YunoHost-Apps/wireguard_ynh
1
0
Fork 0
mirror of https://github.com/YunoHost-Apps/wireguard_ynh.git synced 2024-09-03 20:35:58 +02:00
Code Issues Activity Actions

User directive in WireGuard service

Browse source
This commit is contained in:
tituspijean 2021-01-11 22:20:30 +01:00
parent 823fe2e97e
commit c7c7cd7e3f
7 changed files with 28 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
conf/sudoers.conf Normal file
View file

@ -0,0 +1,3 @@
Cmnd_Alias WIREGUARDSERVICE = /bin/systemctl restart wg-quick@wg0.service
__USER__ ALL = NOPASSWD: WIREGUARDSERVICE

2
conf/wireguard.service
View file

@ -4,4 +4,6 @@ After=network.target
[Service]
Type=oneshot
User=__APP__
Group=__APP__
ExecStart=/bin/systemctl restart wg-quick@wg0.service

1
scripts/backup
View file

@ -63,6 +63,7 @@ ynh_backup --src_path="/etc/logrotate.d/$app"
ynh_backup --src_path="/etc/systemd/system/$app.service"
ynh_backup --src_path=/etc/systemd/system/wireguard_ui.service
ynh_backup --src_path=/etc/systemd/system/wireguard.path
ynh_backup --src_path="/etc/sudoers.d/${app}_ynh"
#=================================================
# BACKUP VARIOUS FILES

4
scripts/install
View file

@ -114,6 +114,10 @@ ynh_script_progression --message="Configuring system user..." --weight=1
# Create a system user
ynh_system_user_create --username=$app
# Ensure the system user has enough permissions
install -b -o root -g root -m 0440 ../conf/sudoers.conf /etc/sudoers.d/${app}_ynh
ynh_replace_string "__USER__" "${app}" /etc/sudoers.d/${app}_ynh
#=================================================
# SPECIFIC SETUP
#=================================================

9
scripts/remove
View file

@ -94,6 +94,15 @@ then
ynh_exec_warn_less yunohost firewall disallow TCP $port_wg
fi
#=================================================
# SPECIFIC REMOVE
#=================================================
# REMOVE VARIOUS FILES
#=================================================
# Remove sudoers file
ynh_secure_remove --file="/etc/sudoers.d/${app}_ynh"
#=================================================
# GENERIC FINALIZATION
#=================================================

3
scripts/restore
View file

@ -68,6 +68,9 @@ ynh_script_progression --message="Recreating the dedicated system user..." --wei
# Create the dedicated user (if not existing)
ynh_system_user_create --username=$app
# Restore sudoers file
ynh_restore_file --origin_path="/etc/sudoers.d/${app}_ynh"
#=================================================
# RESTORE USER RIGHTS
#=================================================

6
scripts/upgrade
View file

@ -77,6 +77,12 @@ Now wireguard_ynh use a DKMS module allowing itself to be used with the stable k
fi
fi
# Add sudoers file if missing
if [ -f "/etc/sudoers.d/${app}_ynh" ]; then
install -b -o root -g root -m 0440 ../conf/sudoers.conf /etc/sudoers.d/${app}_ynh
ynh_replace_string "__USER__" "${app}" /etc/sudoers.d/${app}_ynh
fi
#=================================================
# BACKUP BEFORE UPGRADE THEN ACTIVE TRAP
#=================================================