Merge branch 'master' into master

2025-04-05 03:43:30 +03:00 · 2025-03-10 19:29:17 +00:00 · 2025-03-10 19:29:17 +00:00 · 4a2520de9d
commit 4a2520de9d
parent f22d334ea5 cae93aa02c
3 changed files with 79 additions and 27 deletions
--- a/.github/workflows/lint.yml
+++ b/.github/workflows/lint.yml
@ -16,7 +16,5 @@ jobs:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v3
-      - name: shfmt
-        uses: bltavares/actions/shfmt@master
-        env:
-          SHFMT_ARGS: -d
+      - uses: mfinelli/setup-shfmt@v3
+      - run: shfmt -d wireguard-install.sh
--- a/README.md
+++ b/README.md
@ -17,6 +17,7 @@ WireGuard does not fit your environment? Check out [openvpn-install](https://git
 Supported distributions:

 - AlmaLinux >= 8
+- Alpine Linux
 - Arch Linux
 - CentOS Stream >= 8
 - Debian >= 10
--- a/wireguard-install.sh
+++ b/wireguard-install.sh
@ -23,18 +23,32 @@ function isRoot() {
 }

 function checkVirt() {
-	if [ "$(systemd-detect-virt)" == "openvz" ]; then
+	function openvzErr() {
 		echo "OpenVZ is not supported"
 		exit 1
-	fi
-
-	if [ "$(systemd-detect-virt)" == "lxc" ]; then
+	}
+	function lxcErr() {
 		echo "LXC is not supported (yet)."
 		echo "WireGuard can technically run in an LXC container,"
 		echo "but the kernel module has to be installed on the host,"
 		echo "the container has to be run with some specific parameters"
 		echo "and only the tools need to be installed in the container."
 		exit 1
+	}
+	if command -v virt-what &>/dev/null; then
+		if [ "$(virt-what)" == "openvz" ]; then
+			openvzErr
+		fi
+		if [ "$(virt-what)" == "lxc" ]; then
+			lxcErr
+		fi
+	else
+		if [ "$(systemd-detect-virt)" == "openvz" ]; then
+			openvzErr
+		fi
+		if [ "$(systemd-detect-virt)" == "lxc" ]; then
+			lxcErr
+		fi
 	fi
 }

@ -68,6 +82,11 @@ function checkOS() {
 		OS=oracle
 	elif [[ -e /etc/arch-release ]]; then
 		OS=arch
+	elif [[ -e /etc/alpine-release ]]; then
+		OS=alpine
+		if ! command -v virt-what &>/dev/null; then
+			apk update && apk add virt-what
+		fi
 	else
 		echo "Looks like you aren't running this installer on a Debian, Ubuntu, Fedora, CentOS, AlmaLinux, Oracle or Arch Linux system"
 		exit 1
@ -104,8 +123,8 @@ function getHomeDirForClient() {

 function initialCheck() {
 	isRoot
-	checkVirt
 	checkOS
+	checkVirt
 }

 function printHeader() {
@ -140,7 +159,7 @@ function installQuestions() {
 	echo ""

 	# Detect public interface and pre-fill for the user
-	SERVER_NIC="$(ip -4 route ls | grep default | grep -Po '(?<=dev )(\S+)' | head -1)"
+	SERVER_NIC="$(ip -4 route ls | grep default | awk '/dev/ {for (i=1; i<=NF; i++) if ($i == "dev") print $(i+1)}' | head -1)"
 	until [[ ${SERVER_PUB_NIC} =~ ^[a-zA-Z0-9_]+$ ]]; do
 		read -rp "Public interface: " -e -i "${SERVER_NIC}" SERVER_PUB_NIC
 	done
@ -227,6 +246,12 @@ function installWireGuard() {
 		dnf install -y wireguard-tools qrencode iptables
 	elif [[ ${OS} == 'arch' ]]; then
 		pacman -S --needed --noconfirm wireguard-tools qrencode
+	elif [[ ${OS} == 'alpine' ]]; then
+		apk update
+		apk add wireguard-tools iptables build-base libpng-dev
+		curl -O https://fukuchi.org/works/qrencode/qrencode-4.1.1.tar.gz
+		tar xf qrencode-4.1.1.tar.gz
+		(cd qrencode-4.1.1 || exit && ./configure && make && make install && ldconfig)
 	fi

 	# Make sure the directory exists (this does not seem the be the case on fedora)
@ -280,26 +305,46 @@ PostDown = ip6tables -t nat -D POSTROUTING -o ${SERVER_PUB_NIC} -j MASQUERADE" >
 	echo "net.ipv4.ip_forward = 1
 net.ipv6.conf.all.forwarding = 1" >/etc/sysctl.d/wg.conf

-	sysctl --system
+	if [[ ${OS} == 'alpine' ]]; then
+		sysctl -p /etc/sysctl.d/wg.conf
+		rc-update add sysctl
+		ln -s /etc/init.d/wg-quick "/etc/init.d/wg-quick.${SERVER_WG_NIC}"
+		rc-service "wg-quick.${SERVER_WG_NIC}" start
+		rc-update add "wg-quick.${SERVER_WG_NIC}"
+	else
+		sysctl --system

