Ana Sayfa Keşfet Yardım
Üye Ol Giriş Yap
Blance
/
Wyze-Firmware
1
0
Çatalla 0
Dosyalar Sorunlar 0 Değişiklik İstekleri 0 Wiki
Kaynağa Gözat

Merge pull request #51 from claudobahn/wireguard

added simple wireguard startup configuration.
gtxaspec 3 yıl önce
ebeveyn
555042c6b4 392ca64e2d
işleme
1e489969e4
2 değiştirilmiş dosya ile 38 ekleme ve 0 silme
Görünümü Böl Farklılık Durumunu Göster
  1. 15 0
      README.md
  2. 23 0
      SD_ROOT/wz_mini/run_mmc.sh

+ 15 - 0
README.md
Dosyayı Görüntüle 

@@ -118,6 +118,20 @@ Use the command ```wg``` to setup.  See [https://www.wireguard.com/quickstart/](
 
 
 Some users have asked about tailscale support, I have tested and it works.  See the issue #30 for further information.
 
 
+Example setup:
 
+```
 
+ENABLE_WIREGUARD="true"
 
+WIREGUARD_IPV4="192.168.2.101/32"
 
+WIREGUARD_PEER_ENDPOINT="x.x.x.x:51820"
 
+WIREGUARD_PEER_PUBLIC_KEY="INSERT_PEER_PUBLIC_KEY_HERE"
 
+WIREGUARD_PEER_ALLOWED_IPS="192.168.2.0/24"
 
+WIREGUARD_PEER_KEEP_ALIVE="25"
 
+```
 
+
 
+To retrieve the public key that you'll need to add the peer to your wireguard endpoint:
 
+1. Use SSH to log in
 
+2. `wg`
 
+
 
 ---
 
 
 Disable automatic firmware updates:
 
@@ -260,6 +274,7 @@ WEB_CAM_FPS_RATE="25"
 
 
 ## Latest Updates
 
 
+* 05-23-22:  added simple wireguard startup configuration.
 
 * 05-22-22:  added fps variable for rtsp server, thanks @claudobahn.
 
 * 05-22-22:  Update wz_mini scripts and libraries to support v2 camera.  experimental.
 
 * 05-20-22:  updated to latest libcallback including mp4write, bug fixes: usb direct mac addr, usb webcam mode bad variable.

+ 23 - 0
SD_ROOT/wz_mini/run_mmc.sh
Dosyayı Görüntüle 

@@ -27,6 +27,11 @@ ENABLE_USB_RNDIS="false"
 
 ENABLE_IPV6="false"
 
 
 ENABLE_WIREGUARD="false"
 
+WIREGUARD_IPV4=""
 
+WIREGUARD_PEER_ENDPOINT=""
 
+WIREGUARD_PEER_PUBLIC_KEY=""
 
+WIREGUARD_PEER_ALLOWED_IPS=""
 
+WIREGUARD_PEER_KEEP_ALIVE=""
 
 
 ENABLE_IPTABLES="false"
 
 
@@ -336,6 +341,24 @@ if [[ "$ENABLE_WIREGUARD" == "true" ]]; then
 
 	insmod $KMOD_PATH/kernel/net/ipv4/tunnel4.ko
 
 	insmod $KMOD_PATH/kernel/net/ipv4/ip_tunnel.ko
 
 	insmod $KMOD_PATH/kernel/net/wireguard/wireguard.ko
 
+
 
+  if [[ "$WIREGUARD_IPV4" != "" ]]; then
 
+    mkdir -p /opt/wz_mini/etc/wireguard
 
+
 
+    if [ ! -f /opt/wz_mini/etc/wireguard/privatekey ]; then
 
+      (umask 277 && /media/mmc/wz_mini/bin/wg  genkey | /media/mmc/wz_mini/bin/busybox tee /opt/wz_mini/etc/wireguard/privatekey | /media/mmc/wz_mini/bin/wg  pubkey > /opt/wz_mini/etc/wireguard/publickey)
 
+    fi
 
+
 
+    /media/mmc/wz_mini/bin/busybox ip link add dev wg0 type wireguard
 
+    /media/mmc/wz_mini/bin/busybox ip address add dev wg0 $WIREGUARD_IPV4
 
+    /media/mmc/wz_mini/bin/wg set wg0 private-key /opt/wz_mini/etc/wireguard/privatekey
 
+    /media/mmc/wz_mini/bin/busybox ip link set wg0 up
 
+  fi
 
+
 
+  if [[ "$WIREGUARD_PEER_PUBLIC_KEY" != "" ]] && [[ "$WIREGUARD_PEER_ALLOWED_IPS" != "" ]] && [[ "$WIREGUARD_PEER_ENDPOINT" != "" ]] && [[ "$WIREGUARD_PEER_KEEP_ALIVE" != "" ]]; then
 
+    /media/mmc/wz_mini/bin/wg set wg0 peer $WIREGUARD_PEER_PUBLIC_KEY allowed-ips $WIREGUARD_PEER_ALLOWED_IPS endpoint $WIREGUARD_PEER_ENDPOINT persistent-keepalive $WIREGUARD_PEER_KEEP_ALIVE
 
+    /media/mmc/wz_mini/bin/busybox ip route add $WIREGUARD_PEER_ALLOWED_IPS dev wg0
 
+  fi
 
 else
 
 	echo "wireguard disabled"
 
 fi