shell_sequencer/seqs/wireguard.sh

#!/bin/bash

readonly toolName=wireguard
readonly toolDefaultConf=wg0
readonly toolService=wg-quick@$toolDefaultConf

step_1_info() { echo "Prepare installation of $toolName"; }
step_1_alias() { echo "setup"; }
step_1() {
  exe apt install raspberrypi-kernel-headers
  endReturn "Installation of kernel headers failed"
  addConf -s "deb http://deb.debian.org/debian/ unstable main" "/etc/apt/sources.list.d/unstable.list"
  exep "wget -O - https://ftp-master.debian.org/keys/archive-key-$(lsb_release -sr).asc | sudo apt-key add -"
  addConf -s "$pinEntry" "/etc/apt/preferences.d/limit-unstable"
  exe apt update
}
pinEntry="Package: *
Pin: release a=unstable
Pin-Priority: 150"

step_2_info() { echo "Installing $toolName"; }
step_2_alias() { echo "install"; }
step_2() {
  local aptOpt=""
  if quiet ; then
    aptOpt="-y"
  fi
  exe apt install $toolName $aptOpt
}

step_3_info() {
  echo "Enable ipv4 forwarding to allow local access via VPN"
  echoinfo "(may be skipped)"
}
step_3_alias() { echo "ipv4"; }
step_3() {
  exe perl -pi -e 's/#{1,}?net.ipv4.ip_forward ?= ?(0|1)/net.ipv4.ip_forward = 1/g' /etc/sysctl.conf
}

step_4_info() { echo "Reboot to make changes active"; }
step_4() {
  exe reboot
}

step_10_info() { echo "Start default configuration $toolDefaultConf"; }
step_10_alias() { echo "start"; }
step_10() {
  exe wg-quick up wg0
}

step_12_info() { echo "Stop default configuration $toolDefaultConf"; }
step_12_alias() { echo "stop"; }
step_12() {
  exe wg-quick down wg0
}

step_14_info() { echo "Enable default configuration $defaultConfLoc"; }
step_14_alias() { echo "enable"; }
step_14() {
  if [ ! -r "$defaultConfLoc" ] ; then
    endReturn -o 1 "Default configuration \"$defaultConfLoc\" not found"
  fi
  exe systemctl enable wg-quick@wg0
}
defaultConfLoc="/etc/$toolName/$toolDefaultConf.conf"

# shellcheck disable=SC2034 # Appears unused
readonly sqr_minVersion=16
# shellcheck disable=SC1091 # Don't follow this source
. /usr/local/bin/sequencer.sh