-	systemctl start "wg-quick@${SERVER_WG_NIC}"
-	systemctl enable "wg-quick@${SERVER_WG_NIC}"
+		systemctl start "wg-quick@${SERVER_WG_NIC}"
+		systemctl enable "wg-quick@${SERVER_WG_NIC}"
+	fi

 	newClient
 	echo -e "${GREEN}If you want to add more clients, you simply need to run this script another time!${NC}"

 	# Check if WireGuard is running
-	systemctl is-active --quiet "wg-quick@${SERVER_WG_NIC}"
+	if [[ ${OS} == 'alpine' ]]; then
+		rc-service --quiet "wg-quick.${SERVER_WG_NIC}" status
+	else
+		systemctl is-active --quiet "wg-quick@${SERVER_WG_NIC}"
+	fi
 	WG_RUNNING=$?

 	# WireGuard might not work if we updated the kernel. Tell the user to reboot
 	if [[ ${WG_RUNNING} -ne 0 ]]; then
 		echo -e "\n${RED}WARNING: WireGuard does not seem to be running.${NC}"
-		echo -e "${ORANGE}You can check if WireGuard is running with: systemctl status wg-quick@${SERVER_WG_NIC}${NC}"
+		if [[ ${OS} == 'alpine' ]]; then
+			echo -e "${ORANGE}You can check if WireGuard is running with: rc-service wg-quick.${SERVER_WG_NIC} status${NC}"
+		else
+			echo -e "${ORANGE}You can check if WireGuard is running with: systemctl status wg-quick@${SERVER_WG_NIC}${NC}"
+		fi
 		echo -e "${ORANGE}If you get something like \"Cannot find device ${SERVER_WG_NIC}\", please reboot!${NC}"
 	else # WireGuard is running
 		echo -e "\n${GREEN}WireGuard is running.${NC}"
-		echo -e "${GREEN}You can check the status of WireGuard with: systemctl status wg-quick@${SERVER_WG_NIC}\n\n${NC}"
+		if [[ ${OS} == 'alpine' ]]; then
+			echo -e "${GREEN}You can check the status of WireGuard with: rc-service wg-quick.${SERVER_WG_NIC} status\n\n${NC}"
+		else
+			echo -e "${GREEN}You can check the status of WireGuard with: systemctl status wg-quick@${SERVER_WG_NIC}\n\n${NC}"
+		fi
 		echo -e "${ORANGE}If you don't have internet connectivity from your client, try to reboot the server.${NC}"
 	fi
 }
@ -477,17 +522,21 @@ function uninstallWg() {
 	if [[ $REMOVE == 'y' ]]; then
 		checkOS

-		# Stop and disable WireGuard service
-		systemctl stop "wg-quick@${SERVER_WG_NIC}"
-		systemctl disable "wg-quick@${SERVER_WG_NIC}"
+		if [[ ${OS} == 'alpine' ]]; then
+			rc-service "wg-quick.${SERVER_WG_NIC}" stop
+			rc-update del "wg-quick.${SERVER_WG_NIC}"
+			unlink "/etc/init.d/wg-quick.${SERVER_WG_NIC}"
+			rc-update del sysctl
+		else
+			systemctl stop "wg-quick@${SERVER_WG_NIC}"
+			systemctl disable "wg-quick@${SERVER_WG_NIC}"
+		fi

 		# Remove client configuration files
 		echo -e "${YELLOW}► Removing client configuration files...${NC}"
-		# Get list of clients
 		if [[ -f "/etc/wireguard/${SERVER_WG_NIC}.conf" ]]; then
 			CLIENTS=$(grep "^### Client" "/etc/wireguard/${SERVER_WG_NIC}.conf" | cut -d ' ' -f 3)
 			for CLIENT in ${CLIENTS}; do
-				# Try to find and remove client config in various possible locations
 				find /root /home -type f -name "${SERVER_WG_NIC}-client-${CLIENT}.conf" -delete 2>/dev/null
 			done
 		fi
@ -512,17 +561,21 @@ function uninstallWg() {
 			yum remove --noautoremove wireguard-tools qrencode
 		elif [[ ${OS} == 'arch' ]]; then
 			pacman -Rs --noconfirm wireguard-tools qrencode
+		elif [[ ${OS} == 'alpine' ]]; then
+			(cd qrencode-4.1.1 || exit && make uninstall)
+			rm -rf qrencode-* || exit
+			apk del wireguard-tools build-base libpng-dev
 		fi

-		# Remove WireGuard directories and configurations
 		rm -rf /etc/wireguard
 		rm -f /etc/sysctl.d/wg.conf

-		# Reload sysctl
-		sysctl --system
-
-		# Check if WireGuard is running
-		systemctl is-active --quiet "wg-quick@${SERVER_WG_NIC}"
+		if [[ ${OS} == 'alpine' ]]; then
+			rc-service --quiet "wg-quick.${SERVER_WG_NIC}" status &>/dev/null
+		else
+			sysctl --system
+			systemctl is-active --quiet "wg-quick@${SERVER_WG_NIC}"
+		fi
 		WG_RUNNING=$?

 		if [[ ${WG_RUNNING} -eq 0 ]]; then