diff --git a/Makefile b/Makefile index c0e8bf7..ada00d2 100644 --- a/Makefile +++ b/Makefile @@ -76,7 +76,7 @@ install: all install $(WG_TARGET) $(DESTDIR)/wireguard/ install $(WG_QUICK_TARGET) $(DESTDIR)/wireguard/ install $(WG_MODULE_TARGET) $(DESTDIR)/wireguard/ - install $(ROOT_DIR)/wireguard/wg-init $(DESTDIR)/wireguard/ + install $(ROOT_DIR)/wireguard/wg-autostart $(DESTDIR)/wireguard/ clean: rm -rf $(LIBMNL_TAR) $(LIBMNL_DIR) $(WIREGUARD_TAR) $(WIREGUARD_DIR) $(WIREGUARD_TOOLS_TAR) $(WIREGUARD_TOOLS_DIR) diff --git a/README.rst b/README.rst index 6e88094..f8d07ac 100644 --- a/README.rst +++ b/README.rst @@ -150,22 +150,22 @@ SSH session. Adding WireGuard to autostart ----------------------------- DSM since version 7.0 comes with `systemd unit `_ support, while for previous versions you can use the built-in `upstart `_. -To standardize the process of adding the WireGuard interface to the autostart, a simple ``wg-init`` script has been developed. +To standardize the process of adding the WireGuard interface to the autostart, a simple ``wg-autostart`` script has been developed. + +**Important note:** before adding the interface to the autostart, start it manually by ``sudo wg-quick up wg0`` ensure that it does not cause the system to to crash and that you can still access your NAS properly. Otherwise, you may not be able to start the NAS or you may not be able to access the device after a reboot. To add the ``wg0`` interface to the autostart, run the command: .. code-block:: - sudo wg-init enable wg0 + sudo wg-autostart enable wg0 To remove the ``wg0`` interface from the autostart, run the command: .. code-block:: - sudo wg-init disable wg0 - -**Important note:** before adding the interface to the autostart, start it manually by ``sudo wg-quick up wg0`` ensure that it does not cause the system to crash. Otherwise, it may not be possible to start the NAS. + sudo wg-autostart disable wg0 Compiling diff --git a/build.sh b/build.sh index 698551d..4579b9e 100755 --- a/build.sh +++ b/build.sh @@ -56,7 +56,7 @@ if [[ "$DSM_VER" =~ ^7\.[0-9]+$ ]]; then # not signed by Synology from running with root privileges. # Change the permission to run the package to lower in order # to successfully install the package. - sed -i "s/root/package/" /source/WireGuard/conf/privilege + run_as="package" # For Virtual DSM 7.0 (vkmx64) the wireguard kernel module # requires a spinlock implementation patch @@ -65,6 +65,7 @@ if [[ "$DSM_VER" =~ ^7\.[0-9]+$ ]]; then fi else os_min_ver="6.0-5941" + run_as="root" pkgscripts_args="-S" # Temporary workaround for some architectures that are not part properly set as @@ -76,8 +77,10 @@ else fi fi -sed -i "s/DSM_VER/$DSM_VER/" /source/WireGuard/SynoBuildConf/depends -sed -i "s/OS_MIN_VER/$os_min_ver/" /source/WireGuard/INFO.sh +package_dir=`dirname $0` +cp -p "$package_dir/template/INFO.sh" "$package_dir/INFO.sh" && sed -i "s/OS_MIN_VER/$os_min_ver/" "$package_dir/INFO.sh" +cp -p "$package_dir/template/conf/privilege" "$package_dir/conf/privilege" && sed -i "s/RUN_AS/$run_as/" "$package_dir/conf/privilege" +cp -p "$package_dir/template/SynoBuildConf/depends" "$package_dir/SynoBuildConf/depends" && sed -i "s/DSM_VER/$DSM_VER/" "$package_dir/SynoBuildConf/depends" # Install the toolchain for the given package arch and DSM version build_env="/build_env/ds.$PACKAGE_ARCH-$DSM_VER" @@ -133,6 +136,9 @@ pkgscripts-ng/PkgCreate.py \ # a non-zero exit code on errors. pkg_status=$? +# Clean up the build environment +rm "$package_dir/INFO.sh" "$package_dir/conf/privilege" "$package_dir/SynoBuildConf/depends" + echo "Build log" echo "=========" cat "$build_env/logs.build" diff --git a/conf/resource b/conf/resource index 2549640..35a275c 100644 --- a/conf/resource +++ b/conf/resource @@ -1,5 +1,5 @@ { "usr-local-linker": { - "bin": ["wireguard/wg", "wireguard/wg-quick", "wireguard/wg-init"] + "bin": ["wireguard/wg", "wireguard/wg-quick", "wireguard/wg-autostart"] } } diff --git a/conf/systemd/pkg-wg-quick@.service b/conf/systemd/pkg-wg-quick@.service index