1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
|
#!/usr/bin/env bash
set -eu
set -o pipefail
script_path="$(realpath "$(dirname "$0")")"
secrets_bin="${script_path}/secrets"
config_path="$(echo /mnt/algo/configs/*/wireguard)"
"$secrets_bin" open
trap '"$secrets_bin" close' EXIT
if [ -z "${VIRTUAL_ENV:-}" ]; then
# shellcheck disable=SC1090
. "${script_path}/helpers/algo-virtualenv"
python -m pip install segno
fi
# hush
dns=$(perl -nle 'print $1 if /DNS\s*=\s*(.*),/' "$config_path"/hush.conf)
sed -i 's|^\(Address.*\),.*|\1|' "$config_path"/hush.conf
cp "$config_path"/hush.conf "$config_path"/hush-not-captive.conf
sed -i 's|^AllowedIPs.*|AllowedIPs = 0.0.0.0/0|' "$config_path"/hush.conf
sed -i "s|^AllowedIPs.*|AllowedIPs = 10.49.0.0/24, $dns/32|" "$config_path"/hush-not-captive.conf
sudo cp "$config_path"/hush.conf /etc/wireguard/algo-captive.conf
sudo cp "$config_path"/hush-not-captive.conf /etc/wireguard/algo.conf
# tozt
dns=$(perl -nle 'print $1 if /DNS\s*=\s*(.*),/' "$config_path"/tozt.conf)
sed -i 's|^\(Address.*\),.*|\1|' "$config_path"/tozt.conf
cp "$config_path"/tozt.conf "$config_path"/tozt-not-captive.conf
sed -i 's|^AllowedIPs.*|AllowedIPs = 0.0.0.0/0|' "$config_path"/tozt.conf
sed -i "s|^AllowedIPs.*|AllowedIPs = 10.49.0.0/24, $dns/32|" "$config_path"/tozt-not-captive.conf
scp "$config_path"/tozt-not-captive.conf root@tozt.net:/etc/wireguard/algo.conf
cp "$config_path"/tozt-not-captive.conf /mnt/puppet/tozt/wireguard
$secrets_bin sync tozt
# partofme
dns=$(perl -nle 'print $1 if /DNS\s*=\s*(.*),/' "$config_path"/partofme.conf)
sed -i 's|^\(Address.*\),.*|\1|' "$config_path"/partofme.conf
cp "$config_path"/partofme.conf "$config_path"/partofme-not-captive.conf
sed -i 's|^AllowedIPs.*|AllowedIPs = 0.0.0.0/0|' "$config_path"/partofme.conf
sed -i "s|^AllowedIPs.*|AllowedIPs = 10.49.0.0/24, $dns/32|" "$config_path"/partofme-not-captive.conf
scp "$config_path"/partofme-not-captive.conf root@partofme:/etc/wireguard/algo.conf
cp "$config_path"/partofme-not-captive.conf /mnt/puppet/partofme/wireguard
$secrets_bin sync partofme
# mail
dns=$(perl -nle 'print $1 if /DNS\s*=\s*(.*),/' "$config_path"/mail.conf)
sed -i 's|^\(Address.*\),.*|\1|' "$config_path"/mail.conf
cp "$config_path"/mail.conf "$config_path"/mail-not-captive.conf
sed -i 's|^AllowedIPs.*|AllowedIPs = 0.0.0.0/0|' "$config_path"/mail.conf
sed -i "s|^AllowedIPs.*|AllowedIPs = 10.49.0.0/24, $dns/32|" "$config_path"/mail-not-captive.conf
scp "$config_path"/mail-not-captive.conf root@mail.tozt.net:/etc/wireguard/algo.conf
cp "$config_path"/mail-not-captive.conf /mnt/puppet/mail/wireguard
$secrets_bin sync mail
# phone
dns=$(perl -nle 'print $1 if /DNS\s*=\s*(.*),/' "$config_path"/phone.conf)
sed -i 's|^\(Address.*\),.*|\1|' "$config_path"/phone.conf
cp "$config_path"/phone.conf "$config_path"/phone-not-captive.conf
sed -i 's|^AllowedIPs.*|AllowedIPs = 0.0.0.0/0|' "$config_path"/phone.conf
sed -i "s|^AllowedIPs.*|AllowedIPs = 10.49.0.0/24, $dns/32|" "$config_path"/phone-not-captive.conf
echo "algo-captive"
segno --scale=5 --output="$config_path"/phone.png "$(cat "$config_path"/phone.conf)"
sxiv "$config_path/phone.png"
echo "algo"
segno --scale=5 --output="$config_path"/phone-not-captive.png "$(cat "$config_path"/phone-not-captive.conf)"
sxiv "$config_path/phone-not-captive.png"
|
