maxried/README.md

## README.md

      
    Raw
  

              README.md
            
          
    These scripts allow you to have a wireguard connection in your initrd. Make sure you have wireguard installed on your system and a busybox which supports ip, nslookup. If it does not work, change the copy_exec line for busybox in the hook and replace it with a better one. It reads /etc/wireguard/initramdisk.conf and expects at least one comment specifying all ip addresses like so: # Address = 1.2.3.4/12. Tested on Ubuntu 19.10.

  
## wg
#!/bin/sh

# /etc/initramfs-tools/hooks/wg

set -e
PREREQ=""
prereqs()
{
    echo "${PREREQ}"
}
case "${1}" in
    prereqs)
        prereqs
        exit 0
        ;;
esac

. /usr/share/initramfs-tools/hook-functions

force_load wireguard
copy_exec $(which wg)
copy_exec /usr/lib/initramfs-tools/bin/busybox-wg /bin/busybox-wg
copy_file config /etc/wireguard/initramdisk.conf /etc/wireguard/initramdisk.conf

## wg-down
#!/bin/sh

# /etc/initramfs-tools/scripts/init-bottom/wg-down

PREREQ=""
prereqs()
{
	echo "$PREREQ"
}

case $1 in
prereqs)
	prereqs
	exit 0
	;;
esac

IP_TOOL="/sbin/ip"
if [ "$(which busybox-wg)" ] ; then
	IP_TOOL="$(which busybox-wg) ip"
	echo "Found busybox-wg."
fi
echo "IP_TOOL is $IP_TOOL"


$IP_TOOL link delete wgInit

## wg-up
#!/bin/sh

# /etc/initramfs-tools/scripts/init-premount/wg-up

PREREQ="udev"

prereqs() {
    echo "$PREREQ"
}

case "$1" in
    prereqs)
        prereqs
        exit 0
    ;;
esac

[ "$IP" != off -a "$IP" != none ] || exit 0

. /scripts/functions


BLOCKING="y"

IP_TOOL="/sbin/ip"
NSLOOKUP_TOOL="nslookup"

setup_wg() {
	configure_networking

	CONFIG="/etc/wireguard/initramdisk.conf"
	NAMESERVER="8.8.8.8"

	if [ "$IPV4DNS0" ] ; then
		echo "Using DNS0 server provided by ipconfig: $IPV4DNS0"
		NAMESERVER="$IPV4DNS0"
	else
		echo "Using default DNS server: $NAMESERVER"
	fi

	ENDPOINTS=$(grep "^\s*EndPoint\s*=\s*.*:[0-9]*$" "$CONFIG" | grep -Ev "\s[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}:" | grep -Ev "\s\[.+\]:")

	while read LINE;
	do
		HOST=$(echo "$LINE" | cut -d':' -f1 | cut -d'=' -f2 | tr -d ' ')
		echo "Looking up $HOST using $NAMESERVER"
		$NSLOOKUP_TOOL -type=A "$HOST" "$NAMESERVER" | grep -A999 "nswer:" | grep "^Address: " | cut -d":" -f2- | sed -r "s/\s*(.*)/\1\t$HOST/g" >> /etc/hosts
	done <<EOF
$ENDPOINTS
EOF

	echo "Create interface"
	$IP_TOOL link add dev wgInit type wireguard

	echo "Stripping config"
        grep -v "^\s*#\?\s*Address\s*=.*" $CONFIG > $CONFIG.strip

	echo "Configure interface"
	wg setconf wgInit $CONFIG.strip

	echo "Upping interface"
	$IP_TOOL link set dev wgInit up

	for I in $(grep "^.*#\?\s*Address\s*=\s*..*" $CONFIG | cut -d "=" -f2 | tr -d ',')
	do
		echo "Add address $I to interface wgInit"
		$IP_TOOL address add $I dev wgInit
	done

	for I in $(wg show wgInit | grep "allowed ips" | cut -d':' -f2- | tr -d ",")
	do
		echo "Adding route $I to wgInit"
		$IP_TOOL route add $I dev wgInit
	done

	echo ============Summary===========
	wg
	echo ==============================

cat /run/net-enp4s0.conf

}


if [ "$(which busybox-wg)" ] ; then
	IP_TOOL="$(which busybox-wg) ip"
	NSLOOKUP_TOOL="$(which busybox-wg) nslookup"
	echo "Found busybox-wg."
fi
echo "IP_TOOL is $IP_TOOL"
echo "NSLOOKUP_TOOL is $NSLOOKUP_TOOL"


if [ "$BLOCKING" = "y" ] ; then
	setup_wg
else
	setup_wg &
fi
	#!/bin/sh

	# /etc/initramfs-tools/hooks/wg

	set -e
	PREREQ=""
	prereqs()
	{
	echo "${PREREQ}"
	}
	case "${1}" in
	prereqs)
	prereqs
	exit 0
	;;
	esac

