From: Matt Birkholz Date: Mon, 16 Jun 2025 00:59:53 +0000 (-0600) Subject: Move misplaced exit in Wireguard™ config generation. And fixes. X-Git-Url: https://birchwood-abbey.net/git?a=commitdiff_plain;h=079b3b66a24cd47f00076998940092c57c3ccb2d;p=Institute Move misplaced exit in Wireguard™ config generation. And fixes. - Misspelled "NetworkManager". - Loosened the permissions on the VPN =.conf= files. --- diff --git a/README.org b/README.org index 1a90c39..35166ae 100644 --- a/README.org +++ b/README.org @@ -6354,7 +6354,7 @@ public VPN configuration. An ~android~ client runs WireGuard for Android™ or work-alike. - ~./inst client debian NAME USER PUBKEY~ \\ - A ~debian~ client runs a Debian/Linux desktop with Network Manager + A ~debian~ client runs a Debian/Linux desktop with NetworkManager (though ~wg-quick~ is currently used). - ~./inst client campus NAME PUBKEY~ \\ @@ -6370,7 +6370,7 @@ pubkey~ commands. After receiving the =.conf= templates, they paste in their private keys and install the resulting files in e.g. =/etc/wireguard/wg0.conf= and =wg1.conf=. To connect, members run a command like ~systemctl start wg-quick@wg0~. (There may be -better support in Network Manager soon.) +better support in NetworkManager soon.) #+CAPTION: [[file:inst][=inst=]] #+BEGIN_SRC perl :tangle inst :noweb no-export @@ -6461,6 +6461,7 @@ AllowedIPs = $campus_wg_net_cidr\n"; hostnum_to_ipaddr_cidr (1, $campus_wg_net_cidr), $campus_wg_port, "\n"); + umask 033; write_wg_client ("public.conf", hostnum_to_ipaddr ($hostnum, $public_wg_net_cidr), $type, @@ -6474,6 +6475,8 @@ AllowedIPs = $campus_wg_net_cidr\n"; $gate_wg_pubkey, "$gate_wild_addr:$campus_wg_port", hostnum_to_ipaddr (1, $campus_wg_net_cidr)); + + exit; } sub write_wg_server ($$$$$) { @@ -6523,8 +6526,6 @@ AllowedIPs = $campus_wg_net_cidr\n"; close $O or die "Could not close $file.tmp: $!\n"; rename ("$file.tmp", $file) or die "Could not rename $file.tmp: $!\n"; - - exit; } sub hostnum_to_ipaddr ($$) diff --git a/inst b/inst index 62cb803..4774363 100755 --- a/inst +++ b/inst @@ -438,6 +438,7 @@ AllowedIPs = $campus_wg_net_cidr\n"; hostnum_to_ipaddr_cidr (1, $campus_wg_net_cidr), $campus_wg_port, "\n"); + umask 033; write_wg_client ("public.conf", hostnum_to_ipaddr ($hostnum, $public_wg_net_cidr), $type, @@ -451,6 +452,8 @@ AllowedIPs = $campus_wg_net_cidr\n"; $gate_wg_pubkey, "$gate_wild_addr:$campus_wg_port", hostnum_to_ipaddr (1, $campus_wg_net_cidr)); + + exit; } sub write_wg_server ($$$$$) { @@ -500,8 +503,6 @@ AllowedIPs = $campus_wg_net_cidr\n"; close $O or die "Could not close $file.tmp: $!\n"; rename ("$file.tmp", $file) or die "Could not rename $file.tmp: $!\n"; - - exit; } sub hostnum_to_ipaddr ($$)