gistfile1.txt
· 1.8 KiB · Text
Brut
function cmd::peer::update_tunnel() {
local name="" type="" all=false mode="" force=false
while [[ $# -gt 0 ]]; do
case "$1" in
--name) name="$2"; shift 2 ;;
--type) type="$2"; shift 2 ;;
--all) all=true; shift ;;
--mode) mode="$2"; shift 2 ;;
--force) force=true; shift ;;
--help) cmd::peer::help; return ;;
*) log::error "Unknown flag: $1"; return 1 ;;
esac
done
[[ -z "$name" && "$all" == "false" ]] && \
log::error "Specify --name or --all" && return 1
[[ -z "$mode" ]] && \
log::error "Missing required flag: --mode (split|full)" && return 1
[[ "$mode" != "split" && "$mode" != "full" ]] && \
log::error "Invalid mode: ${mode} (must be split or full)" && return 1
local allowed_ips
allowed_ips=$(config::allowed_ips_for "$mode")
# Collect target peers
local peers=()
if $all; then
if ! $force; then
read -r -p "Update tunnel mode to '${mode}' for ALL peers? [y/N] " confirm
case "$confirm" in [yY]*) ;; *) log::info "Aborted"; return 0 ;; esac
fi
while IFS= read -r conf; do
peers+=("$(basename "$conf" .conf)")
done < <(find "$(ctx::clients)" -name "*.conf" 2>/dev/null)
else
name=$(peers::resolve_and_require "$name" "$type") || return 1
peers=("$name")
fi
local updated=0
for peer_name in "${peers[@]}"; do
local conf
conf="$(ctx::clients)/${peer_name}.conf"
[[ ! -f "$conf" ]] && continue
# Replace AllowedIPs line in-place
sed -i "s|^AllowedIPs = .*|AllowedIPs = ${allowed_ips}|" "$conf"
(( updated++ )) || true
log::debug "Updated tunnel for: ${peer_name}"
done
log::wg_success "Updated tunnel to '${mode}' (${allowed_ips}) for ${updated} peer(s)"
log::wg "Peers must reconnect to apply the new tunnel mode"
}
| 1 | function cmd::peer::update_tunnel() { |
| 2 | local name="" type="" all=false mode="" force=false |
| 3 | |
| 4 | while [[ $# -gt 0 ]]; do |
| 5 | case "$1" in |
| 6 | --name) name="$2"; shift 2 ;; |
| 7 | --type) type="$2"; shift 2 ;; |
| 8 | --all) all=true; shift ;; |
| 9 | --mode) mode="$2"; shift 2 ;; |
| 10 | --force) force=true; shift ;; |
| 11 | --help) cmd::peer::help; return ;; |
| 12 | *) log::error "Unknown flag: $1"; return 1 ;; |
| 13 | esac |
| 14 | done |
| 15 | |
| 16 | [[ -z "$name" && "$all" == "false" ]] && \ |
| 17 | log::error "Specify --name or --all" && return 1 |
| 18 | [[ -z "$mode" ]] && \ |
| 19 | log::error "Missing required flag: --mode (split|full)" && return 1 |
| 20 | [[ "$mode" != "split" && "$mode" != "full" ]] && \ |
| 21 | log::error "Invalid mode: ${mode} (must be split or full)" && return 1 |
| 22 | |
| 23 | local allowed_ips |
| 24 | allowed_ips=$(config::allowed_ips_for "$mode") |
| 25 | |
| 26 | # Collect target peers |
| 27 | local peers=() |
| 28 | if $all; then |
| 29 | if ! $force; then |
| 30 | read -r -p "Update tunnel mode to '${mode}' for ALL peers? [y/N] " confirm |
| 31 | case "$confirm" in [yY]*) ;; *) log::info "Aborted"; return 0 ;; esac |
| 32 | fi |
| 33 | while IFS= read -r conf; do |
| 34 | peers+=("$(basename "$conf" .conf)") |
| 35 | done < <(find "$(ctx::clients)" -name "*.conf" 2>/dev/null) |
| 36 | else |
| 37 | name=$(peers::resolve_and_require "$name" "$type") || return 1 |
| 38 | peers=("$name") |
| 39 | fi |
| 40 | |
| 41 | local updated=0 |
| 42 | for peer_name in "${peers[@]}"; do |
| 43 | local conf |
| 44 | conf="$(ctx::clients)/${peer_name}.conf" |
| 45 | [[ ! -f "$conf" ]] && continue |
| 46 | |
| 47 | # Replace AllowedIPs line in-place |
| 48 | sed -i "s|^AllowedIPs = .*|AllowedIPs = ${allowed_ips}|" "$conf" |
| 49 | (( updated++ )) || true |
| 50 | log::debug "Updated tunnel for: ${peer_name}" |
| 51 | done |
| 52 | |
| 53 | log::wg_success "Updated tunnel to '${mode}' (${allowed_ips}) for ${updated} peer(s)" |
| 54 | log::wg "Peers must reconnect to apply the new tunnel mode" |
| 55 | } |