From 23ed7562871c13861b9513e874772ea9090817be Mon Sep 17 00:00:00 2001
From: nemunaire <nemunaire@nemunai.re>
Date: Thu, 28 Mar 2019 23:54:01 +0100
Subject: [PATCH] wg: new package

---
 pkg/wg/Dockerfile | 19 +++++++++++++++++++
 pkg/wg/ask.sh     | 32 ++++++++++++++++++++++++++++++++
 pkg/wg/build.yml  |  6 ++++++
 3 files changed, 57 insertions(+)
 create mode 100644 pkg/wg/Dockerfile
 create mode 100755 pkg/wg/ask.sh
 create mode 100644 pkg/wg/build.yml

diff --git a/pkg/wg/Dockerfile b/pkg/wg/Dockerfile
new file mode 100644
index 0000000..da93fce
--- /dev/null
+++ b/pkg/wg/Dockerfile
@@ -0,0 +1,19 @@
+FROM linuxkit/alpine:518c2ed0f398c5508969ac5e033607201fb419ed AS mirror
+
+RUN mkdir -p /out/etc/apk /out/usr/bin && cp -r /etc/apk/* /out/etc/apk/
+RUN apk add --no-cache --initdb -p /out \
+    alpine-baselayout \
+    busybox \
+    curl \
+    iproute2 \
+    wireguard-tools
+
+# Remove apk residuals
+RUN rm -rf /out/etc/apk /out/lib/apk /out/var/cache
+
+FROM scratch
+ENTRYPOINT []
+CMD []
+WORKDIR /
+COPY --from=mirror /out/ /
+COPY ask.sh /usr/bin/
diff --git a/pkg/wg/ask.sh b/pkg/wg/ask.sh
new file mode 100755
index 0000000..1a2ab1c
--- /dev/null
+++ b/pkg/wg/ask.sh
@@ -0,0 +1,32 @@
+#!/bin/sh
+
+# /proc/cmdline parser (from Gentoo Wiki)
+cmdline() {
+    local value
+    value=" $(cat /proc/cmdline) "
+    value="${value#* $1=}"
+    value="${value%% *}"
+    [ "$value" != "" ] && echo "$value"
+}
+
+mkdir -p /etc/wireguard/
+WGTOKEN=$(cmdline adlin.token)
+[ -z "${WGTOKEN}" ] && [ -f "/etc/wireguard/adlin.token" ] && WGTOKEN=$(cat /etc/wireguard/adlin.token)
+[ -z "${WGTOKEN}" ] && {
+    echo -n "You didn't define your token to connect the network. Please copy it here now: "
+    read WGTOKEN
+}
+[ -f "/etc/wireguard/adlin.conf" ] && WGPRVKEY=$(sed 's/^.*PrivateKey *= *//p;d' /etc/wireguard/adlin.conf)
+[ -z "${WGPRVKEY}" ] && WGPRVKEY=$(/usr/bin/wg genkey)
+WGPUBKEY=$(echo $WGPRVKEY | /usr/bin/wg pubkey)
+while ! { echo -e "[Interface]\nPrivateKey = ${WGPRVKEY}"; /usr/bin/curl -f -d '{"pubkey": "'$WGPUBKEY'"}' https://adlin.nemunai.re/api/wg/$(echo -n "$WGTOKEN" | /usr/bin/sha512sum | /usr/bin/cut -d ' ' -f 1); } > /etc/wireguard/adlin.conf
+do
+    exit 1
+done
+echo -n "${WGTOKEN}" > /etc/wireguard/adlin.token
+/sbin/ip link add dev wg0 type wireguard
+/usr/bin/wg setconf wg0 /etc/wireguard/adlin.conf
+/sbin/ip address add dev wg0 $(sed 's/^.*MyIPv6=//p;d' /etc/wireguard/adlin.conf)
+/sbin/ip link set up dev wg0
+/sbin/ip -6 route del default
+/sbin/ip -6 route add default via $(sed 's/^.*GWIPv6=//p;d' /etc/wireguard/adlin.conf) pref high
diff --git a/pkg/wg/build.yml b/pkg/wg/build.yml
new file mode 100644
index 0000000..517ecaa
--- /dev/null
+++ b/pkg/wg/build.yml
@@ -0,0 +1,6 @@
+image: wg
+network: true
+config:
+  capabilities:
+    - CAP_NET_ADMIN
+    - CAP_NET_RAW