#!/bin/sh
# Set up Wireguard tunnels for CHI@Edge comms channels
# Note: it is important for this to be POSIX-compliant, as dhcpcd executes
# the hook within a limited shell (i.e., not Bash/Zsh)

chi_cfgdir="/root/.config/chameleon"

configure_tunnel() {
  local dev="$1"
  local cfg="$2"
  local mtu="$3"

  ip link show dev "$dev" >/dev/null || ip link add dev "$dev" type wireguard
  [ -n "$mtu" ] && ip link set dev "$dev" mtu "$mtu"

  read ipv4 <"$chi_cfgdir"/"$cfg".ipv4
  ip addr replace "$ipv4" dev "$dev"

  wg setconf "$dev" "$chi_cfgdir"/"$cfg".channel
  ip link set dev "$dev" up

  local routefile="$chi_cfgdir"/"$cfg".routes
  if [ -f "$routefile" ]; then
    while IFS= read -r route; do ip route replace $route; done <"$routefile"
  fi
}

if $if_up; then
  configure_tunnel wg0 mgmt
  # VxLAN encapsulation could be running over this
  # link, which will require additional packet overhead.
  # WireGuard transparently handles chunking the packets
  # and this is easier than fiddling with intermediate
  # MTUs everywhere.
  configure_tunnel wg1 user 1600
fi
