Merge claude/1

This commit is contained in:
librelad 2026-05-24 17:37:14 +01:00
commit 574146c75e
7 changed files with 36 additions and 36 deletions

View File

@ -16,9 +16,9 @@ traefikSetupLoginCredentials()
# Setup BasicAuth credentials
local login_credentials=$(htpasswd -Bbn "$CFG_TRAEFIK_USER" "$CFG_TRAEFIK_PASS")
local result=$(sudo sed -i '/#protection credentials/d' "$protectionauth_file")
local result=$(runFileOp sed -i '/#protection credentials/d' "$protectionauth_file")
checkSuccess "Delete the line containing protection credentials"
local result=$(sudo sed -i "/users:/a\\ - '$login_credentials' #protection credentials" "$protectionauth_file")
local result=$(runFileOp sed -i "/users:/a\\ - '$login_credentials' #protection credentials" "$protectionauth_file")
checkSuccess "Add the new line with new protection credentials"
fi
}

View File

@ -72,7 +72,7 @@ tagsProcessorPortRouterBlocks()
done
local tmp="${file}.routers.$$"
sudo awk -v active="$active" '
runFileOp awk -v active="$active" '
BEGIN { off = 0 }
/#[[:space:]]*TRAEFIK_PORT_[0-9]+_BEGIN/ {
match($0, /TRAEFIK_PORT_[0-9]+/); key = substr($0, RSTART, RLENGTH)
@ -91,6 +91,6 @@ tagsProcessorPortRouterBlocks()
}
print
}
' "$file" | sudo tee "$tmp" >/dev/null
sudo mv "$tmp" "$file"
' "$file" | runFileWrite "$tmp" >/dev/null
runFileOp mv "$tmp" "$file"
}

View File

@ -22,7 +22,7 @@ traefikUpdateWhitelist()
YAML_CONTENT+="\n - \"$CFG_NETWORK_SUBNET\""
# Now update the YAML file with the new content using sudo
echo -e "$YAML_CONTENT" | sudo tee "$whitelist_file" > /dev/null
echo -e "$YAML_CONTENT" | runFileWrite "$whitelist_file" > /dev/null
isSuccessful "Traefik has been updated with the latest whitelist IPs."
fi
}

View File

@ -6,5 +6,5 @@ wireguardListClients()
wireguardCheckClients;
sudo grep -E "^### Client" "/etc/wireguard/${CFG_WG_SERVER_NIC}.conf" | cut -d ' ' -f 3 | nl -s ') '
runSystem grep -E "^### Client" "/etc/wireguard/${CFG_WG_SERVER_NIC}.conf" | cut -d ' ' -f 3 | nl -s ') '
}

View File

@ -8,7 +8,7 @@ wireguardRevokeClient()
echo ""
echo "Select the existing client you want to revoke"
sudo grep -E "^### Client" "/etc/wireguard/${CFG_WG_SERVER_NIC}.conf" | cut -d ' ' -f 3 | nl -s ') '
runSystem grep -E "^### Client" "/etc/wireguard/${CFG_WG_SERVER_NIC}.conf" | cut -d ' ' -f 3 | nl -s ') '
until [[ ${WIREGUARD_CLIENT_NUMBER} -ge 1 && ${WIREGUARD_CLIENT_NUMBER} -le ${WIREGUARD_NUMBER_OF_CLIENTS} ]]; do
if [[ ${WIREGUARD_CLIENT_NUMBER} == '1' ]]; then
read -rp "Select one client [1]: " WIREGUARD_CLIENT_NUMBER
@ -18,12 +18,12 @@ wireguardRevokeClient()
done
# match the selected number to a client name
local WIREGUARD_CLIENT_NAME=$(sudo grep -E "^### Client" "/etc/wireguard/${CFG_WG_SERVER_NIC}.conf" | cut -d ' ' -f 3 | sed -n "${WIREGUARD_CLIENT_NUMBER}"p)
local WIREGUARD_CLIENT_NAME=$(runSystem grep -E "^### Client" "/etc/wireguard/${CFG_WG_SERVER_NIC}.conf" | cut -d ' ' -f 3 | sed -n "${WIREGUARD_CLIENT_NUMBER}"p)
result=$(sudo sed -i "/^### Client ${WIREGUARD_CLIENT_NAME}\$/,/^$/d" "/etc/wireguard/${CFG_WG_SERVER_NIC}.conf")
result=$(runSystem sed -i "/^### Client ${WIREGUARD_CLIENT_NAME}\$/,/^$/d" "/etc/wireguard/${CFG_WG_SERVER_NIC}.conf")
checkSuccess "Removed [Peer] block matching $WIREGUARD_CLIENT_NAME"
result=$(sudo rm -f "${CFG_WG_HOME_DIR}/${CFG_WG_SERVER_NIC}-client-${WIREGUARD_CLIENT_NAME}.conf")
result=$(runSystem rm -f "${CFG_WG_HOME_DIR}/${CFG_WG_SERVER_NIC}-client-${WIREGUARD_CLIENT_NAME}.conf")
checkSuccess "Removed generated client file for $WIREGUARD_CLIENT_NAME"
result=$(runSystem wg syncconf "${CFG_WG_SERVER_NIC}" <(runSystem wg-quick strip "${CFG_WG_SERVER_NIC}"))

