65 lines
1.6 KiB
Bash
65 lines
1.6 KiB
Bash
#!/bin/bash
|
|
##--------------admin to setup the hooks of the repo
|
|
# Copy hooks to .git/hooks
|
|
cp scripts/hooks/* .git/hooks/
|
|
|
|
# Make the pre-commit hook executable
|
|
chmod +x .git/hooks/pre-commit
|
|
##-----------------
|
|
|
|
|
|
# Source the environment file
|
|
source envfile
|
|
|
|
# Extract variable names from the environment file
|
|
required_vars=$(grep -o '^[^#]*' envfile | cut -d= -f1)
|
|
|
|
# Check each required variable
|
|
for var in ${required_vars}; do
|
|
if [ -z "${!var}" ]; then
|
|
echo "Error: $var is not set in the environment file."
|
|
exit 1
|
|
fi
|
|
done
|
|
|
|
# Update the system
|
|
sudo apt update && sudo apt upgrade -y
|
|
|
|
# Install WireGuard
|
|
sudo apt install wireguard -y
|
|
|
|
# Generate key pairs
|
|
sudo wg genkey | sudo tee /etc/wireguard/privatekey | sudo wg pubkey > /etc/wireguard/publickey
|
|
|
|
# Create the WireGuard configuration file
|
|
cat << EOF | sudo tee /etc/wireguard/wg0.conf
|
|
[Interface]
|
|
Address = 10.0.0.1/24
|
|
PrivateKey = $(sudo cat /etc/wireguard/privatekey)
|
|
|
|
[Peer]
|
|
PublicKey = ${PEER1_PUBLIC_KEY}
|
|
AllowedIPs = 10.0.0.2/32
|
|
EOF
|
|
|
|
# Enable IP forwarding
|
|
sudo sysctl -w net.ipv4.ip_forward=1
|
|
echo 'net.ipv4.ip_forward=1' | sudo tee -a /etc/sysctl.conf
|
|
|
|
# Set up firewall rules
|
|
sudo iptables -A FORWARD -i wg0 -j ACCEPT
|
|
sudo iptables -A FORWARD -o wg0 -j ACCEPT
|
|
sudo iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
|
|
sudo iptables-save | sudo tee /etc/iptables/rules.v4
|
|
|
|
# Start and enable the WireGuard service
|
|
sudo systemctl start wg-quick@wg0
|
|
sudo systemctl enable wg-quick@wg0
|
|
|
|
echo "WireGuard server setup complete!"
|
|
|
|
# Check WireGuard status every second for 30 seconds
|
|
for i in {1..30}; do
|
|
sudo wg
|
|
sleep 1
|
|
done |