wg-installer: rework code

Use shellcheck to rework the code. Use "export" to return variables from a function call. Further, fix typos. Signed-off-by: Nick Hainke <vincent@systemli.org>
3 years ago · 69c81790d1
--- a/net/wg-installer/common/wg.sh
+++ b/net/wg-installer/common/wg.sh
@ -6,9 +6,9 @@ next_port () {

 	ports=$(wg show all listen-port | awk '{print $2}')

 	for i in $(seq $port_start $port_end); do
 		if ! echo $ports | grep -q "$i"; then
 			echo $i
 	for i in $(seq "$port_start" "$port_end"); do
 		if ! echo "$ports" | grep -q "$i"; then
 			echo "$i"
 			return
 		fi
 	done
@ -25,15 +25,13 @@ delete_wg_interface() {
 }

 check_wg_neighbors() {
    local phy

    wg_interfaces=$(ip link | grep wg | awk '{print $2}' | sed 's/://')
    for phy in $wg_interfaces; do
        linklocal=$(ip -6 addr list dev $phy | grep "scope link" | awk '{print $2}' | sed 's/\/64//') 2>/dev/null
        ips=$(ping ff02::1%$phy -w5 -W5 -c10 | awk '/from/{print($4)}' | sed 's/.$//') 2>/dev/null
        linklocal=$(ip -6 addr list dev "$phy" | grep "scope link" | awk '{print $2}' | sed 's/\/64//') 2>/dev/null
        ips=$(ping ff02::1%"$phy" -w5 -W5 -c10 | awk '/from/{print($4)}' | sed 's/.$//') 2>/dev/null
        delete=1
        for ip in $ips; do
            if [ $ip != $linklocal ] && [ $(owipcalc $ip linklocal) -eq 1 ]; then
            if [ "$ip" != "$linklocal" ] && [ "$(owipcalc $ip linklocal)" -eq 1 ]; then
                delete=0
                break
            fi
--- a/net/wg-installer/wg-client/config/wgclient.conf
+++ b/net/wg-installer/wg-client/config/wgclient.conf
@ -1,7 +1,4 @@
 config client
    option wg_key '/root/wg.key'
    option wg_pub '/root/wg.pub'
    option base_prefix '2000::/64'
    option port_start '51820'
    option port_end '52820'
    option try_insecure '1'
--- a/net/wg-installer/wg-client/lib/rpcd_ubus.sh
+++ b/net/wg-installer/wg-client/lib/rpcd_ubus.sh
@ -1,3 +1,5 @@
 #!/bin/sh

 . /usr/share/libubox/jshn.sh

 query_gw () {
@ -5,26 +7,26 @@ query_gw () {
 	local req=$2
 	
 	# first try https
 	ret=$(curl https://$ip/ubus -d "$req") 2>/dev/null
 	ret=$(curl https://"$ip"/ubus -d "$req") 2>/dev/null
 	if [ $? -eq 0 ]; then
 		echo $ret
 		echo "$ret"
 		return 0
 	fi

 	# try with --insecure
 	if [ $(uci get wgclient.@client[0].try_insecure) == '1' ]; then
 		ret=$(curl --insecure https://$ip/ubus -d "$req") 2>/dev/null
 	if [ "$(uci get wgclient.@client[0].try_insecure)" -eq '1' ]; then
 		ret=$(curl --insecure https://"$ip"/ubus -d "$req") 2>/dev/null
 		if [ $? -eq 0 ]; then
 			echo $ret
 			echo "$ret"
 			return 0
 		fi
 	fi

