| 
									
										
										
										
											2022-11-08 12:02:19 +00:00
										 |  |  | #!/bin/bash
 | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | set -e | 
					
						
							| 
									
										
										
										
											2022-11-07 09:23:30 +00:00
										 |  |  | 
 | 
					
						
							|  |  |  | EVENT="{{ event_name }}" | 
					
						
							|  |  |  | WG_MANAGER="/etc/wireguard/wg-manager.sh" | 
					
						
							| 
									
										
										
										
											2022-11-08 12:02:19 +00:00
										 |  |  | SESSION_ID="{{ user.gen_session.id }}" | 
					
						
							| 
									
										
										
										
											2023-01-24 18:14:00 +00:00
										 |  |  | API_URL="{{ config.api.url }}" | 
					
						
							| 
									
										
										
										
											2022-11-08 12:02:19 +00:00
										 |  |  | 
 | 
					
						
							|  |  |  | # We need the --fail-with-body option for curl. | 
					
						
							|  |  |  | # It has been added since curl 7.76.0, but almost all Linux distributions do not support it yet. | 
					
						
							|  |  |  | # If your distribution has an older version of curl, you can use it (just comment CURL_REPO) | 
					
						
							|  |  |  | CURL_REPO="https://github.com/moparisthebest/static-curl/releases/download/v7.86.0/curl-amd64" | 
					
						
							|  |  |  | CURL="/opt/curl/curl-amd64" | 
					
						
							|  |  |  | #CURL="curl" | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | echo "EVENT=$EVENT" | 
					
						
							| 
									
										
										
										
											2022-11-07 09:23:30 +00:00
										 |  |  | 
 | 
					
						
							|  |  |  | case $EVENT in | 
					
						
							|  |  |  |     INIT) | 
					
						
							|  |  |  |         SERVER_HOST="{{ server.settings.host_name }}" | 
					
						
							| 
									
										
										
										
											2022-08-31 15:36:12 +00:00
										 |  |  |         SERVER_INTERFACE="{{ server.settings.host_interface }}" | 
					
						
							| 
									
										
										
										
											2022-11-07 09:23:30 +00:00
										 |  |  |         if [ -z $SERVER_HOST ]; then | 
					
						
							|  |  |  |             echo "ERROR: set variable 'host_name' to server settings" | 
					
						
							|  |  |  |             exit 1 | 
					
						
							|  |  |  |         fi | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2023-01-24 18:14:00 +00:00
										 |  |  |         HTTP_CODE=$(curl -s -o /dev/null -w "%{http_code}" $API_URL/shm/v1/test) | 
					
						
							|  |  |  |         if [ $CODE -ne '200' ]; then | 
					
						
							|  |  |  |             echo "ERROR: incorrect API URL: $API_URL" | 
					
						
							|  |  |  |             echo "Got status: $CODE" | 
					
						
							|  |  |  |             exit 1 | 
					
						
							|  |  |  |         fi | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2022-11-07 09:23:30 +00:00
										 |  |  |         apt update | 
					
						
							|  |  |  |         apt install -y \
 | 
					
						
							| 
									
										
										
										
											2022-12-13 18:14:41 +00:00
										 |  |  |             iproute2 \
 | 
					
						
							|  |  |  |             iptables \
 | 
					
						
							| 
									
										
										
										
											2022-11-07 09:23:30 +00:00
										 |  |  |             wireguard \
 | 
					
						
							|  |  |  |             wireguard-tools \
 | 
					
						
							|  |  |  |             qrencode \
 | 
					
						
							| 
									
										
										
										
											2022-11-08 12:02:19 +00:00
										 |  |  |             wget | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  |         if [[ $CURL_REPO && ! -f $CURL ]]; then | 
					
						
							|  |  |  |             mkdir -p /opt/curl | 
					
						
							|  |  |  |             cd /opt/curl | 
					
						
							|  |  |  |             wget $CURL_REPO | 
					
						
							|  |  |  |             chmod 755 $CURL | 
					
						
							|  |  |  |         fi | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2022-11-07 09:23:30 +00:00
										 |  |  |         cd /etc/wireguard | 
					
						
							| 
									
										
										
