Mirrored_Repos/wz_mini_hacks
1
0
Fork 0
mirror of https://github.com/gtxaspec/wz_mini_hacks.git synced 2024-11-22 05:27:24 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #51 from claudobahn/wireguard

Browse Source 
added simple wireguard startup configuration.
This commit is contained in:
gtxaspec 2022-05-24 00:06:32 -07:00 committed by GitHub
commit 1e489969e4
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 38 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
README.md
View File

@ -118,6 +118,20 @@ Use the command ```wg``` to setup. See [https://www.wireguard.com/quickstart/](
Some users have asked about tailscale support, I have tested and it works. See the issue #30 for further information.
Example setup:
```
ENABLE_WIREGUARD="true"
WIREGUARD_IPV4="192.168.2.101/32"
WIREGUARD_PEER_ENDPOINT="x.x.x.x:51820"
WIREGUARD_PEER_PUBLIC_KEY="INSERT_PEER_PUBLIC_KEY_HERE"
WIREGUARD_PEER_ALLOWED_IPS="192.168.2.0/24"
WIREGUARD_PEER_KEEP_ALIVE="25"
```
To retrieve the public key that you'll need to add the peer to your wireguard endpoint:
1. Use SSH to log in
2. `wg`
---
Disable automatic firmware updates:
@ -260,6 +274,7 @@ WEB_CAM_FPS_RATE="25"
## Latest Updates
* 05-23-22: added simple wireguard startup configuration.
* 05-22-22: added fps variable for rtsp server, thanks @claudobahn.
* 05-22-22: Update wz_mini scripts and libraries to support v2 camera. experimental.
* 05-20-22: updated to latest libcallback including mp4write, bug fixes: usb direct mac addr, usb webcam mode bad variable.

23
SD_ROOT/wz_mini/run_mmc.sh
View File

@ -27,6 +27,11 @@ ENABLE_USB_RNDIS="false"
ENABLE_IPV6="false"
ENABLE_WIREGUARD="false"
WIREGUARD_IPV4=""
WIREGUARD_PEER_ENDPOINT=""
WIREGUARD_PEER_PUBLIC_KEY=""
WIREGUARD_PEER_ALLOWED_IPS=""
WIREGUARD_PEER_KEEP_ALIVE=""
ENABLE_IPTABLES="false"
@ -336,6 +341,24 @@ if [[ "$ENABLE_WIREGUARD" == "true" ]]; then
insmod $KMOD_PATH/kernel/net/ipv4/tunnel4.ko
insmod $KMOD_PATH/kernel/net/ipv4/ip_tunnel.ko
insmod $KMOD_PATH/kernel/net/wireguard/wireguard.ko
if [[ "$WIREGUARD_IPV4" != "" ]]; then
mkdir -p /opt/wz_mini/etc/wireguard
if [ ! -f /opt/wz_mini/etc/wireguard/privatekey ]; then
(umask 277 && /media/mmc/wz_mini/bin/wg genkey | /media/mmc/wz_mini/bin/busybox tee /opt/wz_mini/etc/wireguard/privatekey | /media/mmc/wz_mini/bin/wg pubkey > /opt/wz_mini/etc/wireguard/publickey)
fi
/media/mmc/wz_mini/bin/busybox ip link add dev wg0 type wireguard
/media/mmc/wz_mini/bin/busybox ip address add dev wg0 $WIREGUARD_IPV4
/media/mmc/wz_mini/bin/wg set wg0 private-key /opt/wz_mini/etc/wireguard/privatekey
/media/mmc/wz_mini/bin/busybox ip link set wg0 up
fi
if [[ "$WIREGUARD_PEER_PUBLIC_KEY" != "" ]] && [[ "$WIREGUARD_PEER_ALLOWED_IPS" != "" ]] && [[ "$WIREGUARD_PEER_ENDPOINT" != "" ]] && [[ "$WIREGUARD_PEER_KEEP_ALIVE" != "" ]]; then
/media/mmc/wz_mini/bin/wg set wg0 peer $WIREGUARD_PEER_PUBLIC_KEY allowed-ips $WIREGUARD_PEER_ALLOWED_IPS endpoint $WIREGUARD_PEER_ENDPOINT persistent-keepalive $WIREGUARD_PEER_KEEP_ALIVE
/media/mmc/wz_mini/bin/busybox ip route add $WIREGUARD_PEER_ALLOWED_IPS dev wg0
fi
else
echo "wireguard disabled"
fi