diff --git a/conf/wireguard@.path b/conf/wireguard@.path new file mode 100644 index 0000000..018f3a0 --- /dev/null +++ b/conf/wireguard@.path @@ -0,0 +1,8 @@ +[Unit] +Description=Watch WireGuard %I.conf for changes + +[Path] +PathModified=/etc/wireguard/%I.conf + +[Install] +WantedBy=multi-user.target diff --git a/conf/wireguard@.service b/conf/wireguard@.service new file mode 100644 index 0000000..4dcb7f0 --- /dev/null +++ b/conf/wireguard@.service @@ -0,0 +1,13 @@ +[Unit] +Description=WireGuard on %I +After=network-online.target nss-lookup.target +Wants=network-online.target nss-lookup.target + +[Service] +Type=oneshot +RemainAfterExit=yes +ExecStart=/bin/systemctl restart wg-quick@%I.service +ExecStop=/bin/systemctl stop wg-quick@%I.service + +[Install] +WantedBy=multi-user.target diff --git a/conf/wireguard_ui_conf.path b/conf/wireguard_ui_conf.path deleted file mode 100644 index 8c89c4e..0000000 --- a/conf/wireguard_ui_conf.path +++ /dev/null @@ -1,8 +0,0 @@ -[Unit] -Description=Watch WireGuard wg0.conf for changes - -[Path] -PathModified=/etc/wireguard/wg0.conf - -[Install] -WantedBy=multi-user.target diff --git a/conf/wireguard_ui_conf.service b/conf/wireguard_ui_conf.service deleted file mode 100644 index 8e3481c..0000000 --- a/conf/wireguard_ui_conf.service +++ /dev/null @@ -1,8 +0,0 @@ -[Unit] -Description=WireGuard restart -After=network.target - -[Service] -Type=oneshot -User=root -ExecStart=systemctl restart wg-quick@wg0.service diff --git a/scripts/backup b/scripts/backup index 1d54546..7549c0a 100644 --- a/scripts/backup +++ b/scripts/backup @@ -55,8 +55,8 @@ ynh_backup --src_path="/etc/nginx/conf.d/$domain.d/$app.conf" #================================================= ynh_backup --src_path=/etc/systemd/system/wireguard_ui.service -ynh_backup --src_path=/etc/systemd/system/wireguard_ui_conf.path -ynh_backup --src_path=/etc/systemd/system/wireguard_ui_conf.service +ynh_backup --src_path=/etc/systemd/system/wireguard@.path +ynh_backup --src_path=/etc/systemd/system/wireguard@.service #================================================= # BACKUP VARIOUS FILES diff --git a/scripts/install b/scripts/install index f277d2e..05f904e 100644 --- a/scripts/install +++ b/scripts/install @@ -147,12 +147,12 @@ ynh_script_progression --message="Configuring a systemd service..." --weight=1 ynh_add_systemd_config --service=wireguard_ui --template=wireguard_ui.service # Create a dedicated systemd config for monitoring WireGuard's configuration -cp ../conf/wireguard_ui_conf.path /etc/systemd/system/wireguard_ui_conf.path -systemctl enable --quiet wireguard_ui_conf.path +cp ../conf/wireguard@.path /etc/systemd/system/wireguard@.path +systemctl enable --quiet wireguard@wg0.path -# Create a dedicated systemd config for restarting WireGuard when its configuration changes -ynh_add_systemd_config --service=wireguard_ui_conf --template=wireguard_ui_conf.service -systemctl enable --quiet wireguard_ui_conf.service +# Create a dedicated systemd config for WireGuard +cp ../conf/wireguard@.service /etc/systemd/system/wireguard@.service +systemctl enable --quiet wireguard@wg0.service #================================================= # GENERIC FINALIZATION @@ -174,7 +174,7 @@ chown -R $app: /etc/wireguard #================================================= ynh_script_progression --message="Integrating service in YunoHost..." --weight=1 -yunohost service add wg-quick@wg0 --description="WireGuard VPN" --needs_exposed_ports="$port_wg" --test_status="wg show | grep wg0" +yunohost service add wireguard@wg0 --description="WireGuard VPN" --needs_exposed_ports="$port_wg" --test_status="wg show | grep wg0" yunohost service add wireguard_ui --description="WireGuard UI" #================================================= @@ -185,14 +185,6 @@ ynh_script_progression --message="Starting the systemd service for the UI..." -- # Start a systemd service ynh_systemd_action --service_name=wireguard_ui --action="start" --line_match="http server started" --log_path="systemd" --timeout=30 -#================================================= -# START VPN SYSTEMD SERVICE -#================================================= -ynh_script_progression --message="Starting the systemd service for the VPN..." --weight=1 - -# Start and enable a systemd service -systemctl enable --now --quiet wg-quick@wg0 - #================================================= # SETUP SSOWAT #================================================= diff --git a/scripts/remove b/scripts/remove index 28162e9..d974789 100644 --- a/scripts/remove +++ b/scripts/remove @@ -35,10 +35,10 @@ then yunohost service remove wireguard_ui fi -if ynh_exec_warn_less yunohost service status wg-quick@wg0 >/dev/null +if ynh_exec_warn_less yunohost service status wireguard@wg0 >/dev/null then ynh_script_progression --message="Removing WireGuard service integration..." --weight=1 - yunohost service remove wg-quick@wg0 + yunohost service remove wireguard@wg0 fi #================================================= @@ -47,13 +47,14 @@ fi ynh_script_progression --message="Stopping and removing the systemd service..." --weight=1 # YunoHost does not handle services not ending with .service, let's remove it manually -systemctl stop wireguard_ui_conf.path -systemctl disable wireguard_ui_conf.path --quiet -ynh_secure_remove --file="/etc/systemd/system/wireguard_ui_conf.path" -systemctl daemon-reload +systemctl stop wireguard@wg0.path +systemctl disable wireguard@wg0.path --quiet +ynh_secure_remove --file="/etc/systemd/system/wireguard@.path" + +systemctl stop wireguard@wg0.service +systemctl disable wireguard@wg0.service --quiet +ynh_secure_remove --file="/etc/systemd/system/wireguard@.service" -# Remove the dedicated systemd configs -ynh_remove_systemd_config --service=wireguard_ui_conf ynh_remove_systemd_config --service=wireguard_ui #================================================= diff --git a/scripts/restore b/scripts/restore index 27e1204..e9787ad 100644 --- a/scripts/restore +++ b/scripts/restore @@ -110,19 +110,19 @@ ynh_remove_extra_repo --name=$app ynh_script_progression --message="Restoring the systemd configuration..." --weight=1 ynh_restore_file --origin_path=/etc/systemd/system/wireguard_ui.service -ynh_restore_file --origin_path=/etc/systemd/system/wireguard_ui_conf.path -ynh_restore_file --origin_path=/etc/systemd/system/wireguard_ui_conf.service +ynh_restore_file --origin_path=/etc/systemd/system/wireguard@.path +ynh_restore_file --origin_path=/etc/systemd/system/wireguard@.service systemctl enable --quiet wireguard_ui.service -systemctl enable --quiet wireguard_ui_conf.path -systemctl enable --quiet wireguard_ui_conf.service +systemctl enable --quiet wireguard@wg0.path +systemctl enable --quiet wireguard@wg0.service #================================================= # INTEGRATE SERVICE IN YUNOHOST #================================================= ynh_script_progression --message="Integrating service in YunoHost..." --weight=1 -yunohost service add wg-quick@wg0 --description="WireGuard VPN" --needs_exposed_ports="$port_wg" --test_status="wg show | grep wg0" +yunohost service add wireguard@wg0 --description="WireGuard VPN" --needs_exposed_ports="$port_wg" --test_status="wg show | grep wg0" yunohost service add wireguard_ui --description="WireGuard UI" #================================================= @@ -138,14 +138,6 @@ ynh_script_progression --message="Starting the systemd service for the UI..." -- ynh_systemd_action --service_name=wireguard_ui --action="start" --line_match="http server started" --log_path="systemd" --timeout=30 -#================================================= -# START VPN SYSTEMD SERVICE -#================================================= -ynh_script_progression --message="Starting the systemd service for the VPN..." --weight=1 - -# Start and enable a systemd service -systemctl enable --now --quiet wg-quick@wg0 - #================================================= # GENERIC FINALIZATION #================================================= diff --git a/scripts/upgrade b/scripts/upgrade index 1e0fe4a..9819b7d 100644 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -98,11 +98,15 @@ if [ -f "/etc/sudoers.d/${app}_ynh" ]; then fi # Remove deprecated services -if systemctl list-units --full -all | grep -Fq "wireguard.path"; then - systemctl disable --now --quiet wireguard.path - ynh_secure_remove --file="/etc/systemd/system/wireguard.path" +if systemctl list-units --full -all | grep -Fq "wireguard_ui_conf.path"; then + systemctl disable --now --quiet wireguard_ui_conf.path + ynh_secure_remove --file="/etc/systemd/system/wireguard_ui_conf.path" +fi +if systemctl list-units --full -all | grep -Fq "wireguard_ui_conf.service"; then + systemctl disable --now --quiet wireguard_ui_conf.service + ynh_secure_remove --file="/etc/systemd/system/wireguard_ui_conf.service" + yunohost service remove wireguard_ui_conf fi -ynh_remove_systemd_config --service="wireguard.service" #================================================= # STANDARD UPGRADE STEPS @@ -112,7 +116,7 @@ ynh_remove_systemd_config --service="wireguard.service" ynh_script_progression --message="Stopping a systemd service..." --weight=1 ynh_systemd_action --service_name=wireguard_ui --action="stop" --line_match="Stopped WireGuard UI" --log_path="systemd" --timeout=30 -ynh_systemd_action --service_name=wg-quick@wg0 --action="stop" --line_match="Stopped WireGuard via wg-quick(8) for wg0." --log_path="systemd" --timeout=30 +ynh_systemd_action --service_name=wireguard@wg0 --action="stop" #================================================= # DOWNLOAD, CHECK AND UNPACK SOURCE @@ -175,12 +179,12 @@ ynh_script_progression --message="Upgrading systemd configuration..." --weight=1 ynh_add_systemd_config --service=wireguard_ui --template=wireguard_ui.service # Create a dedicated systemd config for monitoring WireGuard's configuration -cp ../conf/wireguard_ui_conf.path /etc/systemd/system/wireguard_ui_conf.path -systemctl enable --quiet wireguard_ui_conf.path +cp ../conf/wireguard@.path /etc/systemd/system/wireguard@.path +systemctl enable --quiet wireguard@wg0.path # Create a dedicated systemd config for restarting WireGuard when its configuration changes -ynh_add_systemd_config --service=wireguard_ui_conf --template=wireguard_ui_conf.service -systemctl enable --quiet wireguard_ui_conf.service +cp ../conf/wireguard@.service /etc/systemd/system/wireguard@.service +systemctl enable --quiet wireguard@wg0.service #================================================= # CONFIGURING WIREGUARD @@ -213,7 +217,7 @@ chown -R $app: /etc/wireguard #================================================= ynh_script_progression --message="Integrating service in YunoHost..." --weight=1 -yunohost service add wg-quick@wg0 --description="WireGuard VPN" --needs_exposed_ports="$port_wg" --test_status="wg show | grep wg0" +yunohost service add wireguard@wg0 --description="WireGuard VPN" --needs_exposed_ports="$port_wg" --test_status="wg show | grep wg0" yunohost service add wireguard_ui --description="WireGuard UI" #================================================= @@ -224,14 +228,6 @@ ynh_script_progression --message="Starting the systemd service for the UI..." -- # Start a systemd service ynh_systemd_action --service_name=wireguard_ui --action="start" --line_match="http server started" --log_path="systemd" --timeout=30 -#================================================= -# START VPN SYSTEMD SERVICE -#================================================= -ynh_script_progression --message="Starting the systemd service for the VPN..." --weight=1 - -# Start and enable a systemd service -systemctl enable --now --quiet wg-quick@wg0 - #================================================= # RELOAD NGINX #=================================================