最後活躍 1 month ago

修訂 47bb52f392fb9cbed89eb85d1687d95dea069da0

gistfile1.txt 原始檔案
1function cmd::peer::update_tunnel() {
2 local name="" type="" all=false mode="" force=false
3
4 while [[ $# -gt 0 ]]; do
5 case "$1" in
6 --name) name="$2"; shift 2 ;;
7 --type) type="$2"; shift 2 ;;
8 --all) all=true; shift ;;
9 --mode) mode="$2"; shift 2 ;;
10 --force) force=true; shift ;;
11 --help) cmd::peer::help; return ;;
12 *) log::error "Unknown flag: $1"; return 1 ;;
13 esac
14 done
15
16 [[ -z "$name" && "$all" == "false" ]] && \
17 log::error "Specify --name or --all" && return 1
18 [[ -z "$mode" ]] && \
19 log::error "Missing required flag: --mode (split|full)" && return 1
20 [[ "$mode" != "split" && "$mode" != "full" ]] && \
21 log::error "Invalid mode: ${mode} (must be split or full)" && return 1
22
23 local allowed_ips
24 allowed_ips=$(config::allowed_ips_for "$mode")
25
26 # Collect target peers
27 local peers=()
28 if $all; then
29 if ! $force; then
30 read -r -p "Update tunnel mode to '${mode}' for ALL peers? [y/N] " confirm
31 case "$confirm" in [yY]*) ;; *) log::info "Aborted"; return 0 ;; esac
32 fi
33 while IFS= read -r conf; do
34 peers+=("$(basename "$conf" .conf)")
35 done < <(find "$(ctx::clients)" -name "*.conf" 2>/dev/null)
36 else
37 name=$(peers::resolve_and_require "$name" "$type") || return 1
38 peers=("$name")
39 fi
40
41 local updated=0
42 for peer_name in "${peers[@]}"; do
43 local conf
44 conf="$(ctx::clients)/${peer_name}.conf"
45 [[ ! -f "$conf" ]] && continue
46
47 # Replace AllowedIPs line in-place
48 sed -i "s|^AllowedIPs = .*|AllowedIPs = ${allowed_ips}|" "$conf"
49 (( updated++ )) || true
50 log::debug "Updated tunnel for: ${peer_name}"
51 done
52
53 log::wg_success "Updated tunnel to '${mode}' (${allowed_ips}) for ${updated} peer(s)"
54 log::wg "Peers must reconnect to apply the new tunnel mode"
55}