diff --git a/root/etc/s6-overlay/s6-rc.d/init-wireguard-confs/run b/root/etc/s6-overlay/s6-rc.d/init-wireguard-confs/run index 1313c30..38ebc26 100755 --- a/root/etc/s6-overlay/s6-rc.d/init-wireguard-confs/run +++ b/root/etc/s6-overlay/s6-rc.d/init-wireguard-confs/run @@ -2,6 +2,15 @@ # shellcheck shell=bash # shellcheck disable=SC2016,SC1091,SC2183 +mkdir -p /config/wg_confs + +# migration to subfolder for wg confs +if [[ -z "$(ls -A /config/wg_confs)" ]] && [[ -f /config/wg0.conf ]]; then + echo "**** Performing migration to new folder structure for confs. Please see the image changelog 2023-10-03 entry for more details. ****" + cp /config/wg0.conf /config/wg_confs/wg0.conf + rm -rf /config/wg0.conf || : +fi + # prepare templates if [[ ! -f /config/templates/server.conf ]]; then cp /defaults/server.conf /config/templates/server.conf @@ -21,7 +30,7 @@ generate_confs () { wg genkey | tee /config/server/privatekey-server | wg pubkey > /config/server/publickey-server fi eval "$(printf %s) - cat < /config/wg0.conf + cat < /config/wg_confs/wg0.conf $(cat /config/templates/server.conf) DUDE" @@ -61,7 +70,7 @@ DUDE" $(cat /config/templates/peer.conf) DUDE" # add peer info to server conf with presharedkey - cat <> /config/wg0.conf + cat <> /config/wg_confs/wg0.conf [Peer] # ${PEER_ID} PublicKey = $(cat "/config/${PEER_ID}/publickey-${PEER_ID}") @@ -75,7 +84,7 @@ DUDE $(sed '/PresharedKey/d' "/config/templates/peer.conf") DUDE" # add peer info to server conf without presharedkey - cat <> /config/wg0.conf + cat <> /config/wg_confs/wg0.conf [Peer] # ${PEER_ID} PublicKey = $(cat "/config/${PEER_ID}/publickey-${PEER_ID}") @@ -85,22 +94,22 @@ DUDE # add peer's allowedips to server conf if [[ -n "${!SERVER_ALLOWEDIPS}" ]]; then echo "Adding ${!SERVER_ALLOWEDIPS} to wg0.conf's AllowedIPs for peer ${i}" - cat <> /config/wg0.conf + cat <> /config/wg_confs/wg0.conf AllowedIPs = ${CLIENT_IP}/32,${!SERVER_ALLOWEDIPS} DUDE else - cat <> /config/wg0.conf + cat <> /config/wg_confs/wg0.conf AllowedIPs = ${CLIENT_IP}/32 DUDE fi # add PersistentKeepalive if the peer is specified if [[ -n "${PERSISTENTKEEPALIVE_PEERS_ARRAY}" ]] && ([[ "${PERSISTENTKEEPALIVE_PEERS_ARRAY[0]}" = "all" ]] || printf '%s\0' "${PERSISTENTKEEPALIVE_PEERS_ARRAY[@]}" | grep -Fxqz -- "${i}"); then - cat <> /config/wg0.conf + cat <> /config/wg_confs/wg0.conf PersistentKeepalive = 25 DUDE else - cat <> /config/wg0.conf + cat <> /config/wg_confs/wg0.conf DUDE fi @@ -157,7 +166,7 @@ if [[ -n "$PEERS" ]]; then else echo "**** Peer DNS servers will be set to $PEERDNS ****" fi - if [[ ! -f /config/wg0.conf ]]; then + if [[ ! -f /config/wg_confs/wg0.conf ]]; then echo "**** No wg0.conf found (maybe an initial install), generating 1 server and ${PEERS} peer/client confs ****" generate_confs save_vars diff --git a/root/etc/s6-overlay/s6-rc.d/svc-wireguard/run b/root/etc/s6-overlay/s6-rc.d/svc-wireguard/run index cdc70af..169ad63 100755 --- a/root/etc/s6-overlay/s6-rc.d/svc-wireguard/run +++ b/root/etc/s6-overlay/s6-rc.d/svc-wireguard/run @@ -4,7 +4,7 @@ unset WG_CONFS rm -rf /app/activeconfs # Enumerate interfaces -for wgconf in $(ls /config/*.conf); do +for wgconf in $(ls /config/wg_confs/*.conf); do if grep -q "\[Interface\]" "${wgconf}"; then echo "**** Found WG conf ${wgconf}, adding to list ****" WG_CONFS+=("${wgconf}")