norn/parahub-mesh
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: VPS WireGuard gateway auto-configuration (ph4)

Browse Source 
- uci-defaults: WG keygen, vps_gateway interface+zone+forwarding
- heartbeat: sends wg_public_key, parses VPS config, calls vps-setup
- parahub-vps-setup: new script for auto-configuring VPS tunnel with
  OTA bootstrap support and idempotent state tracking
- parahub-mullvad: setup disables vps_gateway, remove re-enables it
  (fixes bug referencing non-existent vpn_tunnel interface)
- parahub-gw-check: works with both vps_gateway and mullvad_local
- sysupgrade.conf: preserves WG VPS keys across upgrades
- build.sh: bump PARAHUB_BUILD to 4

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This commit is contained in:
Parahub AI
2026-02-12 11:30:57 +00:00
parent e31f626c7c
commit e4d44f821a
7 changed files with 206 additions and 27 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
files/usr/bin/parahub-gw-check
View File

@@ -1,15 +1,15 @@
#!/bin/sh
# Parahub Gateway Health Check
# Monitors Mullvad WireGuard status and switches batman-adv gw_mode:
# - Mullvad active (recent handshake) → gw_mode=server (advertise as gateway)
# - Mullvad down or not configured → gw_mode=client (relay only)
# Monitors WireGuard status (VPS gateway or Mullvad) and switches batman-adv gw_mode:
# - WireGuard active (recent handshake) → gw_mode=server (advertise as gateway)
# - WireGuard down or not configured → gw_mode=client (relay only)
#
# Run via cron every 2 minutes. Bumblebee only.
[ "$(cat /etc/parahub/role 2>/dev/null)" = "bumblebee" ] || exit 0
# Check if Mullvad WireGuard interface exists and has recent handshake
MULLVAD_OK=0
# Check if any WireGuard interface has a recent handshake
WG_OK=0
if command -v wg >/dev/null 2>&1; then
# Get latest handshake timestamp from any WireGuard interface
LAST_HS=$(wg show all latest-handshakes 2>/dev/null | awk '{print $NF}' | sort -rn | head -1)
@@ -17,20 +17,20 @@ if command -v wg >/dev/null 2>&1; then
NOW=$(date +%s)
AGE=$((NOW - LAST_HS))
# Handshake within last 5 minutes = alive
[ "$AGE" -lt 300 ] && MULLVAD_OK=1
[ "$AGE" -lt 300 ] && WG_OK=1
fi
fi
CURRENT_MODE=$(batctl gw_mode 2>/dev/null | awk '{print $1}')
if [ "$MULLVAD_OK" = "1" ]; then
if [ "$WG_OK" = "1" ]; then
if [ "$CURRENT_MODE" != "server" ]; then
batctl gw_mode server
logger -t parahub-gw "Mullvad active, switched to gw_mode=server"
logger -t parahub-gw "WireGuard active, switched to gw_mode=server"
fi
else
if [ "$CURRENT_MODE" != "client" ]; then
batctl gw_mode client
logger -t parahub-gw "Mullvad down, switched to gw_mode=client"
logger -t parahub-gw "WireGuard down, switched to gw_mode=client"
fi
fi