View File

@ -40,11 +40,11 @@ installStandaloneWireGuard()
# Check if the directory exists; if not, create it
if [ ! -d "/etc/wireguard" ]; then
result=$(sudo mkdir /etc/wireguard)
result=$(runSystem mkdir /etc/wireguard)
checkSuccess "Created the WireGuard folder"
fi
result=$(sudo chmod 600 -R /etc/wireguard/)
result=$(runSystem chmod 600 -R /etc/wireguard/)
checkSuccess "Updated permissions for /etc/wireguard"
local SERVER_PRIV_KEY=$(wg genkey)
@ -60,16 +60,16 @@ SERVER_PRIV_KEY=${SERVER_PRIV_KEY}
SERVER_PUB_KEY=${SERVER_PUB_KEY}
CLIENT_DNS_1=${CFG_DNS_SERVER_1}
CLIENT_DNS_2=${CFG_DNS_SERVER_2}
ALLOWED_IPS=${CFG_WG_ALLOWED_IPS}" | sudo tee /etc/wireguard/params >/dev/null
ALLOWED_IPS=${CFG_WG_ALLOWED_IPS}" | runSystem tee /etc/wireguard/params >/dev/null
result=$(sudo chmod 644 /etc/wireguard/params)
result=$(runSystem chmod 644 /etc/wireguard/params)
checkSuccess "Updating permissions for /etc/wireguard/params"
# Add server interface
echo "[Interface]
Address = ${CFG_WG_SERVER_IPV4}/32
ListenPort = ${CFG_WG_SERVER_PORT}
PrivateKey = ${SERVER_PRIV_KEY}" | sudo tee "/etc/wireguard/${CFG_WG_SERVER_NIC}.conf" >/dev/null
PrivateKey = ${SERVER_PRIV_KEY}" | runSystem tee "/etc/wireguard/${CFG_WG_SERVER_NIC}.conf" >/dev/null
echo "PostUp = iptables -I INPUT -p udp --dport ${CFG_WG_SERVER_PORT} -j ACCEPT
PostUp = iptables -I FORWARD -i ${server_nic} -o ${CFG_WG_SERVER_NIC} -j ACCEPT
@ -78,21 +78,21 @@ PostUp = iptables -t nat -A POSTROUTING -o ${server_nic} -j MASQUERADE
PostDown = iptables -D INPUT -p udp --dport ${CFG_WG_SERVER_PORT} -j ACCEPT
PostDown = iptables -D FORWARD -i ${server_nic} -o ${CFG_WG_SERVER_NIC} -j ACCEPT
PostDown = iptables -D FORWARD -i ${CFG_WG_SERVER_NIC} -j ACCEPT
PostDown = iptables -t nat -D POSTROUTING -o ${server_nic} -j MASQUERADE" | sudo tee -a "/etc/wireguard/${CFG_WG_SERVER_NIC}.conf" >/dev/null
PostDown = iptables -t nat -D POSTROUTING -o ${server_nic} -j MASQUERADE" | runSystem tee -a "/etc/wireguard/${CFG_WG_SERVER_NIC}.conf" >/dev/null
result=$(sudo chmod 644 /etc/wireguard/${CFG_WG_SERVER_NIC}.conf)
result=$(runSystem chmod 644 /etc/wireguard/${CFG_WG_SERVER_NIC}.conf)
checkSuccess "Updating permissions for /etc/wireguard/${CFG_WG_SERVER_NIC}.conf"
result=$(sudo sed -i '/^net.ipv4.ip_forward/d' /etc/sysctl.conf)
result=$(runSystem sed -i '/^net.ipv4.ip_forward/d' /etc/sysctl.conf)
checkSuccess "Removing all instances of net.ipv4.ip_forward from sysctl.conf"
local result=$(echo '# WIREGUARD START' | sudo tee -a "$sysctl" > /dev/null)
local result=$(echo '# WIREGUARD START' | runSystem tee -a "$sysctl" > /dev/null)
checkSuccess "Adding wireguard header to sysctl"
result=$(echo "net.ipv4.ip_forward = 1" | sudo tee -a $sysctl)
