232 lines
5.5 KiB

3 years ago
  1. #!/bin/sh
  2. # TODO :
  3. # - add root user detection (only warn)
  4. # - verify trailling slash existenz at the end of the URL param
  5. VER=0.1
  6. LOG_LEVEL_1=1
  7. LOG_LEVEL_2=2
  8. LOG_LEVEL_3=3
  9. DEFAULT_LOG_LEVEL="$LOG_LEVEL_1"
  10. DEBUG_LEVEL_1=1
  11. DEBUG_LEVEL_2=2
  12. DEBUG_LEVEL_3=3
  13. DEBUG_LEVEL_DEFAULT=$DEBUG_LEVEL_1
  14. DEBUG_LEVEL_NONE=0
  15. _usage() {
  16. echo "
  17. Usage: $0 <command> --url <wgportal_url> [options...]
  18. Commands :
  19. -d, --download only download config file
  20. -i, --install download config file and install the service (UNIMPLEMENTED)
  21. Parameters:
  22. -u, --url <url> Specify your WG Portal base URL
  23. -f, --filename <file> Specify Wireguard filename (default: /etc/wireguard/wg0.conf)
  24. "
  25. _version
  26. }
  27. _version() {
  28. printf "%s version pre-alpha 0.1 (yes we're very cautious)\n" "$0"
  29. printf "USE AT YOUR OWN RISK and read the code before\n"
  30. }
  31. _printargs() {
  32. _exitstatus="$?"
  33. if [ -z "$NO_TIMESTAMP" ] || [ "$NO_TIMESTAMP" = "0" ]; then
  34. printf -- "%s" "[$(date)] "
  35. fi
  36. if [ -z "$2" ]; then
  37. printf -- "%s" "$1"
  38. else
  39. printf -- "%s" "$1='$2'"
  40. fi
  41. printf "\n"
  42. # return the saved exit status
  43. return "$_exitstatus"
  44. }
  45. __debug_bash_helper() {
  46. # At this point only do for --debug 3
  47. if [ "${DEBUG:-$DEBUG_LEVEL_NONE}" -lt "$DEBUG_LEVEL_3" ]; then
  48. return
  49. fi
  50. # Return extra debug info when running with bash, otherwise return empty
  51. # string.
  52. if [ -z "${BASH_VERSION}" ]; then
  53. return
  54. fi
  55. # We are a bash shell at this point, return the filename, function name, and
  56. # line number as a string
  57. _dbh_saveIFS=$IFS
  58. IFS=" "
  59. # Must use eval or syntax error happens under dash. The eval should use
  60. # single quotes as older versions of busybox had a bug with double quotes and
  61. # eval.
  62. # Use 'caller 1' as we want one level up the stack as we should be called
  63. # by one of the _debug* functions
  64. eval '_dbh_called=($(caller 1))'
  65. IFS=$_dbh_saveIFS
  66. eval '_dbh_file=${_dbh_called[2]}'
  67. if [ -n "${_script_home}" ]; then
  68. # Trim off the _script_home directory name
  69. eval '_dbh_file=${_dbh_file#$_script_home/}'
  70. fi
  71. eval '_dbh_function=${_dbh_called[1]}'
  72. eval '_dbh_lineno=${_dbh_called[0]}'
  73. printf "%-40s " "$_dbh_file:${_dbh_function}:${_dbh_lineno}"
  74. }
  75. _debug() {
  76. #  Log to file not implemented
  77. # if [ "${LOG_LEVEL:-$DEFAULT_LOG_LEVEL}" -ge "$LOG_LEVEL_1" ]; then
  78. # _log "$@"
  79. # fi
  80. # Sending log to syslog not implemented
  81. # if [ "${SYS_LOG:-$SYSLOG_LEVEL_NONE}" -ge "$SYSLOG_LEVEL_DEBUG" ]; then
  82. # _syslog "$SYSLOG_DEBUG" "$@"
  83. # fi
  84. if [ "${DEBUG:-$DEBUG_LEVEL_NONE}" -ge "$DEBUG_LEVEL_1" ]; then
  85. _bash_debug=$(__debug_bash_helper)
  86. _printargs "${_bash_debug}$@" >&2
  87. fi
  88. }
  89. _startswith() {
  90. _str="$1"
  91. _sub="$2"
  92. echo "$_str" | grep "^$_sub" >/dev/null 2>&1
