wg-quick: allow for the hatchet, but not by default
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
This commit is contained in:
Jason A. Donenfeld
parent
9bcb48eacd
commit
d30d9630b6
8
contrib/dns-hatchet/README
Normal file
8
contrib/dns-hatchet/README
Normal file
@ -0,0 +1,8 @@
|
||||
The DNS Hatchet
|
||||
===============
|
||||
|
||||
This is a workaround for distributions without resolvconf or any proper
|
||||
mechanism of setting the DNS. Running 'apply.sh` in this directory will
|
||||
insert 'hatchet.bash` into the right place in 'wg-quick.bash`. It is
|
||||
recommended that distributions without any resolvconf available run this
|
||||
before calling 'make install` in their packaging scripts.
|
||||
6
contrib/dns-hatchet/apply.sh
Executable file
6
contrib/dns-hatchet/apply.sh
Executable file
@ -0,0 +1,6 @@
|
||||
#!/bin/bash
|
||||
|
||||
ME="$(readlink -f "$(dirname "$(readlink -f "$0")")")"
|
||||
TOOLS="$ME/../../../src/tools"
|
||||
|
||||
sed -i "/~~ function override insertion point ~~/r $ME/hatchet.bash" "$TOOLS/wg-quick.bash"
|
||||
39
contrib/dns-hatchet/hatchet.bash
Normal file
39
contrib/dns-hatchet/hatchet.bash
Normal file
@ -0,0 +1,39 @@
|
||||
set_dns() {
|
||||
[[ ${#DNS[@]} -gt 0 ]] || return 0
|
||||
|
||||
if [[ $(resolvconf --version 2>/dev/null) == openresolv\ * ]]; then
|
||||
printf 'nameserver %s\n' "${DNS[@]}" | cmd resolvconf -a "$INTERFACE" -m 0 -x
|
||||
else
|
||||
echo "[#] mount \`${DNS[*]}' /etc/resolv.conf" >&2
|
||||
[[ -e /etc/resolv.conf ]] || touch /etc/resolv.conf
|
||||
{ cat <<-_EOF
|
||||
# This file was generated by wg-quick(8) for use with
|
||||
# the WireGuard interface $INTERFACE. It cannot be
|
||||
# removed or altered directly. You may remove this file
|
||||
# by running \`wg-quick down $INTERFACE', or if that
|
||||
# poses problems, run \`umount /etc/resolv.conf'.
|
||||
|
||||
_EOF
|
||||
printf 'nameserver %s\n' "${DNS[@]}"
|
||||
} | unshare -m --propagation shared bash -c "$(cat <<-_EOF
|
||||
set -e
|
||||
mount --make-private /dev/shm
|
||||
mount -t tmpfs none /dev/shm
|
||||
cat > /dev/shm/resolv.conf
|
||||
mount -o remount,ro /dev/shm
|
||||
mount -o bind,ro /dev/shm/resolv.conf /etc/resolv.conf
|
||||
_EOF
|
||||
)"
|
||||
fi
|
||||
HAVE_SET_DNS=1
|
||||
}
|
||||
|
||||
unset_dns() {
|
||||
[[ ${#DNS[@]} -gt 0 ]] || return 0
|
||||
|
||||
if [[ $(resolvconf --version 2>/dev/null) == openresolv\ * ]]; then
|
||||
cmd resolvconf -d "$INTERFACE"
|
||||
else
|
||||
cmd umount /etc/resolv.conf
|
||||
fi
|
||||
}
|
||||
@ -264,6 +264,8 @@ cmd_down() {
|
||||
execute_hooks "${POST_DOWN[@]}"
|
||||
}
|
||||
|
||||
# ~~ function override insertion point ~~
|
||||
|
||||
if [[ $# -eq 1 && ( $1 == --help || $1 == -h || $1 == help ) ]]; then
|
||||
cmd_usage
|
||||
elif [[ $# -eq 2 && $1 == up ]]; then
|
||||
|
||||
Reference in New Issue
Block a user