slawek
3c665c2b6c
- Introduced debian templates for cloud-router configuration parameters. - Added simple-ca.sh script for managing a minimal Certificate Authority (CA) for IKEv2 PKI. - Created sysctl configuration to enable IP forwarding and adjust rp_filter settings. - Implemented configure script to render configuration files using Jinja2 templates. - Added simple-ca script for generating CA and certificates. - Created Jinja2 templates for various configuration files including netplan, strongSwan, and WireGuard. - Implemented UFW rules setup for IPsec and WireGuard. - Added support for road-warrior and site-to-site VPN configurations.
24 lines
774 B
Bash
Executable File
24 lines
774 B
Bash
Executable File
#!/bin/sh
|
|
set -e
|
|
. /usr/share/debconf/confmodule
|
|
|
|
db_input high cloud-router/local_addrs || true
|
|
db_input high cloud-router/local_fqdn || true
|
|
db_input high cloud-router/local_id_mode || true
|
|
db_input high cloud-router/local_cidrs || true
|
|
db_input high cloud-router/remote_addrs || true
|
|
db_input high cloud-router/remote_id || true
|
|
db_input high cloud-router/psk || true
|
|
db_input high cloud-router/remote_cidrs || true
|
|
db_input high cloud-router/router_int_gateway_ip || true
|
|
db_input high cloud-router/p2s_address_pool || true
|
|
db_input high cloud-router/wg_enabled || true
|
|
db_go || true
|
|
|
|
db_get cloud-router/wg_enabled
|
|
if [ "$RET" = "true" ]; then
|
|
db_input high cloud-router/wg_address || true
|
|
db_input high cloud-router/wg_listen_port || true
|
|
db_go || true
|
|
fi
|