 	# try with http
 	if [ $(uci get wgclient.@client[0].try_http) == '1' ]; then
 		ret=$(curl http://$ip/ubus -d "$req") 2>/dev/null
 	if [ "$(uci get wgclient.@client[0].try_http)" -eq '1' ]; then
 		ret=$(curl http://"$ip"/ubus -d "$req") 2>/dev/null
 		if [ $? -eq 0 ]; then
 			echo $ret
 			echo "$ret"
 			return 0
 		fi
 	fi
@ -46,13 +48,13 @@ request_token () {
 	json_add_string "" "session"
 	json_add_string "" "login"
 	json_add_object
 	json_add_string "username" $user
 	json_add_string "password" $password
 	json_add_string "username" "$user"
 	json_add_string "password" "$password"
 	json_close_object
 	json_close_array
 	req=$(json_dump)
 	ret=$(query_gw $ip "$req") 2>/dev/null
 	if [ $? != 0 ]; then
 	ret=$(query_gw "$ip" "$req") 2>/dev/null
 	if [ $? -ne 0 ]; then
 		return 1
 	fi
 	json_load "$ret"
@ -60,7 +62,7 @@ request_token () {
 	json_select result
 	json_select 2
 	json_get_var ubus_rpc_session ubus_rpc_session
 	echo $ubus_rpc_session
 	echo "$ubus_rpc_session"
 }

 wg_rpcd_get_usage () {
@ -73,18 +75,17 @@ wg_rpcd_get_usage () {
 	json_add_int "id" "1"
 	json_add_string "method" "call"
 	json_add_array "params"
 	json_add_string "" $token
 	json_add_string "" "$token"
 	json_add_string "" "wginstaller"
 	json_add_string "" "get_usage"
 	json_add_object
 	json_close_object
 	json_close_array
 	req=$(json_dump)
 	ret=$(query_gw $ip "$req") 2>/dev/null
 	if [ $? != 0 ]; then
 	ret=$(query_gw "$ip" "$req") 2>/dev/null
 	if [ $? -ne 0 ]; then
 		return 1
 	fi

 	# return values
 	json_load "$ret"
 	json_get_vars result result
@ -95,40 +96,39 @@ wg_rpcd_get_usage () {
 }

 wg_rpcd_register () {
 	local token=$1
 	local ip=$2
 	local uplink_bw=$3
 	local mtu=$4
 	local public_key=$5
 	local token=$5
 	local ip=$6
 	local mtu=$7
 	local public_key=$8

 	json_init
 	json_add_string "jsonrpc" "2.0"
 	json_add_int "id" "1"
 	json_add_string "method" "call"
 	json_add_array "params"
 	json_add_string "" $token
 	json_add_string "" "$token"
 	json_add_string "" "wginstaller"
 	json_add_string "" "register"
 	json_add_object
 	json_add_int "uplink_bw" $uplink_bw
 	json_add_int "mtu" $mtu
 	json_add_string "public_key" $public_key
 	json_add_int "mtu" "$mtu"
 	json_add_string "public_key" "$public_key"
 	json_close_object
 	json_close_array
 	req=$(json_dump)
 	ret=$(query_gw $ip "$req") 2>/dev/null
 	if [ $? != 0 ]; then
 	ret=$(query_gw "$ip" "$req") 2>/dev/null
 	if [ $? -ne 0 ]; then
 		return 1
 	fi

 	json_load "$ret"
 	json_get_vars result result
 	json_select result
 	json_select 2
 	json_get_var pubkey pubkey
 	json_get_var gw_ip gw_ip
 	json_get_var port port
 	echo "pubkey: ${pubkey}"
 	echo "gw_ip: ${gw_ip}"
 	echo "port: ${port}"
 	json_get_var gw_pubkey gw_pubkey
 	json_get_var gw_ipv4 gw_ipv4
 	json_get_var gw_ipv6 gw_ipv6
 	json_get_var gw_port gw_port
 	export "$1=$gw_pubkey"
 	export "$2=$gw_ipv4"
 	export "$3=$gw_ipv6"
 	export "$4=$gw_port"
 }
--- a/net/wg-installer/wg-client/wg-client-installer.sh
+++ b/net/wg-installer/wg-client/wg-client-installer.sh
@ -12,8 +12,8 @@ while true; do
 		echo "help"
 		shift 1
 		;;
 	-i | --ip)
 		IP=$2
 	--endpoint)
 		ENDPOINT=$2
 		shift 2
 		;;
 	--user)
@ -24,10 +24,6 @@ while true; do
 		PASSWORD=$2
 		shift 2
 		;;
 	--bandwidth)
 		BANDWIDTH=$2
 		shift 2
 		;;
 	--mtu)
 		WG_MTU=$2
 		shift 2
@ -45,86 +41,56 @@ while true; do
 	esac
 done