result=$(echo "net.ipv4.ip_forward = 1" | runSystem tee -a $sysctl)
checkSuccess "Add the configuration for IPv4 IP forwarding"
local result=$(echo '# WIREGUARD END' | sudo tee -a "$sysctl" > /dev/null)
local result=$(echo '# WIREGUARD END' | runSystem tee -a "$sysctl" > /dev/null)
checkSuccess "Adding wireguard header to sysctl"
result=$(runSystem systemctl start "wg-quick@${CFG_WG_SERVER_NIC}")
@ -145,7 +145,7 @@ wireguardNewClient()
else
read -rp "Client name: " -e WIREGUARD_CLIENT_NAME
fi
local WIREGUARD_CLIENT_EXISTS=$(sudo grep -c -E "^### Client ${WIREGUARD_CLIENT_NAME}\$" "/etc/wireguard/${CFG_WG_SERVER_NIC}.conf")
local WIREGUARD_CLIENT_EXISTS=$(runSystem grep -c -E "^### Client ${WIREGUARD_CLIENT_NAME}\$" "/etc/wireguard/${CFG_WG_SERVER_NIC}.conf")
if [[ ${WIREGUARD_CLIENT_EXISTS} != 0 ]]; then
echo ""
@ -155,7 +155,7 @@ wireguardNewClient()
done
for WIREGUARD_DOT_IP in {2..254}; do
local WIREGUARD_DOT_EXISTS=$(sudo grep -c "${CFG_WG_SERVER_IPV4::-1}${WIREGUARD_DOT_IP}" "/etc/wireguard/${CFG_WG_SERVER_NIC}.conf")
local WIREGUARD_DOT_EXISTS=$(runSystem grep -c "${CFG_WG_SERVER_IPV4::-1}${WIREGUARD_DOT_IP}" "/etc/wireguard/${CFG_WG_SERVER_NIC}.conf")
if [[ ${WIREGUARD_DOT_EXISTS} == '0' ]]; then
break
fi
@ -186,14 +186,14 @@ DNS = ${CFG_DNS_SERVER_1},${CFG_DNS_SERVER_2}
PublicKey = ${SERVER_PUB_KEY}
PresharedKey = ${WIREGUARD_CLIENT_PRE_SHARED_KEY}
Endpoint = ${WIREGUARD_ENDPOINT}
AllowedIPs = ${CFG_WG_ALLOWED_IPS}" | sudo tee "${CFG_WG_HOME_DIR}/${CFG_WG_SERVER_NIC}-client-${WIREGUARD_CLIENT_NAME}.conf" >/dev/null
AllowedIPs = ${CFG_WG_ALLOWED_IPS}" | runSystem tee "${CFG_WG_HOME_DIR}/${CFG_WG_SERVER_NIC}-client-${WIREGUARD_CLIENT_NAME}.conf" >/dev/null
# Add the client as a peer to the server
echo -e "\n### Client ${WIREGUARD_CLIENT_NAME}
[Peer]
PublicKey = ${WIREGUARD_CLIENT_PUB_KEY}
PresharedKey = ${WIREGUARD_CLIENT_PRE_SHARED_KEY}
AllowedIPs = ${CFG_WG_ALLOWED_IPS}" | sudo tee -a "/etc/wireguard/${CFG_WG_SERVER_NIC}.conf" >/dev/null
AllowedIPs = ${CFG_WG_ALLOWED_IPS}" | runSystem tee -a "/etc/wireguard/${CFG_WG_SERVER_NIC}.conf" >/dev/null
#result=$(runSystem wg syncconf ${CFG_WG_SERVER_NIC} /etc/wireguard/${CFG_WG_SERVER_NIC}.conf)
#checkSuccess "Syncing config file for $CFG_WG_SERVER_NIC"
@ -206,7 +206,7 @@ AllowedIPs = ${CFG_WG_ALLOWED_IPS}" | sudo tee -a "/etc/wireguard/${CFG_WG_SERVE
# Generate QR code if qrencode is installed
if command -v qrencode &>/dev/null; then
isNotice "Here is your client config file as a QR Code:"
sudo qrencode -t ansiutf8 -l L <"${CFG_WG_HOME_DIR}/${CFG_WG_SERVER_NIC}-client-${WIREGUARD_CLIENT_NAME}.conf"
runSystem qrencode -t ansiutf8 -l L <"${CFG_WG_HOME_DIR}/${CFG_WG_SERVER_NIC}-client-${WIREGUARD_CLIENT_NAME}.conf"
echo ""
fi
@ -219,7 +219,7 @@ wireguardListClients()
