forked from cmulk/wireguard-docker
-
Notifications
You must be signed in to change notification settings - Fork 0
/
run
57 lines (46 loc) · 1.27 KB
/
run
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
#!/bin/sh
## The below is modified from https://github.com/activeeos/wireguard-docker
# Find a Wireguard interface
interfaces=`find /etc/wireguard -type f`
if [ -z $interfaces ]; then
echo "$(date): Interface not found in /etc/wireguard" >&2
exit 1
fi
start_interfaces() {
for interface in $interfaces; do
echo "$(date): Starting Wireguard $interface"
wg-quick up $interface
done
}
stop_interfaces() {
for interface in $interfaces; do
wg-quick down $interface
done
}
start_interfaces
# Add masquerade rule for NAT'ing VPN traffic bound for the Internet
if [ $IPTABLES_MASQ -eq 1 ]; then
echo "Adding iptables NAT rule"
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
ip6tables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
fi
# Handle shutdown behavior
finish () {
echo "$(date): Shutting down Wireguard"
stop_interfaces
if [ $IPTABLES_MASQ -eq 1 ]; then
iptables -t nat -D POSTROUTING -o eth0 -j MASQUERADE
ip6tables -t nat -D POSTROUTING -o eth0 -j MASQUERADE
fi
exit 0
}
trap finish TERM INT QUIT
if [ $WATCH_CHANGES -eq 0 ]; then
sleep infinity &
wait $!
else
while inotifywait -e modify -e create /etc/wireguard; do
stop_interfaces
start_interfaces
done
fi