wgctl/commands/service.command.sh

139 lines
3.2 KiB
Bash

#!/usr/bin/env bash
# ============================================
# Help
# ============================================
function cmd::service::help() {
cat <<EOF
Usage: wgctl <subcommand>
Manage the WireGuard service.
Subcommands:
start, up Start WireGuard
stop, down Stop WireGuard
restart, reload Restart WireGuard
status, stat Show WireGuard status
logs, log Show WireGuard logs
enable Enable WireGuard on boot
disable Disable WireGuard on boot
Examples:
wgctl start
wgctl logs
wgctl status
EOF
}
# ============================================
# Run
# ============================================
function cmd::service::run() {
local subcmd="${1:-help}"
shift || true
case "$subcmd" in
start) cmd::service::start ;;
stop) cmd::service::stop ;;
restart) cmd::service::restart ;;
reload) cmd::service::reload ;;
status) cmd::service::status ;;
logs) cmd::service::logs ;;
enable) cmd::service::enable ;;
disable) cmd::service::disable ;;
help) cmd::service::help ;;
*)
log::error "Unknown subcommand: '${subcmd}'"
cmd::service::help
return 1
;;
esac
}
# ============================================
# Subcommands
# ============================================
function cmd::service::start() {
log::wg_start "Starting WireGuard..."
systemctl start "wg-quick@$(config::interface)"
block::restore_all
rule::restore_all
cmd::service::_auto_rotate_logs
log::wg_success "WireGuard started"
}
function cmd::service::stop() {
log::wg_stop "Stopping WireGuard..."
systemctl stop "wg-quick@$(config::interface)"
log::wg_success "WireGuard stopped"
}
function cmd::service::restart() {
log::wg_start "Restarting WireGuard..."
# Flush firewall rules before restart so restore starts clean
fw::flush_all
systemctl restart "wg-quick@$(config::interface)"
block::restore_all
rule::restore_all
cmd::service::_auto_rotate_logs
log::wg_success "WireGuard restarted"
}
function cmd::service::reload() {
log::wg_start "Reloading WireGuard config..."
peers::reload
block::restore_all
rule::restore_all
log::wg_success "WireGuard config reloaded"
}
function cmd::service::status() {
log::section "WireGuard Status"
echo ""
systemctl status "wg-quick@$(config::interface)" --no-pager
echo ""
log::section "Active Peers"
wg show "$(config::interface)"
}
function cmd::service::logs() {
log::section "WireGuard Logs"
journalctl -u "wg-quick@$(config::interface)" -f --no-pager
}
function cmd::service::_auto_rotate_logs() {
local max_size=10485760 # 10MB
local fw_size wg_size
fw_size=$(stat -c%s "$(ctx::fw_events_log)" 2>/dev/null || echo 0)
wg_size=$(stat -c%s "$(ctx::events_log)" 2>/dev/null || echo 0)
if (( fw_size > max_size || wg_size > max_size )); then
log::wg_warning "Log files exceed 10MB, auto-rotating (keeping 7 days)..."
cmd::logs::rotate --days 7 --force
fi
}
function cmd::service::enable() {
systemctl enable "wg-quick@$(config::interface)"
log::wg_success "WireGuard enabled on boot"
}
function cmd::service::disable() {
systemctl disable "wg-quick@$(config::interface)"
log::wg_success "WireGuard disabled on boot"
}