roypur/wireguard-setup
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

create simple resolver

Browse Source
This commit is contained in:
Roy Olav Purser
2024-02-10 17:58:50 +01:00
parent e2b7965287
commit 42af0652e4
4 changed files with 45 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
Makefile
View File

@@ -36,6 +36,7 @@ install_basic: systemd scripts bin
cp scripts/inner_basic.sh /snacks/wireguard/scripts/inner_basic.sh cp scripts/inner_basic.sh /snacks/wireguard/scripts/inner_basic.sh
cp scripts/is_root_namespace.py /snacks/wireguard/scripts/is_root_namespace.py cp scripts/is_root_namespace.py /snacks/wireguard/scripts/is_root_namespace.py
cp scripts/dns.nft /snacks/wireguard/scripts/dns.nft cp scripts/dns.nft /snacks/wireguard/scripts/dns.nft
cp scripts/create_conf.py /snacks/wireguard/scripts/create_conf.py
cat scripts/vpn_prompt.sh >> /etc/zsh/zshrc cat scripts/vpn_prompt.sh >> /etc/zsh/zshrc
cp bin/vpn /usr/local/bin/vpn cp bin/vpn /usr/local/bin/vpn
setcap cap_sys_admin,cap_sys_ptrace=ep /usr/local/bin/vpn setcap cap_sys_admin,cap_sys_ptrace=ep /usr/local/bin/vpn

3
scripts/connect_basic.py
View File

@@ -66,6 +66,9 @@ def wireguard():
"vpn", "vpn",
] ]
) )
subprocess.run(
["nsenter", "--net=/proc/1/ns/net", "/snacks/wireguard/scripts/create_conf.py"],
)
subprocess.run( subprocess.run(
["/snacks/wireguard/scripts/inner_basic.sh"], ["/snacks/wireguard/scripts/inner_basic.sh"],
) )

39
scripts/create_conf.py Normal file
View File

@@ -0,0 +1,39 @@
#!/usr/bin/env python3
import pydantic
from typing import Optional
import socket
class Config(pydantic.BaseModel):
public_key: str
host: str
port: int
private_key: str
def write_wg(config: Config):
wg_conf = (
"[Interface]\n"
f"privatekey = {config.private_key}\n\n"
"[Peer]\n"
f"publickey = {config.public_key}\n"
f"endpoint = {config.host}:{config.port}\n"
"persistentkeepalive = 20\n"
"allowedips = 0.0.0.0/0, ::/0\n"
)
try:
with open("/run/vpnclient/wg.conf", mode="w", encoding="utf-8") as f:
f.write(wg_conf)
except IOError:
pass
def get_config() -> Optional[Config]:
with open("/snacks/wireguard/wg.json", "r", encoding="utf-8") as f:
config = Config.parse_raw(f.read())
config.host = socket.gethostbyname(config.host)
return config
write_wg(get_config())

2
systemd/vpnclient-wg-basic.service
View File

@@ -12,6 +12,8 @@ EnvironmentFile=/snacks/wireguard/env
ExecStart=/snacks/wireguard/scripts/connect_basic.py ExecStart=/snacks/wireguard/scripts/connect_basic.py
NetworkNamespacePath=/run/vpn/net NetworkNamespacePath=/run/vpn/net
RemainAfterExit=true RemainAfterExit=true
RuntimeDirectory=vpnclient
RuntimeDirectoryMode=0600
[Install] [Install]
WantedBy=multi-user.target WantedBy=multi-user.target