network/roles/firewall/files/update

35 lines
811 B
Plaintext
Raw Normal View History

2023-12-18 10:22:14 +00:00
#!/bin/sh
apply() {
cp -R /opt/config/etc/nftables.d /etc || return 1
nft -I /etc/nftables.d -f /etc/nftables.nft || return 2
cp -R /opt/config/etc/wireguard /etc || return 3
wg syncconf wg /etc/wireguard/wg.conf || return 4
}
cleanup() {
rm -fr /opt/config
}
# clean now and on exit
cleanup
trap cleanup EXIT
mkdir -p /opt/config
tar xz -C /opt/config --warning=no-timestamp
current="$(cat /opt/version 2>/dev/null || echo -1)"
next="$(cat /opt/config/version 2>/dev/null || echo -1)"
echo "Updating config from v${current} to v${next}"
if [ "${next:-0}" -ne "${current:-0}" ] ; then
echo "Applying config v${next}"
if apply ; then
echo "${next}" > /opt/version
echo "Applied config v${next}"
else
error="$?"
echo "Could not apply config v${next}, error ${error}"
exit "${error}"
fi
fi