kris/piawg
0
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

testing

Browse Source
This commit is contained in:
Kris Lamoureux
2026-03-08 14:52:24 -04:00
parent c72d963735
commit 2eefbbdaab
1 changed files with 23 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

24
piawg.sh
View File

@@ -98,7 +98,7 @@ pia_addkey() {
--cacert ./ca.rsa.4096.crt \ --cacert ./ca.rsa.4096.crt \
--data-urlencode "pt=$pia_token" \ --data-urlencode "pt=$pia_token" \
--data-urlencode "pubkey=$piawg_pubkey" \ --data-urlencode "pubkey=$piawg_pubkey" \
"https://$server_cn:1337/addKey" "https://$server_cn:$server_port/addKey"
); then ); then
err "Failed connect to $server_cn to addKey" err "Failed connect to $server_cn to addKey"
fi fi
@@ -333,6 +333,7 @@ opn_if_reply="$(opn_curl 'wireguard/server/searchServer' -d '{}' |
piawg_uuid="$(printf '%s' "$opn_if_reply" | jq -r .uuid)" piawg_uuid="$(printf '%s' "$opn_if_reply" | jq -r .uuid)"
piawg_pubkey="$(printf '%s' "$opn_if_reply" | jq -r .pubkey)" piawg_pubkey="$(printf '%s' "$opn_if_reply" | jq -r .pubkey)"
piawg_tunaddr="$(printf '%s' "$opn_if_reply" | jq -r .tunneladdress)" piawg_tunaddr="$(printf '%s' "$opn_if_reply" | jq -r .tunneladdress)"
piawg_interface="$(printf '%s' "$opn_if_reply" | jq -r .interface)"
debug -f "Wireguard instance $OPN_IF from OPNsense API\n%s" \ debug -f "Wireguard instance $OPN_IF from OPNsense API\n%s" \
"$(printf '%s' "$opn_if_reply" | jq '.privkey = "[CENSORED]"')" "$(printf '%s' "$opn_if_reply" | jq '.privkey = "[CENSORED]"')"
unset opn_if_reply unset opn_if_reply
@@ -352,6 +353,7 @@ wg_reply="$(bao_curl "$BAO_KV_MOUNT/data/$BAO_PATH_CONFIG")"
server_ip="$(printf '%s' "$wg_reply" | jq -r .data.data.server_ip)" server_ip="$(printf '%s' "$wg_reply" | jq -r .data.data.server_ip)"
server_cn="$(printf '%s' "$wg_reply" | jq -r .data.data.server_cn)" server_cn="$(printf '%s' "$wg_reply" | jq -r .data.data.server_cn)"
server_port="$(printf '%s' "$wg_reply" | jq -r .data.data.server_port)" server_port="$(printf '%s' "$wg_reply" | jq -r .data.data.server_port)"
server_vip="$(printf '%s' "$wg_reply" | jq -r .data.data.server_vip)"
debug -f "Config from OpenBao ($BAO_PATH_CONFIG)\n%s" \ debug -f "Config from OpenBao ($BAO_PATH_CONFIG)\n%s" \
"$(printf '%s' "$wg_reply" | jq .)" "$(printf '%s' "$wg_reply" | jq .)"
unset wg_reply unset wg_reply
@@ -382,3 +384,23 @@ else
fi fi
fi fi
fi fi
if conf_reply="$(bao_curl "$BAO_KV_MOUNT/data/$BAO_PATH_CONFIG")"; then
port_forward="$(printf '%s' "$conf_reply" | jq -r '.data.data.port_forward')"
if [ "$port_forward" = "true" ]; then
server_cn="$(printf '%s' "$conf_reply" | jq -r '.data.data.server_cn')"
server_vip="$(printf '%s' "$conf_reply" | jq -r '.data.data.server_vip')"
set -x
if ! pf_sig_reply="$(_curl -G --cacert ./ca.rsa.4096.crt \
--interface "$piawg_interface" \
--resolve "$server_cn:19999:$server_vip" \
--data-urlencode "token=$pia_token" \
"https://$server_cn:19999/getSignature")"; then
err "Failed to connect to https://$server_cn:19999/getSignature"
fi
set +x
debug -f "getSignature\n%s" "$(printf '%s' "$pf_sig_reply" | jq .)"
fi
fi
debug -f "Check for port_forward value in OpenBao ($BAO_PATH_CONFIG)\n%s" \
"$(printf '%s' "$conf_reply" | jq .)"