 +00:00			`$WG_MANAGER -u "{{ us.id }}" -d`
dnk: add verbose messages 2023-02-10 13:27:08 +00:00
			`echo "Remove user key from SHM"`
dnk: tune shm_actions_script.sh 2022-11-08 12:02:19 +00:00			`$CURL -s --fail-with-body -XDELETE \`
			`-H "session-id: $SESSION_ID" \`
dnk: check API URL before INIT 2023-01-24 18:14:00 +00:00			`$API_URL/shm/v1/storage/manage/vpn{{ us.id }}`
dnk: add shm actions script 2022-11-07 09:23:30 +00:00			`echo "done"`
			`;;`
			`*)`
			`echo "Unknown event: $EVENT. Exit."`
			`exit 0`
			`;;`
			`esac`