diff options
author | Hristo Venev <hristo@venev.name> | 2019-05-17 19:31:03 +0300 |
---|---|---|
committer | Hristo Venev <hristo@venev.name> | 2019-05-18 20:06:02 +0300 |
commit | ec821f39d9689df213698dbcb90b4367297b9cb5 (patch) | |
tree | 111a526547fd1d913777b27f21e9bc5a6fc5b806 | |
parent | 6b40d416e719bf4811e0f86c9f869328349b8911 (diff) |
procd service, manifest
-rw-r--r-- | Cargo.toml | 8 | ||||
-rwxr-xr-x | dist/procd/wgconfd | 55 | ||||
-rw-r--r-- | dist/systemd/wgconfd@.service | 20 | ||||
-rw-r--r-- | wgconfd@.service | 18 |
4 files changed, 79 insertions, 22 deletions
@@ -12,11 +12,11 @@ keywords = [ "wireguard" ] [dependencies] arrayref = { version = "0.3.5" } base64 = { version = "0.10.1" } -serde = { version = "1.0.89" } -serde_derive = { version = "1.0.89" } -serde_json = { version = "1.0.39" } +serde = { version = "1.0" } +serde_derive = { version = "1.0" } +serde_json = { version = "1.0" } chrono = { version = "0.4.6", default-features = false } -toml = { version = "0.5", optional = true } +toml = { version = "0.5.0", optional = true } [features] default = [ "toml" ] diff --git a/dist/procd/wgconfd b/dist/procd/wgconfd new file mode 100755 index 0000000..9cfd438 --- /dev/null +++ b/dist/procd/wgconfd @@ -0,0 +1,55 @@ +#!/bin/sh /etc/rc.common + +START=50 +STOP=50 +USE_PROCD=1 + +handle_interface() { + local iface="$1" + local val + + mkdir -p "/tmp/wgconfd/$1" "/tmp/wgconfd/$1/cache" + procd_open_instance + procd_set_param env RUNTIME_DIRECTORY="/tmp/wgconfd/$1" CACHE_DIRECTORY="/tmp/wgconfd/$1/cache" + procd_set_param command /usr/bin/wgconfd "$1" --cmdline + + config_get val "$1" refresh_sec + [ -n "$val" ] && procd_append_param command refresh_sec "$val" + + config_get val "$1" min_keepalive + [ -n "$val" ] && procd_append_param command min_keepalive "$val" + + config_get val "$1" max_keepalive + [ -n "$val" ] && procd_append_param command max_keepalive "$val" + + config_list_foreach "$1" source handle_source + + procd_set_param respawn 30 5 5 + procd_set_param stderr 1 + procd_close_instance +} + +handle_source() { + local val + config_get val "$1" url + procd_append_param command source "$1" "$val" + + config_get val "$1" psk + [ -n "$val" ] && procd_append_param command psk "$val" + + config_get_bool val "$1" required 0 + [ "$val" -eq 1 ] && procd_append_param command required + + config_list_foreach "$1" ipv4 handle_source_arg ipv4 + + config_list_foreach "$1" ipv6 handle_source_arg ipv6 +} + +handle_source_arg() { + procd_append_param command "$2" "$1" +} + +start_service() { + config_load wgconfd + config_foreach handle_interface interface +} diff --git a/dist/systemd/wgconfd@.service b/dist/systemd/wgconfd@.service new file mode 100644 index 0000000..85acb13 --- /dev/null +++ b/dist/systemd/wgconfd@.service @@ -0,0 +1,20 @@ +[Unit] +Description=WireGuard configuration daemon on %i +Wants=network.target +After=network-pre.target +Before=network.target + +[Service] +Type=simple +CapabilityBoundingSet=CAP_NET_ADMIN +Restart=on-failure +RestartSec=0 +RuntimeDirectory=wgconfd/%i +RuntimeDirectoryPreserve=yes +CacheDirectory=wgconfd/%i +ExecStart=/usr/bin/env wgconfd %i /etc/wireguard/%i.toml +StandardError=journal +SyslogLevelPrefix=true + +[Install] +WantedBy=multi-user.target diff --git a/wgconfd@.service b/wgconfd@.service deleted file mode 100644 index 1079fbf..0000000 --- a/wgconfd@.service +++ /dev/null @@ -1,18 +0,0 @@ -[Unit] -Description=Configure WireGuard interface -Wants=network-pre.target -Before=network-pre.target nftables.service systemd-networkd.service NetworkManager.service - -[Service] -Type=simple -CapabilityBoundingSet=CAP_NET_ADMIN -RuntimeDirectory=wgconfd -CacheDirectory=wgconfd -ExecStartPre=+-/usr/sbin/ip link add %i type wireguard -ExecStartPre=+/usr/bin/wg setconf %i /etc/wireguard/%i.conf -ExecStart=/usr/bin/env wgconfd %i /etc/wireguard/%i.toml -StandardError=journal -SyslogLevelPrefix=true - -[Install] -WantedBy=multi-user.target |