nuno bu gisti düzenledi 1 month ago. Düzenlemeye git
1 file changed, 55 insertions
gistfile1.txt(dosya oluşturuldu)
| @@ -0,0 +1,55 @@ | |||
| 1 | + | function cmd::peer::update_tunnel() { | |
| 2 | + | local name="" type="" all=false mode="" force=false | |
| 3 | + | ||
| 4 | + | while [[ $# -gt 0 ]]; do | |
| 5 | + | case "$1" in | |
| 6 | + | --name) name="$2"; shift 2 ;; | |
| 7 | + | --type) type="$2"; shift 2 ;; | |
| 8 | + | --all) all=true; shift ;; | |
| 9 | + | --mode) mode="$2"; shift 2 ;; | |
| 10 | + | --force) force=true; shift ;; | |
| 11 | + | --help) cmd::peer::help; return ;; | |
| 12 | + | *) log::error "Unknown flag: $1"; return 1 ;; | |
| 13 | + | esac | |
| 14 | + | done | |
| 15 | + | ||
| 16 | + | [[ -z "$name" && "$all" == "false" ]] && \ | |
| 17 | + | log::error "Specify --name or --all" && return 1 | |
| 18 | + | [[ -z "$mode" ]] && \ | |
| 19 | + | log::error "Missing required flag: --mode (split|full)" && return 1 | |
| 20 | + | [[ "$mode" != "split" && "$mode" != "full" ]] && \ | |
| 21 | + | log::error "Invalid mode: ${mode} (must be split or full)" && return 1 | |
| 22 | + | ||
| 23 | + | local allowed_ips | |
| 24 | + | allowed_ips=$(config::allowed_ips_for "$mode") | |
| 25 | + | ||
| 26 | + | # Collect target peers | |
| 27 | + | local peers=() | |
| 28 | + | if $all; then | |
| 29 | + | if ! $force; then | |
| 30 | + | read -r -p "Update tunnel mode to '${mode}' for ALL peers? [y/N] " confirm | |
| 31 | + | case "$confirm" in [yY]*) ;; *) log::info "Aborted"; return 0 ;; esac | |
| 32 | + | fi | |
| 33 | + | while IFS= read -r conf; do | |
| 34 | + | peers+=("$(basename "$conf" .conf)") | |
| 35 | + | done < <(find "$(ctx::clients)" -name "*.conf" 2>/dev/null) | |
| 36 | + | else | |
| 37 | + | name=$(peers::resolve_and_require "$name" "$type") || return 1 | |
| 38 | + | peers=("$name") | |
| 39 | + | fi | |
| 40 | + | ||
| 41 | + | local updated=0 | |
| 42 | + | for peer_name in "${peers[@]}"; do | |
| 43 | + | local conf | |
| 44 | + | conf="$(ctx::clients)/${peer_name}.conf" | |
| 45 | + | [[ ! -f "$conf" ]] && continue | |
| 46 | + | ||
| 47 | + | # Replace AllowedIPs line in-place | |
| 48 | + | sed -i "s|^AllowedIPs = .*|AllowedIPs = ${allowed_ips}|" "$conf" | |
| 49 | + | (( updated++ )) || true | |
| 50 | + | log::debug "Updated tunnel for: ${peer_name}" | |
| 51 | + | done | |
| 52 | + | ||
| 53 | + | log::wg_success "Updated tunnel to '${mode}' (${allowed_ips}) for ${updated} peer(s)" | |
| 54 | + | log::wg "Peers must reconnect to apply the new tunnel mode" | |
| 55 | + | } | |
Daha yeni
Daha eski