Simplify systemd files
Signed-off-by: Adrien Gallouët <adrien@gallouet.fr>
This commit is contained in:
Adrien Gallouët
@@ -1,37 +1,8 @@
|
|||||||
#!/bin/sh
|
#!/bin/sh
|
||||||
|
|
||||||
set -e
|
exec glorytun "$@" \
|
||||||
|
${DEV:+dev "$DEV"} \
|
||||||
if [ ! -f "$1" ]; then
|
|
||||||
echo "usage: $(basename "$0") FILE"
|
|
||||||
exit 1
|
|
||||||
fi
|
|
||||||
|
|
||||||
. "$(readlink -f "$1")"
|
|
||||||
|
|
||||||
DEV="gt${HOST:+c}-$(basename "$1")"
|
|
||||||
|
|
||||||
# Setting BIND is like going to 'expert mode'
|
|
||||||
# This helper is pretty stupid and still needs some work
|
|
||||||
if [ -n "$HOST" ]; then
|
|
||||||
if [ -z "$PREF" ]; then
|
|
||||||
PREF=$(ip rule | awk '/from all lookup main/{print $1; exit}' | tr -d :)
|
|
||||||
PREF=$((PREF-1))
|
|
||||||
fi
|
|
||||||
if [ -z "$BIND" ]; then
|
|
||||||
BIND=$(ip route get "$HOST" | awk '/src/{getline;print $0}' RS=' ')
|
|
||||||
ip rule add from "$BIND" table main pref "$((PREF-1))" || true
|
|
||||||
fi
|
|
||||||
ip rule add from all table 200 pref "$PREF" || true
|
|
||||||
fi
|
|
||||||
|
|
||||||
exec glorytun \
|
|
||||||
v4only \
|
|
||||||
keyfile "$1".key \
|
|
||||||
dev "$DEV" \
|
|
||||||
${HOST:+host "$HOST"} \
|
${HOST:+host "$HOST"} \
|
||||||
${PORT:+port "$PORT"} \
|
${PORT:+port "$PORT"} \
|
||||||
${BIND:+bind "$BIND"} \
|
${BIND:+bind "$BIND"} \
|
||||||
${BIND_PORT:+bind-port "$BIND_PORT"} \
|
${BIND_PORT:+bind-port "$BIND_PORT"}
|
||||||
${MTU:+mtu "$MTU"} \
|
|
||||||
${MTU_AUTO:+mtu-auto}
|
|
||||||
|
|||||||
@@ -9,8 +9,9 @@ _ask() {
|
|||||||
|
|
||||||
_ask "Config filename (tun0)" NAME
|
_ask "Config filename (tun0)" NAME
|
||||||
NAME=${NAME:-tun0}
|
NAME=${NAME:-tun0}
|
||||||
|
DIR="/etc/glorytun/$NAME"
|
||||||
|
|
||||||
if [ -f /etc/glorytun/"$NAME" ]; then
|
if [ -d "$DIR" ]; then
|
||||||
echo "This config already exit!"
|
echo "This config already exit!"
|
||||||
exit 1
|
exit 1
|
||||||
fi
|
fi
|
||||||
@@ -31,16 +32,32 @@ if [ -z "$KEY" ]; then
|
|||||||
fi
|
fi
|
||||||
|
|
||||||
# install files
|
# install files
|
||||||
mkdir -p /etc/glorytun
|
mkdir -p "$DIR"
|
||||||
|
|
||||||
cat > /etc/glorytun/"$NAME" <<EOF
|
cat > "$DIR/env" <<EOF
|
||||||
|
DEV=gt${HOST:+c}-$NAME
|
||||||
HOST=$HOST
|
HOST=$HOST
|
||||||
BIND_PORT=$BIND_PORT
|
|
||||||
PORT=$PORT
|
PORT=$PORT
|
||||||
MTU_AUTO=yes
|
BIND_PORT=$BIND_PORT
|
||||||
|
OPTIONS=v4only mtu-auto
|
||||||
EOF
|
EOF
|
||||||
|
|
||||||
( umask 077; echo "$KEY" > /etc/glorytun/"$NAME".key )
|
( umask 077; echo "$KEY" > "$DIR/key" )
|
||||||
|
|
||||||
|
[ "$HOST" ] && cat > "$DIR/post.sh" <<'EOF'
|
||||||
|
#!/bin/sh
|
||||||
|
|
||||||
|
PREF=32765
|
||||||
|
TABLE=200
|
||||||
|
|
||||||
|
# keep the current route to HOST
|
||||||
|
src=$(ip route get "$HOST" | awk '/src/{getline;print $0}' RS=' ')
|
||||||
|
ip rule add from "$src" table main pref "$((PREF-1))" || true
|
||||||
|
|
||||||
|
# forward everything else to the tunnel
|
||||||
|
ip rule add from all table "$TABLE" pref "$PREF" || true
|
||||||
|
EOF
|
||||||
|
[ -f "$DIR/post.sh" ] && chmod u+x "$DIR/post.sh"
|
||||||
|
|
||||||
# start services
|
# start services
|
||||||
_ask "Start glorytun now ? (enter to skip)" START
|
_ask "Start glorytun now ? (enter to skip)" START
|
||||||
|
|||||||
@@ -5,7 +5,9 @@ After=network.target
|
|||||||
[Service]
|
[Service]
|
||||||
Type=simple
|
Type=simple
|
||||||
Restart=always
|
Restart=always
|
||||||
ExecStart=@bindir@/glorytun-run /etc/glorytun/%i
|
EnvironmentFile=/etc/glorytun/%i/env
|
||||||
|
ExecStart=@bindir@/glorytun-run keyfile /etc/glorytun/%i/key $OPTIONS
|
||||||
|
ExecStartPost=-/etc/glorytun/%i/post.sh
|
||||||
CapabilityBoundingSet=CAP_NET_ADMIN CAP_NET_RAW
|
CapabilityBoundingSet=CAP_NET_ADMIN CAP_NET_RAW
|
||||||
|
|
||||||
[Install]
|
[Install]
|
||||||
|
|||||||
Reference in New Issue
Block a user