-
Notifications
You must be signed in to change notification settings - Fork 0
/
0vpn-client
executable file
·55 lines (37 loc) · 2.06 KB
/
0vpn-client
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
#!/bin/bash
set -e
my_path=$(dirname "$0")
source "$my_path"/0vpn-options
echo Creating temporary file...
TMPFILE=$(mktemp) || exit 1
echo tmpfile: "$TMPFILE"
trap 'echo Cleaning up...; rm -f "$TMPFILE"' EXIT
echo Setting up wireguard device "$ZEROVPN_WIREGUARD_DEVICE"...
echo Removing old device... "$(ip link delete "$ZEROVPN_WIREGUARD_DEVICE")"
ip link add "$ZEROVPN_WIREGUARD_DEVICE" type wireguard
client_ipv6="$("$my_path"/0vpn-ipv6-address "$ZEROVPN_KEYFILE" "$ZEROVPN_CLIENT_NAME")"
echo Client VPN IPv6: "$client_ipv6"
ip addr add "$("$my_path"/0vpn-ipv6-address "$ZEROVPN_KEYFILE" "$ZEROVPN_CLIENT_NAME")" dev "$ZEROVPN_WIREGUARD_DEVICE"
"$my_path"/0vpn-tool mixin "$ZEROVPN_KEYFILE" "$ZEROVPN_CLIENT_NAME" > "$TMPFILE"
wg set "$ZEROVPN_WIREGUARD_DEVICE" private-key "$TMPFILE"
ip link set "$ZEROVPN_WIREGUARD_DEVICE" up
rm -f "$TMPFILE"
echo Deriving server keys...
server_private_key=$("$my_path"/0vpn-tool mixin "$ZEROVPN_KEYFILE" "$ZEROVPN_SERVER_NAME")
server_public_key=$(echo "$server_private_key" | wg pubkey)
server_ipv6="$("$my_path"/0vpn-ipv6-address "$ZEROVPN_KEYFILE" "$ZEROVPN_SERVER_NAME")"
echo Server public key: "$server_public_key"
echo Server VPN IPv6: "$server_ipv6"
echo Setting up server node endpoint...
wg set "$ZEROVPN_WIREGUARD_DEVICE" peer "$server_public_key" endpoint "$ZEROVPN_SERVER_HOSTNAME":"$ZEROVPN_WIREGUARD_PORT" persistent-keepalive 10 allowed-ips "$("$my_path"/0vpn-ipv6-prefix "$ZEROVPN_KEYFILE")"::0/64
echo Output of wg show "$ZEROVPN_WIREGUARD_DEVICE":
wg show "$ZEROVPN_WIREGUARD_DEVICE"
echo Adding route...
ip route add "$("$my_path"/0vpn-ipv6-prefix "$ZEROVPN_KEYFILE")"::0/64 dev "$ZEROVPN_WIREGUARD_DEVICE"
resolvectl dns "$ZEROVPN_WIREGUARD_DEVICE" ["$server_ipv6"]:"$ZEROVPN_DNS_PORT"
resolvectl domain "$ZEROVPN_WIREGUARD_DEVICE" "$ZEROVPN_TLD"
echo Entering client announcement loop...
while true; do
"$my_path"/0vpn-announce-client "$ZEROVPN_KEYFILE" "$ZEROVPN_CLIENT_NAME" "$ZEROVPN_SERVER_HOSTNAME" "$ZEROVPN_ANNOUNCE_PORT" || echo Something went wrong announcing this client
sleep "$ZEROVPN_ANNOUNCE_INTERVAL"
done