 escape_ip () {
 	local gw_ip=$1

 	# ipv4 processing
 	ret_ip=$(echo $gw_ip | tr '.' '_')

 	# ipv6 processing
 	ret_ip=$(echo $ret_ip | tr ':' '_')
 	ret_ip=$(echo $ret_ip | cut -d '[' -f 2)
 	ret_ip=$(echo $ret_ip | cut -d ']' -f 1)

 	echo $ret_ip
 }

 register_client_interface () {
 	local privkey=$1
 	local pubkey=$2
 	local gw_ip=$3
 	local gw_port=$4
 	local endpoint=$5
 	local mtu_client=$6
 	local endpoint=$2
 	local mtu_client=$3
 	local privkey=$4
 	local pubkey=$5
 	local gw_port=$6

 	port_start=$(uci get wgclient.@client[0].port_start)
 	port_end=$(uci get wgclient.@client[0].port_end)
 	base_prefix=$(uci get wgclient.@client[0].base_prefix)

 	port=$(next_port $port_start $port_end)
 	port=$(next_port "$port_start" "$port_end")
 	ifname="wg_$port"

 	offset=$(($port - $port_start))
 	client_ip=$(owipcalc $base_prefix add $offset next 128)
 	client_ip_assign="${client_ip}/128"

 	echo "Installing Interface With:"
 	echo "Endpoint ${endpoint}"
 	echo "Client IP ${client_ip}"
 	echo "Port ${port}"
 	echo "Pubkey ${pubkey}"
 	ip link add dev "$ifname" type wireguard
 	ip -6 addr add dev "$ifname" fe80::2/64
 	wg set "$ifname" listen-port "$port" private-key "$privkey" peer "$pubkey" allowed-ips 0.0.0.0/0,::0/0 endpoint "${endpoint}:${gw_port}"
 	ip link set up dev "$ifname"
 	ip link set mtu "$mtu_client" dev "$ifname"

 	ip link add dev $ifname type wireguard

 	ip -6 addr add dev $ifname $client_ip
 	ip -6 addr add dev $ifname fe80::2/64
 	wg set $ifname listen-port $port private-key $privkey peer $pubkey allowed-ips 0.0.0.0/0,::0/0 endpoint "${endpoint}:${gw_port}"
 	ip link set up dev $ifname
 	ip link set mtu $mtu_client dev $ifname # configure mtu here!
 	export "$1=$ifname"
 }

 # rpc login
 token="$(request_token $IP $USER $PASSWORD)"
 if [ $? != 0 ]; then
 	echo "failed to register token"
 token="$(request_token "$ENDPOINT" "$USER" "$PASSWORD")"
 if [ $? -ne 0 ]; then
 	logger -t "wg-client-installer" "Failed to register token!"
 	exit 1
 fi

 # now call procedure
 case $CMD in
 "get_usage")
 	wg_rpcd_get_usage $token $IP
 	wg_rpcd_get_usage "$token" "$ENDPOINT"
 	;;
 "register")

 	if [ ! -z "$WG_KEY_FILE" ]; then
 		wg_priv_key_file=$WG_KEY_FILE
 		wg_pub_key=$(wg pubkey < $WG_KEY_FILE)
 	else
 		wg_priv_key_file=$(uci get wgclient.@client[0].wg_key)
 		wg_pub_key=$(cat $(uci get wgclient.@client[0].wg_pub))
 	if [ -n "$WG_KEY_FILE" ]; then
 		wg_priv_key_file="$WG_KEY_FILE"
 		wg_pub_key=$(wg pubkey < "$WG_KEY_FILE")
 	fi

 	register_output=$(wg_rpcd_register $token $IP $BANDWIDTH $WG_MTU $wg_pub_key)
 	if [ $? != 0 ]; then
 		echo "Failed to Register!"
 	wg_rpcd_register __gw_pubkey __gw_ipv4 __gw_ipv6 __gw_port "$token" "$ENDPOINT" "$WG_MTU" "$wg_pub_key"
 	if [ $? -ne 0 ]; then
 		logger -t "wg-client-installer" "Failed to Register!"
 		exit 1
 	fi
 	pubkey=$(echo $register_output | awk '{print $2}')
 	ip_addr=$(echo $register_output | awk '{print $4}')
 	port=$(echo $register_output | awk '{print $6}')
 	client_ip=$(echo $register_output | awk '{print $8}')
 	register_client_interface $wg_priv_key_file $pubkey $ip_addr $port $IP $WG_MTU

