~abcdw/trop.in: Update wg scripts

4 files changed, 34 insertions(+), 22 deletions(-)

A files/wg/pinky.pub
A files/wg/wg-set-key.sh
M files/wg/wg.sh
M src/tropin/machines.scm

A files/wg/pinky.pub => files/wg/pinky.pub +1 -0

@@ 0,0 1,1 @@
+1OAHy0HLy2WXexCelrLkBz5WU2i0CZ8Y+O3uQVmlaVg=

A files/wg/wg-set-key.sh => files/wg/wg-set-key.sh +2 -0

@@ 0,0 1,2 @@
+KEY=$@
+wg set wg0 private-key <(echo $KEY)

M files/wg/wg.sh => files/wg/wg.sh +18 -13

@@ 1,20 1,25 @@
 set -x
+DEFAULT_GW=`ip route show default dev wlp0s20f3 | cut -d\  -f3`
+
 # sudo guix shell wireguard-tools -- ./wg.sh
 
-ip link add dev wg0 type wireguard
-ip address add dev wg0 10.0.0.2/24
-ip -6 address add dev wg0 fdf5:6028:947d:1234::2/128
-ip address add dev wg0 10.0.0.2 peer 10.0.0.1
-wg set wg0 private-key ./ixy.key
-wg set wg0 peer 1OAHy0HLy2WXexCelrLkBz5WU2i0CZ8Y+O3uQVmlaVg= \
+sudo ip link add dev wg0 type wireguard
+sudo ip address add dev wg0 10.0.0.2/24
+sudo ip -6 address add dev wg0 fdf5:6028:947d:1234::2/128
+sudo ip address add dev wg0 10.0.0.2 peer 10.0.0.1
+
+set +x
+sudo `realpath wg-set-key.sh` `pass show wireguard/ixy.key`
+set -x
+sudo wg set wg0 peer 1OAHy0HLy2WXexCelrLkBz5WU2i0CZ8Y+O3uQVmlaVg= \
 allowed-ips 0.0.0.0/0,::/0 endpoint 23.137.249.202:51828
 
-ip route add 23.137.249.202 via 192.168.0.1
+sudo ip route add 23.137.249.202 via $DEFAULT_GW
 
-ip link set wg0 up
+sudo ip link set wg0 up
 
-ip route del default
-ip route add default dev wg0
-ip -6 route del default
-ip -6 route add default dev wg0
-ip -6 route del default via fe80::eead:e0ff:fe42:bb23
+sudo ip route del default
+sudo ip route add default dev wg0
+sudo ip -6 route del default
+sudo ip -6 route add default dev wg0
+sudo ip -6 route del default via fe80::eead:e0ff:fe42:bb23

M src/tropin/machines.scm => src/tropin/machines.scm +13 -9

@@ 196,15 196,19 @@
                 (routes (list (network-route
                                (destination "default")
                                (gateway "23.137.249.1"))
-                              (network-route
-                               (destination "2602:fc24:11::1/128")
-                               (device "eth0"))
-                              (network-route
-                               (destination "default")
-                               (gateway "2602:fc24:11::1"))))
-                (name-servers '("2620:fe::fe"
-                                "2620:fe::9"
-                                ;; "9.9.9.9"
+                              ;; ip route add 2602:fc24:11::1/128 dev eth0
+                              ;; ip route add default via 2602:fc24:11::1
+
+                              ;; (network-route
+                              ;;  (destination "2602:fc24:11::1/128")
+                              ;;  (device "eth0"))
+                              ;; (network-route
+                              ;;  (destination "default")
+                              ;;  (gateway "2602:fc24:11::1"))
+                              ))
+                (name-servers '(;; "2620:fe::fe"
+                                ;; "2620:fe::9"
+                                "9.9.9.9"
                                 ;; "149.112.112.112"
                                 )))))
              ;; nameserver 9.9.9.9