aboutsummaryrefslogtreecommitdiffstats
path: root/home/root
diff options
context:
space:
mode:
Diffstat (limited to 'home/root')
-rw-r--r--home/root/arrakis.nix54
1 files changed, 31 insertions, 23 deletions
diff --git a/home/root/arrakis.nix b/home/root/arrakis.nix
index b852ce5..ac7a30a 100644
--- a/home/root/arrakis.nix
+++ b/home/root/arrakis.nix
@@ -9,16 +9,16 @@
executable = true;
text = ''
#!${pkgs.zsh}/bin/zsh
-
+
function status_vpn {
-
+
ip netns exec vpn su -c 'curl -m 10 -s https://bitgnome.net/ip/ | grep REMOTE_ADDR' nipsy
ip netns exec vpn su -c 'curl -m 10 -s https://www.cloudflarestatus.com | grep "Cloudflare Status"' nipsy
-
+
}
-
+
function start_vpn {
-
+
ip netns add vpn
ip link add veth.host type veth peer veth.vpn
ip link set dev veth.host up
@@ -32,44 +32,52 @@
ip -n vpn link set wg1 up
ip -n vpn route add default dev wg1
ip netns exec vpn nft -f /etc/nftables-vpn.conf
-
+
}
-
+
function stop_vpn {
-
- ip netns del vpn
- ip link del veth.host
-
+
+ systemctl stop prowlarr.service qbittorrent.service
+
+ if ip netns | grep -q '^vpn '; then
+ ip netns del vpn
+ fi
+
+ if ip link show veth.host > /dev/null; then
+ ip link del veth.host
+ fi
+
}
-
+
if [[ -z "''${1}" || "''${1}" == "status" ]]; then
-
+
status_vpn
-
+
elif [[ "''${1}" == "restart" ]]; then
-
+
stop_vpn
sleep 2
start_vpn
-
+ systemctl restart prowlarr.service qbittorrent.service
+
elif [[ "''${1}" == "restart_firewall" ]]; then
-
+
ip netns exec vpn nft -f /etc/nftables-vpn.conf
-
+
elif [[ "''${1}" == "start" ]]; then
-
+
if [[ ! -f /run/netns/vpn ]]; then
start_vpn
else
echo 'VPN service already appears to be running' >&2
fi
-
+
elif [[ "''${1}" == "stop" ]]; then
-
+
stop_vpn
-
+
fi
-
+
exit 0
'';
};