 	register_client_interface __interface "$ENDPOINT" "$WG_MTU" "$wg_priv_key_file" "$__gw_pubkey" "$__gw_port"
 	logger -t "wg-client-installer" "Registered: $__interface"
 	echo $__interface
 	;;
 *) echo "Usage: wg-client-installer [cmd] --ip [2001::1] --user wginstaller --password wginstaller" ;;
 *) echo "Usage: wg-client-installer [cmd] --endpoint [2001::1] --mtu 1500 --user wginstaller --password wginstaller" ;;
 esac
--- a/net/wg-installer/wg-server/config/wgserver.conf
+++ b/net/wg-installer/wg-server/config/wgserver.conf
@ -1,8 +1,8 @@
 config server
    option port_start '51820'
    option port_end '52820'
    option base_prefix '2002::/64'
    option base_v4prefix '10.0.0.1/24'
    option base_prefix_ipv4 '10.0.0.1/24'
    option base_prefix_ipv6 '2002::/64'
    option wg_key '/root/wg.key'
    option wg_pub '/root/wg.pub'
    option wg_tmp_key '1'
--- a/net/wg-installer/wg-server/hotplug.d/99-mesh-babeld
+++ b/net/wg-installer/wg-server/hotplug.d/99-mesh-babeld
@ -6,31 +6,31 @@ if [ "${DEVTYPE}" != "wireguard" ]; then
 fi

 # check if correct naming
 slicedint=$(echo $INTERFACE | cut -c1-3)
 slicedint=$(echo "$INTERFACE" | cut -c1-3)
 if [ "${slicedint}" != "wg_" ]; then
 	exit 0
 fi

 if [ "${ACTION}" == "add" ]; then
 if [ "${ACTION}" = "add" ]; then
 	uci add babeld interface
 	uci set babeld.@interface[-1].ifname="${INTERFACE}"
 	uci get wgserver.@babeld_hotplug[0].rxcost
 	if [ $? ]; then
 	if [ $? -eq 0 ]; then
 		babeld_rxcost="$(uci get wgserver.@babeld_hotplug[0].rxcost)"
 		uci set babeld.@interface[-1].rxcost="$babeld_rxcost"
 	fi
 	uci -c "$(dirname $(realpath /etc/config/babeld))" commit babeld
 	uci -c "$(dirname "$(realpath /etc/config/babeld)")" commit babeld
 	/etc/init.d/babeld reload
 fi

 if [ "${ACTION}" == "remove" ]; then
 if [ "${ACTION}" = "remove" ]; then
 	i=0
 	while uci get babeld.@interface[$i] &> /dev/null ; do
 		if [ "$(uci get babeld.@interface[$i].ifname)" == "${INTERFACE}" ]; then
 		if [ "$(uci get babeld.@interface[$i].ifname)" = "${INTERFACE}" ]; then
 			uci delete babeld.@interface[$i]
 		fi
 		i=$((i+1));
 	done
 	uci -c "$(dirname $(realpath /etc/config/babeld))" commit babeld
 	uci -c "$(dirname "$(realpath /etc/config/babeld)")" commit babeld
 	/etc/init.d/babeld reload
 fi
--- a/net/wg-installer/wg-server/hotplug.d/99-mesh-olsrd
+++ b/net/wg-installer/wg-server/hotplug.d/99-mesh-olsrd
@ -6,15 +6,15 @@ if [ "${DEVTYPE}" != "wireguard" ]; then
 fi

