Simplify systemd files
Signed-off-by: Adrien Gallouët <adrien@gallouet.fr>
This commit is contained in:
Adrien Gallouët
@@ -1,37 +1,8 @@
|
||||
#!/bin/sh
|
||||
|
||||
set -e
|
||||
|
||||
if [ ! -f "$1" ]; then
|
||||
echo "usage: $(basename "$0") FILE"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
. "$(readlink -f "$1")"
|
||||
|
||||
DEV="gt${HOST:+c}-$(basename "$1")"
|
||||
|
||||
# Setting BIND is like going to 'expert mode'
|
||||
# This helper is pretty stupid and still needs some work
|
||||
if [ -n "$HOST" ]; then
|
||||
if [ -z "$PREF" ]; then
|
||||
PREF=$(ip rule | awk '/from all lookup main/{print $1; exit}' | tr -d :)
|
||||
PREF=$((PREF-1))
|
||||
fi
|
||||
if [ -z "$BIND" ]; then
|
||||
BIND=$(ip route get "$HOST" | awk '/src/{getline;print $0}' RS=' ')
|
||||
ip rule add from "$BIND" table main pref "$((PREF-1))" || true
|
||||
fi
|
||||
ip rule add from all table 200 pref "$PREF" || true
|
||||
fi
|
||||
|
||||
exec glorytun \
|
||||
v4only \
|
||||
keyfile "$1".key \
|
||||
dev "$DEV" \
|
||||
exec glorytun "$@" \
|
||||
${DEV:+dev "$DEV"} \
|
||||
${HOST:+host "$HOST"} \
|
||||
${PORT:+port "$PORT"} \
|
||||
${BIND:+bind "$BIND"} \
|
||||
${BIND_PORT:+bind-port "$BIND_PORT"} \
|
||||
${MTU:+mtu "$MTU"} \
|
||||
${MTU_AUTO:+mtu-auto}
|
||||
${BIND_PORT:+bind-port "$BIND_PORT"}
|
||||
|
||||
@@ -9,8 +9,9 @@ _ask() {
|
||||
|
||||
_ask "Config filename (tun0)" NAME
|
||||
NAME=${NAME:-tun0}
|
||||
DIR="/etc/glorytun/$NAME"
|
||||
|
||||
if [ -f /etc/glorytun/"$NAME" ]; then
|
||||
if [ -d "$DIR" ]; then
|
||||
echo "This config already exit!"
|
||||
exit 1
|
||||
fi
|
||||
@@ -31,16 +32,32 @@ if [ -z "$KEY" ]; then
|
||||
fi
|
||||
|
||||
# install files
|
||||
mkdir -p /etc/glorytun
|
||||
mkdir -p "$DIR"
|
||||
|
||||
cat > /etc/glorytun/"$NAME" <<EOF
|
||||
cat > "$DIR/env" <<EOF
|
||||
DEV=gt${HOST:+c}-$NAME
|
||||
HOST=$HOST
|
||||
BIND_PORT=$BIND_PORT
|
||||
PORT=$PORT
|
||||
MTU_AUTO=yes
|
||||
BIND_PORT=$BIND_PORT
|
||||
OPTIONS=v4only mtu-auto
|
||||
EOF
|
||||
|
||||
( umask 077; echo "$KEY" > /etc/glorytun/"$NAME".key )
|
||||
( umask 077; echo "$KEY" > "$DIR/key" )
|
||||
|
||||
[ "$HOST" ] && cat > "$DIR/post.sh" <<'EOF'
|
||||
#!/bin/sh
|
||||
|
||||
PREF=32765
|
||||
TABLE=200
|
||||
|
||||
# keep the current route to HOST
|
||||
src=$(ip route get "$HOST" | awk '/src/{getline;print $0}' RS=' ')
|
||||
ip rule add from "$src" table main pref "$((PREF-1))" || true
|
||||
|
||||
# forward everything else to the tunnel
|
||||
ip rule add from all table "$TABLE" pref "$PREF" || true
|
||||
EOF
|
||||
[ -f "$DIR/post.sh" ] && chmod u+x "$DIR/post.sh"
|
||||
|
||||
# start services
|
||||
_ask "Start glorytun now ? (enter to skip)" START
|
||||
|
||||
@@ -5,7 +5,9 @@ After=network.target
|
||||
[Service]
|
||||
Type=simple
|
||||
Restart=always
|
||||
ExecStart=@bindir@/glorytun-run /etc/glorytun/%i
|
||||
EnvironmentFile=/etc/glorytun/%i/env
|
||||
ExecStart=@bindir@/glorytun-run keyfile /etc/glorytun/%i/key $OPTIONS
|
||||
ExecStartPost=-/etc/glorytun/%i/post.sh
|
||||
CapabilityBoundingSet=CAP_NET_ADMIN CAP_NET_RAW
|
||||
|
||||
[Install]
|
||||
|
||||
Reference in New Issue
Block a user