| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263 |
- #!/bin/sh
- set -e
- FIREWALL_ALL='[{"port": "any", "proto": "any", "host": "any"}]'
- if [ "$STATIC_HOSTS" ] || [ "$LIGHTHOUSES" ]
- then
- echo "static_host_map:"
- echo "$STATIC_HOSTS" | while read -r NEBULA_IP STATIC
- do
- [ -z "$NEBULA_IP" ] || echo " '$NEBULA_IP': ['$STATIC']"
- done
- echo "$LIGHTHOUSES" | while read -r NEBULA_IP STATIC
- do
- [ -z "$NEBULA_IP" ] || echo " '$NEBULA_IP': ['$STATIC']"
- done
- echo
- fi
- lighthouse_hosts() {
- if [ "$LIGHTHOUSES" ]
- then
- echo
- echo "$LIGHTHOUSES" | while read -r NEBULA_IP STATIC
- do
- echo " - '$NEBULA_IP'"
- done
- else
- echo "[]"
- fi
- }
- cat <<EOF
- pki:
- ca: ca.crt
- cert: ${HOST}.crt
- key: ${HOST}.key
- lighthouse:
- am_lighthouse: ${AM_LIGHTHOUSE:-false}
- hosts: $(lighthouse_hosts)
- remote_allow_list: ${REMOTE_ALLOW_LIST}
- listen:
- host: 0.0.0.0
- port: ${LISTEN_PORT:-4242}
- tun:
- dev: ${TUN_DEV:-nebula1}
- multiport:
- tx_enabled: ${MULTIPORT_TX:-false}
- rx_enabled: ${MULTIPORT_RX:-false}
- tx_handshake: ${MULTIPORT_HANDSHAKE:-false}
- firewall:
- inbound_action: reject
- outbound_action: reject
- outbound: ${OUTBOUND:-$FIREWALL_ALL}
- inbound: ${INBOUND:-$FIREWALL_ALL}
- $(test -t 0 || cat)
- EOF
|