  93. }
  94. _download() {
  95. [ -z "$WGPORTAL_URL" ] && printf "Please set wg-portal URL (see help)\n" && return 1
  96. [ -z "$WG_CONFFILE" ] && WG_CONFFILE=/etc/wireguard/wg0.conf
  97. _debug "Using server: $WGPORTAL_URL"
  98. trap 'stty echo; exit 99;' INT
  99. if [ -f $WG_CONFFILE ]; then
  100. if [ "$__OVERWRITE" = "on" ]; then
  101. _debug "File already exists but overwritting as requested"
  102. else
  103. printf "WARNING : Wireguard config file already exists\n"
  104. printf "Exiting now to prevent override of your actual parameters\n"
  105. printf "You can force config overwriting with --overwrite parameter\n"
  106. exit 1;
  107. fi
  108. fi
  109. printf "Username: "
  110. IFS= read -r username
  111. printf "Password: "
  112. stty -echo
  113. IFS= read -r password
  114. stty echo
  115. printf "\n"
  116. printf "Peer public key: "
  117. IFS= read -r wgpubkey
  118. printf "\n"
  119. WGPORTAL_APIURL=$WGPORTAL_URL"api/v1/provisioning/peer"
  120. _debug "GET request to $WGPORTAL_APIURL"
  121. HTTP_RESPONSE=$(curl -G -s --write-out "HTTPSTATUS:%{http_code}" --user $username:$password --data-urlencode "PublicKey=$wgpubkey" -X GET $WGPORTAL_APIURL -H "accept: text/plain")
  122. res=$?
  123. if [ "$res" != "0" ]; then
  124. echo "the curl command failed with: $res"
  125. fi
  126. HTTP_BODY=$(echo "$HTTP_RESPONSE" | sed -E 's/HTTPSTATUS\:[0-9]{3}$//')
  127. HTTP_STATUS=$(echo "$HTTP_RESPONSE" | tr -d '\n' | sed -E 's/.*HTTPSTATUS:([0-9]{3})$/\1/')
  128. if [ $HTTP_STATUS = "200" ]; then
  129. echo "$HTTP_BODY" > $WG_CONFFILE
  130. printf "WG config successfully downloaded at %s\n" "$WG_CONFFILE"
  131. return
  132. fi
  133. printf "Curl returned HTTP code %s\n" "$HTTP_STATUS"
  134. exit 1;
  135. }
  136. _install() {
  137. printf "install : This command does nothing ... yet (TDB)\n"
  138. }
  139. _process() {
  140. while [ ${#} -gt 0 ]; do
  141. case "${1}" in
  142. --help | -h)
  143. _usage
  144. return
  145. ;;
  146. --version | -v)
  147. _version
  148. return
  149. ;;
  150. --download | -d)
  151. _CMD="download"
  152. ;;
  153. --url | -u)
  154. WGPORTAL_URL="$2"
  155. shift
  156. ;;
  157. --filename | -f)
  158. WG_CONFFILE="$2"
  159. shift
  160. ;;
  161. --install | -i)
  162. _CMD="install"
  163. ;;
  164. --debug)
  165. if [ -z "$2" ] || _startswith "$2" "-"; then
  166. DEBUG="$DEBUG_LEVEL_DEFAULT"
  167. else
  168. DEBUG="$2"
  169. shift
  170. fi
  171. ;;
  172. --overwrite)
  173. __OVERWRITE="on"
  174. ;;
  175. *)
  176. printf "Unknown parameter : %s\n" "$1"
  177. return 1
  178. ;;
  179. esac
  180. shift 1
  181. done
  182. if [ ! "$_CMD" ]; then
  183. printf "Nothing to do, please specify a command (see --help)\n"
  184. fi
  185. case "${_CMD}" in
  186. download)
  187. _download
  188. ;;
  189. install)
  190. _install
  191. ;;
  192. *)
  193. if [ "$_CMD" ]; then
  194. printf "Invalid command: %s\n" "$_CMD"
  195. fi
  196. esac
  197. }
  198. main() {
  199. [ -z "$1" ] && _usage && return
  200. if _startswith "$1" '-'; then _process "$@"; else "$@"; fi
  201. }
  202. _ARGS="$*"
  203. main "$@"