 # check if correct naming
 slicedint=$(echo $INTERFACE | cut -c1-3)
 slicedint=$(echo "$INTERFACE" | cut -c1-3)
 if [ "${slicedint}" != "wg_" ]; then
 	exit 0
 fi

 if [ "${ACTION}" == "add" ]; then
 	ubus call olsrd add_interface '{"ifname":'\"$INTERFACE\"'}'
 if [ "${ACTION}" = "add" ]; then
 	ubus call olsrd add_interface '{"ifname":'\""$INTERFACE"\"'}'
 fi

 if [ "${ACTION}" == "remove" ]; then
 	ubus call olsrd del_interface '{"ifname":'\"$INTERFACE\"'}'
 if [ "${ACTION}" = "remove" ]; then
 	ubus call olsrd del_interface '{"ifname":'\""$INTERFACE"\"'}'
 fi
--- a/net/wg-installer/wg-server/lib/install_wginstaller_user.sh
+++ b/net/wg-installer/wg-server/lib/install_wginstaller_user.sh
@ -1,7 +1,7 @@
 #!/bin/sh

 # do not override already existing user!!!
 [ "$(uci show rpcd | grep wginstaller)" ] && exit 0
 uci show rpcd | grep -q wginstaller && exit 0

 # install wginstaller user with standard credentials
 # user: wginstaller
@ -10,7 +10,7 @@ uci add rpcd login
 uci set rpcd.@login[-1].username='wginstaller'

 password=$(uhttpd -m wginstaller)
 uci set rpcd.@login[-1].password=$password
 uci set rpcd.@login[-1].password="$password"
 uci add_list rpcd.@login[-1].read='wginstaller'
 uci add_list rpcd.@login[-1].write='wginstaller'
 uci commit rpcd
--- a/net/wg-installer/wg-server/lib/wg_functions.sh
+++ b/net/wg-installer/wg-server/lib/wg_functions.sh
@ -1,13 +1,15 @@
 #!/bin/sh

 . /usr/share/libubox/jshn.sh
 . /usr/share/wginstaller/wg.sh

 wg_timeout () {
 	local int=$1

 	handshake=$(wg show $int latest-handshakes | awk '{print $2}')
 	handshake=$(wg show "$int" latest-handshakes | awk '{print $2}')
 	timeout=$(uci get wgserver.@server[0].timeout_handshake)

 	if [ $handshake -ge $timeout ]; then
 	if [ "$handshake" -ge "$timeout" ]; then
 		echo "1"
 	else
 		echo "0"
@ -16,23 +18,23 @@ wg_timeout () {

 wg_check_interface () {
 	local int=$1
 	if [ $(wg_timeout $int) -eq "1" ]; then
 		ip link del dev $int
 	if [ "$(wg_timeout "$int")" -eq "1" ]; then
 		ip link del dev "$int"
 	fi
 }

 wg_check_interfaces () {
 	wg_interfaces=$(wg show interfaces)
 	for interface in $wg_interfaces; do
 		wg_check_interface $interface
 		wg_check_interface "$interface"
 	done
 }

 wg_get_usage () {
 	num_interfaces=$(wg show interfaces | wc -w)
 	json_init
 	json_add_int "num_interfaces" $num_interfaces
 	echo $(json_dump)
 	json_add_int "num_interfaces" "$num_interfaces"
 	json_dump
 }

 wg_register () {
@ -40,52 +42,52 @@ wg_register () {
 	local mtu=$2
 	local public_key=$3

 	base_prefix=$(uci get wgserver.@server[0].base_prefix)
 	base_prefix_ipv6=$(uci get wgserver.@server[0].base_prefix_ipv6)
 	port_start=$(uci get wgserver.@server[0].port_start)
 	port_end=$(uci get wgserver.@server[0].port_end)

 	port=$(next_port $port_start $port_end)
 	port=$(next_port "$port_start" "$port_end")
 	ifname="wg_$port"

 	offset=$(($port - $port_start))
 	gw_ip=$(owipcalc $base_prefix add $offset next 128) # gateway ip
 	gw_ip_assign="${gw_ip}/128"
 	offset=$((port - port_start))
 	gw_ipv6=$(owipcalc "$base_prefix_ipv6" add "$offset" next 128) # gateway ip
 	gw_ipv6_assign="${gw_ipv6}/128"

 	gw_key=$(uci get wgserver.@server[0].wg_key)
 	gw_pub=$(uci get wgserver.@server[0].wg_pub)

