24 lines
812 B
Django/Jinja
24 lines
812 B
Django/Jinja
#!/usr/bin/env bash
|
|
|
|
apk add --no-cache wireguard-tools-wg
|
|
|
|
local_gateway=$(ip route | grep default | awk '{print $3}')
|
|
# This used as the gateway address for NAT-PMP to work properly
|
|
wg_gateway="{{ wg_dns }}"
|
|
wg_peer_address=$(echo "{{ wg_peer_endpoint }}" | cut -d: -f1)
|
|
|
|
ip route add "$wg_peer_address" via "$local_gateway"
|
|
ip link add wg0 type wireguard
|
|
wg setconf wg0 /etc/wireguard/wg0.conf
|
|
ip address add dev wg0 "{{ wg_address }}"
|
|
ip link set wg0 up
|
|
ip route add "$wg_gateway" dev wg0
|
|
ip route del default
|
|
ip route add default via "$wg_gateway"
|
|
|
|
# Note that the DNS isn't changed, so there's actually a leak there
|
|
# That's on purpose, just in case I want to access local jackett from qbit
|
|
|
|
# Finally, optionally allow access to the home network
|
|
# ip route add "\{\{ home_network }}" via "$local_gateway"
|