Last active
September 6, 2024 20:12
-
-
Save yahesh/972c3c4f25cd0a29d558307ff3039e0c to your computer and use it in GitHub Desktop.
v02wg-quick
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env bash | |
| # set a default for the key file if none is given | |
| if [[ -z "${V02ENC_KEY}" ]] | |
| then | |
| V02ENC_KEY="-" | |
| fi | |
| # set a de fault for the passphrase if non is given | |
| if [[ -z "${V02ENC_PASSPHRASE}" ]] | |
| then | |
| # set to empty string by default | |
| V02ENC_PASSPHRASE="" | |
| if [[ "${V02ENC_KEY}" == "-" ]] | |
| then | |
| # check if there is a key file | |
| if [[ -f ~/.v02enc ]] | |
| then | |
| # read the key file | |
| V02ENC_PASSPHRASE="$(/usr/bin/env cat ~/.v02enc | /usr/bin/env xxd -p | /usr/bin/env tr -d "\n")" | |
| else | |
| # check if we are running macOS | |
| OS="$(/usr/bin/env uname -s | /usr/bin/env tr "[:upper:]" "[:lower:]")" | |
| if [[ "$OS" == "darwin" ]] | |
| then | |
| # try to read the default keychain value | |
| TMP="$(/usr/bin/env security find-generic-password -a "$(/usr/bin/env whoami)" -s "v02enc" -w 2>/dev/null)" | |
| if [[ "$?" -eq "0" ]] | |
| then | |
| V02ENC_PASSPHRASE="${TMP}" | |
| fi | |
| fi | |
| fi | |
| fi | |
| fi | |
| SCRIPT_DIR="$(/usr/bin/env dirname "$(/usr/bin/env realpath "$0")")" | |
| ACTION="${1}" | |
| INTERFACE="${2}" | |
| if [[ ${V02ENC_KEY} == "-" || -f "${V02ENC_KEY}" ]] | |
| then | |
| if [[ "${ACTION}" == "down" || "${ACTION}" == "up" ]] | |
| then | |
| INPUT="$(/usr/bin/env brew --prefix)/etc/wireguard/${INTERFACE}.conf.v02enc" | |
| OUTPUT="$(/usr/bin/env brew --prefix)/etc/wireguard/${INTERFACE}.conf" | |
| if [[ -f "${INPUT}" ]] | |
| then | |
| if [[ ! -f "${OUTPUT}" ]] | |
| then | |
| /usr/bin/env ln -s /dev/stdin "${OUTPUT}" | |
| if [[ "$?" -eq "0" ]] | |
| then | |
| # decrypt the configuration and provide it to wg-quick via STDIN | |
| echo -n "${V02ENC_PASSPHRASE}" | /usr/bin/env xxd -p -r | "${SCRIPT_DIR}/v02enc" --decrypt --key "${V02ENC_KEY}" --input "${INPUT}" --output "-" | /usr/bin/env wg-quick "${ACTION}" "${OUTPUT}" | |
| # keep exit code | |
| EXITCODE="$?" | |
| # try to delete the temporary file either way | |
| /usr/bin/env rm -f "${OUTPUT}" | |
| fi | |
| else | |
| echo "ERROR: decrypted Wireguard configuration already exists: ${INTERFACE}" >&2 | |
| EXITCODE="4" | |
| fi | |
| else | |
| echo "ERROR: encrypted Wireguard configuration does not exist: ${INTERFACE}" >&2 | |
| EXITCODE="3" | |
| fi | |
| else | |
| echo "ERROR: unknown action provided: ${ACTION}" >&2 | |
| EXITCODE="2" | |
| fi | |
| else | |
| echo "ERROR: v02enc key file does not exist: ${V02ENC_KEY}" >&2 | |
| EXITCODE="1" | |
| fi | |
| # set the exit code | |
| exit "${EXITCODE}" |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment