LibrePortal/scripts/wireguard/uninstall_standalone.sh
librelad 4ee231ae9f refactor(de-sudo): wireguard -> runSystem, traefik -> runFileOp
Wireguard standalone touches /etc/wireguard + sysctl exclusively (genuine
root) -> runSystem for all its mkdir/chmod/sed/rm/grep/tee/qrencode. Traefik
dynamic configs live under containers/traefik (docker-install-owned) ->
runFileOp/runFileWrite (whitelist.yml, protectionauth.yml, the router-rewrite
awk|tee|mv in port_subdomains). sudo -u drops left.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
Signed-off-by: librelad <librelad@digitalangels.vip>
2026-05-24 17:37:14 +01:00

53 lines
2.0 KiB
Bash
Executable File

#!/bin/bash
wireguardUninstall()
{
isHeader "Wireguard Uninstaller"
isNotice "***WARNING*** This will uninstall WireGuard and remove all the configuration files!"
isNotice "Please backup the /etc/wireguard directory if you want to keep your configuration files."
echo ""
isQuestion "Do you really want to remove WireGuard? (y/n): "
read -p "" WIREGUARD_REMOVE
if [[ $WIREGUARD_REMOVE == [yY] ]]; then
if [[ "$OS_TYPE" == "Ubuntu" || "$OS_TYPE" == "Debian" ]]; then
result=$(runSystem systemctl stop "wg-quick@${CFG_WG_SERVER_NIC}")
checkSuccess "Stopped wg-quick@${CFG_WG_SERVER_NIC} service."
result=$(runSystem systemctl disable "wg-quick@${CFG_WG_SERVER_NIC}")
checkSuccess "Disabled wg-quick@${CFG_WG_SERVER_NIC} service."
if [[ "$OS_TYPE" == "Ubuntu" || "$OS_TYPE" == "Debian" ]]; then
result=$(runSystem apt-get remove -y wireguard wireguard-tools qrencode)
checkSuccess "Removed wireguard wireguard-tools qrencode"
fi
result=$(runSystem rm -rf /etc/wireguard)
checkSuccess "Deleted /etc/wireguard folder."
result=$(runSystem rm -f /etc/sysctl.d/wg.conf)
checkSuccess "Delete /etc/sysctl.d/wg.conf file."
result=$(runSystem sysctl --system)
checkSuccess "Reloaded sysctl"
portUnuse wireguardstandalone $CFG_WG_SERVER_PORT install;
portClose wireguardstandalone $CFG_WG_SERVER_PORT/udp install;
# Check if WireGuard is running
systemctl is-active --quiet "wg-quick@${CFG_WG_SERVER_NIC}"
WIREGUARD_RUNNING=$?
if [[ ${WIREGUARD_RUNNING} -eq 0 ]]; then
isError "WireGuard failed to uninstall properly."
wireguardManageMenu;
else
isSuccessful "WireGuard uninstalled successfully."
wireguardManageMenu;
fi
fi
else
echo ""
isNotice "Removal aborted!"
fi
}