	. /usr/share/initramfs-tools/hook-functions

	force_load wireguard
	copy_exec $(which wg)
	copy_exec /usr/lib/initramfs-tools/bin/busybox-wg /bin/busybox-wg
	copy_file config /etc/wireguard/initramdisk.conf /etc/wireguard/initramdisk.conf
	#!/bin/sh

	# /etc/initramfs-tools/scripts/init-bottom/wg-down

	PREREQ=""
	prereqs()
	{
	echo "$PREREQ"
	}

	case $1 in
	prereqs)
	prereqs
	exit 0
	;;
	esac

	IP_TOOL="/sbin/ip"
	if [ "$(which busybox-wg)" ] ; then
	IP_TOOL="$(which busybox-wg) ip"
	echo "Found busybox-wg."
	fi
	echo "IP_TOOL is $IP_TOOL"


	$IP_TOOL link delete wgInit
	#!/bin/sh

	# /etc/initramfs-tools/scripts/init-premount/wg-up

	PREREQ="udev"

	prereqs() {
	echo "$PREREQ"
	}

	case "$1" in
	prereqs)
	prereqs
	exit 0
	;;
	esac

	[ "$IP" != off -a "$IP" != none ] \|\| exit 0

	. /scripts/functions


	BLOCKING="y"

	IP_TOOL="/sbin/ip"
	NSLOOKUP_TOOL="nslookup"

	setup_wg() {
	configure_networking

	CONFIG="/etc/wireguard/initramdisk.conf"
	NAMESERVER="8.8.8.8"

	if [ "$IPV4DNS0" ] ; then
	echo "Using DNS0 server provided by ipconfig: $IPV4DNS0"
	NAMESERVER="$IPV4DNS0"
	else
	echo "Using default DNS server: $NAMESERVER"
	fi

	ENDPOINTS=$(grep "^\sEndPoint\s=\s.:[0-9]*$" "$CONFIG" \| grep -Ev "\s[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}:" \| grep -Ev "\s\[.+\]:")

	while read LINE;
	do
	HOST=$(echo "$LINE" \| cut -d':' -f1 \| cut -d'=' -f2 \| tr -d ' ')
	echo "Looking up $HOST using $NAMESERVER"
	$NSLOOKUP_TOOL -type=A "$HOST" "$NAMESERVER" \| grep -A999 "nswer:" \| grep "^Address: " \| cut -d":" -f2- \| sed -r "s/\s(.)/\1\t$HOST/g" >> /etc/hosts
	done <<EOF
	$ENDPOINTS
	EOF

	echo "Create interface"
	$IP_TOOL link add dev wgInit type wireguard

	echo "Stripping config"
	grep -v "^\s#\?\sAddress\s=." $CONFIG > $CONFIG.strip

	echo "Configure interface"
	wg setconf wgInit $CONFIG.strip

	echo "Upping interface"
	$IP_TOOL link set dev wgInit up

	for I in $(grep "^.#\?\sAddress\s=\s..*" $CONFIG \| cut -d "=" -f2 \| tr -d ',')
	do
	echo "Add address $I to interface wgInit"
	$IP_TOOL address add $I dev wgInit
	done

	for I in $(wg show wgInit \| grep "allowed ips" \| cut -d':' -f2- \| tr -d ",")
	do
	echo "Adding route $I to wgInit"
	$IP_TOOL route add $I dev wgInit
	done

	echo ============Summary===========
	wg
	echo ==============================

	cat /run/net-enp4s0.conf

	}


	if [ "$(which busybox-wg)" ] ; then
	IP_TOOL="$(which busybox-wg) ip"
	NSLOOKUP_TOOL="$(which busybox-wg) nslookup"
	echo "Found busybox-wg."
	fi
	echo "IP_TOOL is $IP_TOOL"
	echo "NSLOOKUP_TOOL is $NSLOOKUP_TOOL"


	if [ "$BLOCKING" = "y" ] ; then
	setup_wg
	else
	setup_wg &
	fi