f591ff9..ece74f5 100644 --- a/conf/systemd/pkg-wg-quick@.service +++ b/conf/systemd/pkg-wg-quick@.service @@ -2,12 +2,11 @@ Description=WireGuard via wg-quick(8) for %I After=pkgctl-WireGuard.service Wants=pkgctl-WireGuard.service -Documentation=man:wg-quick(8) -Documentation=man:wg(8) -Documentation=https://www.wireguard.com/ -Documentation=https://www.wireguard.com/quickstart/ +Documentation=https://github.com/runfalk/synology-wireguard Documentation=https://git.zx2c4.com/wireguard-tools/about/src/man/wg-quick.8 Documentation=https://git.zx2c4.com/wireguard-tools/about/src/man/wg.8 +Documentation=https://www.wireguard.com/ +Documentation=https://www.wireguard.com/quickstart/ [Service] Type=oneshot diff --git a/scripts/start b/scripts/start index f653760..a641cb1 100755 --- a/scripts/start +++ b/scripts/start @@ -1,7 +1,6 @@ #!/bin/sh -if [ "$EUID" -ne 0 ] -then +if [ "$EUID" -ne 0 ]; then echo "This script must be run as root" exit 1 fi @@ -10,8 +9,7 @@ dir=`dirname $0` sed -i 's/package/root/' "$dir/../conf/privilege" synopkg start WireGuard > /dev/null -if [ "$?" -eq 0 ] -then +if [ "$?" -eq 0 ]; then echo "WireGuard has been successfully started" exit 0 else diff --git a/INFO.sh b/template/INFO.sh similarity index 100% rename from INFO.sh rename to template/INFO.sh diff --git a/SynoBuildConf/depends b/template/SynoBuildConf/depends similarity index 100% rename from SynoBuildConf/depends rename to template/SynoBuildConf/depends diff --git a/conf/privilege b/template/conf/privilege similarity index 50% rename from conf/privilege rename to template/conf/privilege index e21db56..8559f5f 100644 --- a/conf/privilege +++ b/template/conf/privilege @@ -1,5 +1,5 @@ { "defaults": { - "run-as": "root" + "run-as": "RUN_AS" } } diff --git a/wireguard/wg-init b/wireguard/wg-autostart similarity index 58% rename from wireguard/wg-init rename to wireguard/wg-autostart index 258af65..cd8ce72 100755 --- a/wireguard/wg-init +++ b/wireguard/wg-autostart @@ -1,5 +1,8 @@ #!/bin/sh +# This script standardizes the process of adding the WireGuard interface to the autostart. Type wg-autostart for usage instruction. +# For DSM 7, systemd is used. Upstart script (init_script) method is used for DSM without systemd support (DSM 6). + read -r -d '' init_script < /dev/null - then + if command -v systemctl &> /dev/null; then systemctl is-enabled --quiet "pkg-wg-quick@${1}" &> /dev/null - if [ "$?" -ne 0 ] - then + if [ "$?" -ne 0 ]; then systemctl enable "pkg-wg-quick@${1}" &> /dev/null return 0 else return 1 fi else - if [ ! -f "/etc/init/wireguard-${1}.conf" ] - then + if [ ! -f "/etc/init/wireguard-${1}.conf" ]; then echo -e "$init_script" > "/etc/init/wireguard-${1}.conf" sed -i "s/%i/${1}/g" "/etc/init/wireguard-${1}.conf" return 0 @@ -33,19 +33,16 @@ enable() { } disable() { - if command -v systemctl &> /dev/null - then + if command -v systemctl &> /dev/null; then systemctl is-enabled --quiet "pkg-wg-quick@${1}" &> /dev/null - if [ "$?" -eq 0 ] - then + if [ "$?" -eq 0 ]; then systemctl disable "pkg-wg-quick@${1}" &> /dev/null return 0 else - return 1 + return 1 fi else - if [ -f "/etc/init/wireguard-${1}.conf" ] - then + if [ -f "/etc/init/wireguard-${1}.conf" ]; then rm -rf "/etc/init/wireguard-${1}.conf" return 0 else @@ -54,8 +51,7 @@ disable() { fi } -if [ "$EUID" -ne 0 ] -then +if [ "$EUID" -ne 0 ]; then echo "This script must be run as root" exit 1 fi @@ -63,23 +59,21 @@ fi case "$1" in enable) enable "$2" - if [ "$?" -eq 0 ] - then - echo "wg-init $2 has been enabled successfully" + if [ "$?" -eq 0 ]; then + echo "wg-autostart $2 has been enabled successfully" exit 0 else - echo "wg-init $2 is already enabled" 1>&2 + echo "wg-autostart $2 is already enabled" 1>&2 exit 1 fi ;; disable) disable "$2" - if [ "$?" -eq 0 ] - then - echo "wg-init $2 has been disabled successfully" + if [ "$?" -eq 0 ]; then + echo "wg-autostart $2 has been disabled successfully" exit 0 else - echo "wg-init $2 is already disabled" 1>&2 + echo "wg-autostart $2 is already disabled" 1>&2 exit 1 fi ;;