add support for multiple interfaces

8 months ago · 0930ccbf4d
parent 55fa4c03b2
commit 0930ccbf4d
3 changed files with 49 additions and 10 deletions
--- a/root/etc/s6-overlay/s6-rc.d/init-wireguard-confs/run
+++ b/root/etc/s6-overlay/s6-rc.d/init-wireguard-confs/run
@ -2,10 +2,6 @@
 # shellcheck shell=bash
 # shellcheck disable=SC2016,SC1091,SC2183

-# prepare symlinks
-rm -rf /etc/wireguard
-mkdir -p /etc/wireguard
-ln -s /config/wg0.conf /etc/wireguard/wg0.conf
 # prepare templates
 if [[ ! -f /config/templates/server.conf ]]; then
    cp /defaults/server.conf /config/templates/server.conf
@ -180,10 +176,6 @@ if [[ -n "$PEERS" ]]; then
    fi
 else
    echo "**** Client mode selected. ****"
-    if [[ ! -f /config/wg0.conf ]]; then
-        echo "**** No client conf found. Provide your own client conf as \"/config/wg0.conf\" and restart the container. ****"
-        sleep infinity
-    fi
    USE_COREDNS="${USE_COREDNS,,}"
    printf %s "${USE_COREDNS:-false}" > /run/s6/container_environment/USE_COREDNS
 fi
--- a/root/etc/s6-overlay/s6-rc.d/svc-wireguard/finish
+++ b/root/etc/s6-overlay/s6-rc.d/svc-wireguard/finish
@ -1,4 +1,12 @@
 #!/usr/bin/with-contenv bash
 # shellcheck shell=bash

-wg-quick down wg0
+if [[ -f "/app/activeconfs" ]]; then
+    . /app/activeconfs
+    for tunnel in $(printf '%s\n' "${WG_CONFS[@]}" | tac | tr '\n' ' '; echo); do
+        echo "**** Disabling tunnel ${tunnel} ****"
+        wg-quick down "${tunnel}" || :
+    done
+    echo "**** All tunnels are down ****"
+    rm -rf /app/activeconfs
+fi
--- a/root/etc/s6-overlay/s6-rc.d/svc-wireguard/run
+++ b/root/etc/s6-overlay/s6-rc.d/svc-wireguard/run
@ -1,4 +1,43 @@
 #!/usr/bin/with-contenv bash
 # shellcheck shell=bash

-wg-quick up wg0
+unset WG_CONFS
+rm -rf /app/activeconfs
+# Enumerate interfaces
+for wgconf in $(ls /config/*.conf); do
+    if grep -q "\[Interface\]" "${wgconf}"; then
+        echo "**** Found WG conf ${wgconf}, adding to list ****"
+        WG_CONFS+=("${wgconf}")
+    else
+        echo "**** Found WG conf ${wgconf}, but it doesn't seem to be valid, skipping. ****"
+    fi
+done
+
+if [[ -z "${WG_CONFS}" ]]; then
+    echo "**** No valid tunnel config found. Please create a valid config and restart the container ****"
+    ip route del default
+    exit 0
+fi
+
+unset FAILED
+for tunnel in ${WG_CONFS[@]}; do
+    echo "**** Activating tunnel ${tunnel} ****"
+    wgquick up "${tunnel}" || ( echo FAILED="${tunnel}" && break)
+done
+
+if [[ -z "${FAILED}" ]]; then
+    declare -p WG_CONFS > /app/activeconfs
+    echo "**** All tunnels are now active ****"
+else
+    echo "**** Tunnel ${FAILED} failed, will stop all others! ****"
+    for tunnel in ${WG_CONFS[@]}; do
+        if [[ "${tunnel}" = "${FAILED}" ]]; then
+            break
+        else
+            echo "**** Disabling tunnel ${tunnel} ****"
+            wgquick down "${tunnel}" || :
+        fi
+    done
+    ip route del default
+    echo "**** All tunnels are now down. Please fix the tunnel config ${FAILED} and restart the container ****"
+fi