37 lines
1.0 KiB
Plaintext
37 lines
1.0 KiB
Plaintext
|
#!/usr/bin/env bash
|
||
|
|
|
||
|
|
if [ ${MODE} == "start" ]
|
||
|
|
then
|
||
|
|
set -ue
|
||
|
|
elif [ ${MODE} == "stop" ]
|
||
|
|
then
|
||
|
|
set -u
|
||
|
|
else
|
||
|
|
echo "$(basename ${0}): mode must be one of either 'start' or 'stop'" 1>&2
|
||
|
|
exit 1
|
||
|
|
fi
|
||
|
|
|
||
|
|
case ${PHASE} in
|
||
|
|
"pre-up")
|
||
|
|
/usr/sbin/ip link add ${IFACE} type wireguard
|
||
|
|
/usr/sbin/ip link set dev ${IFACE} mtu {{ vpn_wireguard_mtu }}
|
||
|
|
|
||
|
|
/usr/sbin/sysctl -q -w net.ipv6.conf.${IFACE}.autoconf=0
|
||
|
|
|
||
|
|
/usr/bin/wg setconf ${IFACE} {{ system_etc_root_directory }}/network/interfaces/${IFACE}/wireguard/wireguard-{{ vpn_wireguard_role }}.conf
|
||
|
|
|
||
|
|
/usr/sbin/ip -4 address add {{ vpn_wireguard_inet_address }}/{{ vpn_wireguard_inet_prefixlen }} dev ${IFACE}
|
||
|
|
/usr/sbin/ip -6 address add {{ vpn_wireguard_inet6_address }}/{{ vpn_wireguard_inet6_prefixlen }} dev ${IFACE}
|
||
|
|
;;
|
||
|
|
"post-up")
|
||
|
|
;;
|
||
|
|
"pre-down")
|
||
|
|
;;
|
||
|
|
"post-down")
|
||
|
|
/usr/sbin/ip -6 address flush dev ${IFACE}
|
||
|
|
/usr/sbin/ip -4 address flush dev ${IFACE}
|
||
|
|
|
||
|
|
/usr/sbin/ip link delete dev ${IFACE}
|
||
|
|
;;
|
||
|
|
esac
|