forked from tasket/qubes-tunnel
-
Notifications
You must be signed in to change notification settings - Fork 4
/
10_wg.example
30 lines (22 loc) · 931 Bytes
/
10_wg.example
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
## Example wireguard config (experimental):
[Service]
Type=oneshot
Restart=no
RemainAfterExit=true
Environment="filter_opts="
Environment="client_cmd="
Environment="client_cmd=/tmp/wg-quick"
Environment="client_opt1="
Environment="client_opt1=up /tmp/qtunnel.conf"
Environment="client_opt2="
Environment="client_opt3="
Environment="client_opt4="
Environment="client_opt5="
Environment="userpassword_opt="
# Override wg-quick DNS functions:
ExecStartPre=/bin/cp -a -L /usr/bin/wg-quick /tmp
ExecStartPre=/bin/sed -i "/~~ function override insertion point/a set_dns() { export tunnel_dns=\$DNS; /usr/lib/qubes/qtunnel-connect up; HAVE_SET_DNS=1; }" /tmp/wg-quick
ExecStartPre=/bin/sed -i "/~~ function override insertion point/a unset_dns() { /usr/lib/qubes/qtunnel-connect down; }" /tmp/wg-quick
# Workaround: Allow wg access to net
ExecStartPre=/sbin/iptables -P OUTPUT ACCEPT
ExecStop=/tmp/wg-quick down /tmp/qtunnel.conf