 	if [ $(uci get wgserver.@server[0].wg_tmp_key) -eq 1 ]; then
 	if [ "$(uci get wgserver.@server[0].wg_tmp_key)" -eq 1 ]; then
 		[ -d "/tmp/run/wgserver" ] || mkdir -p /tmp/run/wgserver
 		gw_key="/tmp/run/wgserver/${ifname}.key"
 		gw_pub="/tmp/run/wgserver/${ifname}.pub"
 		wg genkey | tee $gw_key | wg pubkey > $gw_pub
 		wg genkey | tee "$gw_key" | wg pubkey > "$gw_pub"
 	fi
 	wg_server_pubkey=$(cat $gw_pub)
 	wg_server_pubkey=$(cat "$gw_pub")

 	# create wg tunnel
 	ip link add dev $ifname type wireguard
 	wg set $ifname listen-port $port private-key $gw_key peer $public_key allowed-ips 0.0.0.0/0,::0/0
 	ip -6 addr add $gw_ip_assign dev $ifname
 	ip -6 addr add fe80::1/64 dev $ifname
 	ip link add dev "$ifname" type wireguard
 	wg set "$ifname" listen-port "$port" private-key "$gw_key" peer "$public_key" allowed-ips 0.0.0.0/0,::0/0
 	ip -6 addr add "$gw_ipv6_assign" dev "$ifname"
 	ip -6 addr add fe80::1/64 dev "$ifname"

 	v4prefix=$(uci get wgserver.@server[0].base_v4prefix)
 	base_prefix_ipv4=$(uci get wgserver.@server[0].base_prefix_ipv4)
 	if [ $? -eq 0 ]; then
 		gw_ipv4=$(owipcalc $v4prefix add $offset next 32) # gateway ip
 		gw_ipv4=$(owipcalc "$base_prefix_ipv4" add "$offset" next 32) # gateway ip
 		gw_ipv4_assign="${gw_ipv4}/32"
 		ip addr add $gw_ipv4_assign broadcast 255.255.255.255 dev $ifname
 		ip addr add "$gw_ipv4_assign" broadcast 255.255.255.255 dev "$ifname"
 	fi

 	ip link set up dev $ifname
 	ip link set mtu $mtu dev $ifname
 	ip link set up dev "$ifname"
 	ip link set mtu "$mtu" dev "$ifname"

 	# craft return address
 	json_init
 	json_add_string "pubkey" $wg_server_pubkey
 	json_add_string "gw_ip" $gw_ip_assign
 	json_add_string "gw_pubkey" "$wg_server_pubkey"
 	if test -n "${gw_ipv4_assign-}"; then
 		json_add_string "gw_ipv4" $gw_ipv4_assign
 		json_add_string "gw_ipv4" "$gw_ipv4_assign"
 	fi
 	json_add_int "port" $port
 	json_add_string "gw_ipv6" "$gw_ipv6_assign"
 	json_add_int "gw_port" "$port"

 	echo $(json_dump)
 	json_dump
 }
--- a/net/wg-installer/wg-server/wginstaller.sh
+++ b/net/wg-installer/wg-server/wginstaller.sh
@ -6,26 +6,25 @@
 case "$1" in
 list)
 	cmd='{ "get_usage": {},'
 	cmd=$(echo $cmd ' "register": {"uplink_bw":"10", "mtu":"1400", "public_key": "xyz"} }')
 	echo $cmd
 	cmd=$(echo "$cmd" ' "register": {"mtu":"1400", "public_key": "xyz"} }')
 	echo "$cmd"
 	;;
 call)
 	case "$2" in
 	get_usage)
 		read input
 		read -r input
 		logger -t "wginstaller" "call" "$2" "$input"
 		wg_get_usage
 		;;
 	register)
 		read input
 		read -r input
 		logger -t "wginstaller" "call" "$2" "$input"

 		json_load "$input"
 		json_get_var uplink_bw uplink_bw
 		json_get_var mtu mtu
 		json_get_var public_key public_key

 		wg_register $uplink_bw $mtu $public_key
 		wg_register "$uplink_bw" "$mtu" "$public_key"
 		;;
 	esac
 	;;