openwrt/package/network/services/unetd/files/unetd.sh

#!/bin/sh

[ -x /usr/sbin/unetd ] || exit 0

. /lib/functions.sh
. /lib/functions/network.sh
. ../netifd-proto.sh

init_proto "$@"

proto_unet_init_config() {
	proto_config_add_string device
	proto_config_add_string type
	proto_config_add_string auth_key
	proto_config_add_string key
	proto_config_add_string file
	proto_config_add_int keepalive
	proto_config_add_string domain
	proto_config_add_string "tunnels:list(string)"
	proto_config_add_string "connect:list(string)"
	no_device=1
	available=1
	no_proto_task=1
}

proto_unet_setup() {
	local config="$1"

	local device type key file keepalive domain tunnels
	json_get_vars device type auth_key key file keepalive domain tunnels connect
	device="${device:-$config}"

	[ -n "$auth_key" ] && type="${type:-dynamic}"
	[ -n "$file" ] && type="${type:-file}"

	json_init
	json_add_string name "$device"
	json_add_string type "$type"
	json_add_string interface "$config"
	json_add_string auth_key "$auth_key"
	json_add_string key "$key"
	json_add_string file "$file"
	[ -n "$keepalive" ] && json_add_int keepalive "$keepalive"
	json_add_string domain "$domain"

	json_add_object tunnels
	for t in $tunnels; do
		local ifname="${t%%=*}"
		local service="${t#*=}"
		[ -n "$ifname" -a -n "$service" -a "$ifname" != "$t" ] || continue
		json_add_string "$ifname" "$service"
	done
	json_close_object

	json_add_array auth_connect
	for c in $connect; do
		json_add_string "" "$c"
	done
	json_close_array

	ip link del dev "$device" >/dev/null 2>&1
	ip link add dev "$device" type wireguard || {
		echo "Could not create wireguard device $device"
		proto_setup_failed "$config"
		exit 1
	}

	ubus call unetd network_add "$(json_dump)"
}

proto_unet_teardown() {
	local config="$1"
	local iface="$2"

	local device
	json_get_vars device
	device="${device:-$iface}"

	json_init
	json_add_string name "$device"

	ip link del dev "$device"

	ubus call unetd network_del "$(json_dump)"
}

add_protocol unet
unetd: add WireGuard based VPN connection manager for OpenWrt This package simplifies setting up wireguard networks on OpenWrt by a wireguard network as a JSON file, which can be shared across all participating nodes. It can be signed with an authentication key and automatically kept in sync. unetd also supports deterministically generating ipv6 addresses for each host based on the public key and storing those in a hosts file that can be used with dnsmasq. It also supports automatically creating VXLAN tunnels between multiple endpoints. Signed-off-by: Felix Fietkau <nbd@nbd.name> 2022-08-23 21:29:52 +00:00			`#!/bin/sh`

			`[ -x /usr/sbin/unetd ] \|\| exit 0`

			`. /lib/functions.sh`
			`. /lib/functions/network.sh`
			`. ../netifd-proto.sh`

			`init_proto "$@"`

			`proto_unet_init_config() {`
			`proto_config_add_string device`
			`proto_config_add_string type`
			`proto_config_add_string auth_key`
			`proto_config_add_string key`
			`proto_config_add_string file`
			`proto_config_add_int keepalive`
			`proto_config_add_string domain`
			`proto_config_add_string "tunnels:list(string)"`
			`proto_config_add_string "connect:list(string)"`
			`no_device=1`
			`available=1`
			`no_proto_task=1`
			`}`

			`proto_unet_setup() {`
			`local config="$1"`

			`local device type key file keepalive domain tunnels`
			`json_get_vars device type auth_key key file keepalive domain tunnels connect`
			`device="${device:-$config}"`

			`[ -n "$auth_key" ] && type="${type:-dynamic}"`
			`[ -n "$file" ] && type="${type:-file}"`

			`json_init`
			`json_add_string name "$device"`
			`json_add_string type "$type"`
			`json_add_string interface "$config"`
			`json_add_string auth_key "$auth_key"`
			`json_add_string key "$key"`
			`json_add_string file "$file"`
			`[ -n "$keepalive" ] && json_add_int keepalive "$keepalive"`
			`json_add_string domain "$domain"`

			`json_add_object tunnels`
			`for t in $tunnels; do`
			`local ifname="${t%%=*}"`
			`local service="${t#*=}"`
			`[ -n "$ifname" -a -n "$service" -a "$ifname" != "$t" ] \|\| continue`
			`json_add_string "$ifname" "$service"`
			`done`
			`json_close_object`

			`json_add_array auth_connect`
			`for c in $connect; do`
			`json_add_string "" "$c"`
			`done`
			`json_close_array`

			`ip link del dev "$device" >/dev/null 2>&1`
			`ip link add dev "$device" type wireguard \|\| {`
			`echo "Could not create wireguard device $device"`
			`proto_setup_failed "$config"`
			`exit 1`
			`}`

			`ubus call unetd network_add "$(json_dump)"`
			`}`

			`proto_unet_teardown() {`
			`local config="$1"`
			`local iface="$2"`

			`local device`
			`json_get_vars device`
			`device="${device:-$iface}"`

			`json_init`
			`json_add_string name "$device"`

			`ip link del dev "$device"`

			`ubus call unetd network_del "$(json_dump)"`
			`}`

			`add_protocol unet`