mullvad: Update relays

This also changes the framework to handle different relay names.
This commit is contained in:
Simon Bruder 2022-09-30 12:02:46 +02:00
parent 41da6fe13f
commit ecdbe9b936
Signed by: simon
GPG key ID: 8D3C82F9F309F8EC
5 changed files with 531 additions and 366 deletions

View file

@ -5,7 +5,7 @@ let
cfg = config.sbruder.mullvad; cfg = config.sbruder.mullvad;
relayConfigs = lib.mapAttrs' relayConfigs = lib.mapAttrs'
(name: configuration: lib.nameValuePair "mullvad-${name}.conf" (with configuration; '' (name: configuration: lib.nameValuePair "mlv-${name}.conf" (with configuration; ''
[Interface] [Interface]
DNS = ${cfg.dnsServer} DNS = ${cfg.dnsServer}

View file

@ -1,6 +1,6 @@
#!/usr/bin/env bash #!/usr/bin/env bash
# This reads wg-quick compatible configuration files from # This reads wg-quick compatible configuration files from
# /etc/wireguard/mullvad-LOCATION.conf # /etc/wireguard/mlv-LOCATION.conf
# #
# Since they are autogenerated by nix and therefore world-readable, they do not # Since they are autogenerated by nix and therefore world-readable, they do not
# include secrets like the private key and client address. Instead, they are # include secrets like the private key and client address. Instead, they are
@ -18,7 +18,7 @@ if (( $# < 1 )); then
exit 1 exit 1
fi fi
INTERFACE="mullvad-$1" INTERFACE="mlv-$1"
cmd() { cmd() {
echo "[#] $*" >&2 echo "[#] $*" >&2
@ -27,7 +27,7 @@ cmd() {
for interface in /sys/class/net/*; do for interface in /sys/class/net/*; do
interface="${interface#/sys/class/net/}" interface="${interface#/sys/class/net/}"
[[ $interface =~ ^mullvad-(v6-)?[a-z]{2}[0-9]*$ ]] && cmd wg-quick down "$interface" [[ $interface =~ ^mlv-(v6-)?[a-z]{2}(-[a-z]{3}-)?[0-9]*$ ]] && cmd wg-quick down "$interface"
done done
if [ "$1" != "off" ]; then if [ "$1" != "off" ]; then

File diff suppressed because it is too large Load diff

View file

@ -3,7 +3,7 @@
# it into a format that takes up less space than the original response. # it into a format that takes up less space than the original response.
set -euo pipefail set -euo pipefail
curl -s 'https://api.mullvad.net/www/relays/wireguard/' | jq '. | map({ curl -s 'https://api.mullvad.net/www/relays/wireguard/' | jq '. | map({
key: .hostname | split("-")[0], key: (if .hostname | endswith("-wireguard") then .hostname | split("-")[0] else .hostname | sub("-wg-"; "-") end),
value: { value: {
endpoint4: .ipv4_addr_in, endpoint4: .ipv4_addr_in,
endpoint6: .ipv6_addr_in, endpoint6: .ipv6_addr_in,

View file

@ -183,7 +183,7 @@ in
exec = pkgs.writeShellScript "vpn-state" '' exec = pkgs.writeShellScript "vpn-state" ''
${pkgs.iproute}/bin/ip -j link \ ${pkgs.iproute}/bin/ip -j link \
| ${pkgs.jq}/bin/jq --unbuffered --compact-output ' | ${pkgs.jq}/bin/jq --unbuffered --compact-output '
[[.[].ifname | select(. | startswith("mullvad"))][] | split("-")[1] + " ${thinsp}"] as $conns [[.[].ifname | select(. | startswith("mlv"))][] | sub("mlv-"; "") + " ${thinsp}"] as $conns
| { text: ($conns[0] // ""), class: (if $conns | length > 0 then "connected" else "disconnected" end) }' | { text: ($conns[0] // ""), class: (if $conns | length > 0 then "connected" else "disconnected" end) }'
''; '';
return-type = "json"; return-type = "json";