										
											2022-11-08 12:02:19 +00:00
										 |  |  |         $CURL -s --fail-with-body https://danuk.github.io/wg-manager/wg-manager.sh > $WG_MANAGER | 
					
						
							| 
									
										
										
										
											2022-11-07 09:23:30 +00:00
										 |  |  |         chmod 700 $WG_MANAGER | 
					
						
							| 
									
										
										
										
											2022-08-31 15:36:12 +00:00
										 |  |  |         if [ $SERVER_INTERFACE ]; then | 
					
						
							|  |  |  |             $WG_MANAGER -i -s $SERVER_HOST -I $SERVER_INTERFACE | 
					
						
							|  |  |  |         else | 
					
						
							|  |  |  |             $WG_MANAGER -i -s $SERVER_HOST | 
					
						
							|  |  |  |         fi | 
					
						
							| 
									
										
										
										
											2022-11-07 09:23:30 +00:00
										 |  |  |         ;; | 
					
						
							|  |  |  |     CREATE) | 
					
						
							| 
									
										
										
										
											2022-11-08 12:54:29 +00:00
										 |  |  |         USER_CFG=$($WG_MANAGER -u "{{ us.id }}" -c -p) | 
					
						
							| 
									
										
										
										
											2022-11-07 09:23:30 +00:00
										 |  |  | 
 | 
					
						
							| 
									
										
										
										
											2022-11-08 12:02:19 +00:00
										 |  |  |         $CURL -s --fail-with-body -XPUT \
 | 
					
						
							| 
									
										
										
										
											2022-11-07 09:23:30 +00:00
										 |  |  |             -H "session-id: $SESSION_ID" \
 | 
					
						
							|  |  |  |             -H "Content-Type: text/plain" \
 | 
					
						
							| 
									
										
										
										
											2023-01-24 18:14:00 +00:00
										 |  |  |             $API_URL/shm/v1/storage/manage/vpn{{ us.id }} \
 | 
					
						
							| 
									
										
										
										
											2022-11-08 12:54:29 +00:00
										 |  |  |             --data-binary "$USER_CFG" | 
					
						
							| 
									
										
										
										
											2022-11-08 12:02:19 +00:00
										 |  |  |         echo "done" | 
					
						
							|  |  |  |         ;; | 
					
						
							|  |  |  |     ACTIVATE) | 
					
						
							|  |  |  |         $WG_MANAGER -u "{{ us.id }}" -U | 
					
						
							|  |  |  |         echo "done" | 
					
						
							|  |  |  |         ;; | 
					
						
							|  |  |  |     BLOCK) | 
					
						
							|  |  |  |         $WG_MANAGER -u "{{ us.id }}" -L | 
					
						
							| 
									
										
										
										
											2022-11-07 09:23:30 +00:00
										 |  |  |         echo "done" | 
					
						
							|  |  |  |         ;; | 
					
						
							|  |  |  |     REMOVE) | 
					
						
							| 
									
										
										
										
											2022-11-08 12:02:19 +00:00
										 |  |  |         $WG_MANAGER -u "{{ us.id }}" -d | 
					
						
							|  |  |  |         $CURL -s --fail-with-body -XDELETE \
 | 
					
						
							|  |  |  |             -H "session-id: $SESSION_ID" \
 | 
					
						
							| 
									
										
										
										
											2023-01-24 18:14:00 +00:00
										 |  |  |             $API_URL/shm/v1/storage/manage/vpn{{ us.id }} | 
					
						
							| 
									
										
										
										
											2022-11-07 09:23:30 +00:00
										 |  |  |         echo "done" | 
					
						
							|  |  |  |         ;; | 
					
						
							|  |  |  |     *) | 
					
						
							|  |  |  |         echo "Unknown event: $EVENT. Exit." | 
					
						
							|  |  |  |         exit 0 | 
					
						
							|  |  |  |         ;; | 
					
						
							|  |  |  | esac | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | 
 |