wireguardCheckClients;
sudo grep -E "^### Client" "/etc/wireguard/${CFG_WG_SERVER_NIC}.conf" | cut -d ' ' -f 3 | nl -s ') '
runSystem grep -E "^### Client" "/etc/wireguard/${CFG_WG_SERVER_NIC}.conf" | cut -d ' ' -f 3 | nl -s ') '
}
wireguardRevokeClient()
@ -230,7 +230,7 @@ wireguardRevokeClient()
echo ""
echo "Select the existing client you want to revoke"
sudo grep -E "^### Client" "/etc/wireguard/${CFG_WG_SERVER_NIC}.conf" | cut -d ' ' -f 3 | nl -s ') '
runSystem grep -E "^### Client" "/etc/wireguard/${CFG_WG_SERVER_NIC}.conf" | cut -d ' ' -f 3 | nl -s ') '
until [[ ${WIREGUARD_CLIENT_NUMBER} -ge 1 && ${WIREGUARD_CLIENT_NUMBER} -le ${WIREGUARD_NUMBER_OF_CLIENTS} ]]; do
if [[ ${WIREGUARD_CLIENT_NUMBER} == '1' ]]; then
read -rp "Select one client [1]: " WIREGUARD_CLIENT_NUMBER
@ -240,12 +240,12 @@ wireguardRevokeClient()
done
# match the selected number to a client name
local WIREGUARD_CLIENT_NAME=$(sudo grep -E "^### Client" "/etc/wireguard/${CFG_WG_SERVER_NIC}.conf" | cut -d ' ' -f 3 | sed -n "${WIREGUARD_CLIENT_NUMBER}"p)
local WIREGUARD_CLIENT_NAME=$(runSystem grep -E "^### Client" "/etc/wireguard/${CFG_WG_SERVER_NIC}.conf" | cut -d ' ' -f 3 | sed -n "${WIREGUARD_CLIENT_NUMBER}"p)
result=$(sudo sed -i "/^### Client ${WIREGUARD_CLIENT_NAME}\$/,/^$/d" "/etc/wireguard/${CFG_WG_SERVER_NIC}.conf")
result=$(runSystem sed -i "/^### Client ${WIREGUARD_CLIENT_NAME}\$/,/^$/d" "/etc/wireguard/${CFG_WG_SERVER_NIC}.conf")
checkSuccess "Removed [Peer] block matching $WIREGUARD_CLIENT_NAME"
result=$(sudo rm -f "${CFG_WG_HOME_DIR}/${CFG_WG_SERVER_NIC}-client-${WIREGUARD_CLIENT_NAME}.conf")
result=$(runSystem rm -f "${CFG_WG_HOME_DIR}/${CFG_WG_SERVER_NIC}-client-${WIREGUARD_CLIENT_NAME}.conf")
checkSuccess "Removed generated client file for $WIREGUARD_CLIENT_NAME"
result=$(runSystem wg syncconf "${CFG_WG_SERVER_NIC}" <(runSystem wg-quick strip "${CFG_WG_SERVER_NIC}"))
@ -285,9 +285,9 @@ wireguardUninstall()
checkSuccess "Removed wireguard wireguard-tools qrencode"
fi
result=$(sudo rm -rf /etc/wireguard)
result=$(runSystem rm -rf /etc/wireguard)
checkSuccess "Deleted /etc/wireguard folder."
result=$(sudo rm -f /etc/sysctl.d/wg.conf)
result=$(runSystem rm -f /etc/sysctl.d/wg.conf)
checkSuccess "Delete /etc/sysctl.d/wg.conf file."
result=$(runSystem sysctl --system)

View File

@ -22,9 +22,9 @@ wireguardUninstall()
checkSuccess "Removed wireguard wireguard-tools qrencode"
fi
result=$(sudo rm -rf /etc/wireguard)
result=$(runSystem rm -rf /etc/wireguard)
checkSuccess "Deleted /etc/wireguard folder."
result=$(sudo rm -f /etc/sysctl.d/wg.conf)
result=$(runSystem rm -f /etc/sysctl.d/wg.conf)
checkSuccess "Delete /etc/sysctl.d/wg.conf file."
result=$(runSystem sysctl --system)