From b697deb9821f2d3ce42cd05e902d8a7e89c5b2df Mon Sep 17 00:00:00 2001
From: rmens <r.mens@me.com>
Date: Mon, 1 Apr 2024 20:53:22 +0200
Subject: [PATCH] Move VPN script to other repo

---
 README.md |   5 ---
 vpn.sh    | 107 ------------------------------------------------------
 2 files changed, 112 deletions(-)
 delete mode 100755 vpn.sh

diff --git a/README.md b/README.md
index f48d973..916478c 100644
--- a/README.md
+++ b/README.md
@@ -10,11 +10,6 @@ This repository contains the MicroMPX setup for [ZuidWest FM](https://www.zuidwe
 ## A Few Words About the Raspberry Pi 5
 MicroMPX and HiFiBerry boards are compatible with the Raspberry Pi 5. Currently, there is [a firmware bug](https://github.com/raspberrypi/linux/issues/5743) that necessitates manually editing the `/boot/firmware/config.txt` file. Add `,slave` to the `dtoverlay` line for the HiFiBerry, such as `dtoverlay=hifiberry-dacplus,slave`.
 
-# How to Connect the Raspberry Pi to the VPN
-- Download and execute the VPN script with the command: `/bin/bash -c "$(curl -fsSL https://raw.githubusercontent.com/oszuidwest/rpi-umpx-decoder/main/vpn.sh)"`.
-- Verify the presence of an interface named `wg0` with the correct IP using `ip a`.
-- If the `wg0` interface does not appear, enable debugging with `modprobe wireguard && echo module wireguard +p > /sys/kernel/debug/dynamic_debug/control` and use `tail -f /var/log/syslog` to identify any errors.
-
 ## Optional Heartbeat Monitoring
 Optionally, heartbeat monitoring can be integrated. In this configuration, the Pi will execute `wget --spider` on a specified URL every minute to serve as a heartbeat. This can be any URL, but testing was conducted with [Uptime Robot](https://uptimerobot.com/?rid=6f699dbd539740). Note that a paid Uptime Robot account is required for heartbeat monitoring.
 
diff --git a/vpn.sh b/vpn.sh
deleted file mode 100755
index 1f09e95..0000000
--- a/vpn.sh
+++ /dev/null
@@ -1,107 +0,0 @@
-#!/bin/bash
-
-# Start with a clean terminal
-clear
-
-# Remove old functions libraries and download the latest version
-rm -f /tmp/functions.sh
-if ! curl -s -o /tmp/functions.sh https://raw.githubusercontent.com/oszuidwest/bash-functions/main/common-functions.sh; then
-  echo -e "*** Failed to download functions library. Please check your network connection! ***"
-  exit 1
-fi
-
-# Source the functions file
-source /tmp/functions.sh
-
-# Set color variables
-set_colors
-
-# Start with a clean terminal
-clear
-
-# Check if running as root
-are_we_root
-
-# Check if this is Linux
-is_this_linux
-is_this_os_64bit
-
-# Check if we are running on a Raspberry Pi 3 or newer
-check_rpi_model 3
-
-# Ask for input for variables
-ask_user "SERVER_PUBLIC_IP" "8.8.8.8" "Enter the public ip-address of the Wireguard server" "str"
-ask_user "SERVER_PORT" "51820" "Enter the port number of the Wireguard server" "num"
-ask_user "SERVER_PUBLIC_KEY" "GQ4G7V+uRFRbqzYTgNHLd58o+RNPUW99L7Nc7mTt2Hs=" "Enter the public key of the Wirguard server" "str"
-ask_user "NETWORK" "172.18.1.0/24" "Enter the network range you want to allow to connect" "str"
-ask_user "RASPBERRY_ADDRESS" "172.18.1.2" "Enter the private ip-address this device should have" "str"
-
-# Paths
-WIREGUARD_PATH="/etc/wireguard"
-PRIVATE_KEY_PATH="${WIREGUARD_PATH}/privatekey"
-PUBLIC_KEY_PATH="${WIREGUARD_PATH}/publickey"
-CONFIGURATION_PATH="${WIREGUARD_PATH}/wg0.conf"
-
-# Ensure WireGuard is installed
-install_packages silent wireguard
-
-# Generate server keys if they do not exist
-if [[ ! -f $PRIVATE_KEY_PATH || ! -f $PUBLIC_KEY_PATH ]]; then
-  echo "Server keys are missing. Generating new keys..."
-  umask 077
-  if ! wg genkey | tee "$PRIVATE_KEY_PATH" | wg pubkey > "$PUBLIC_KEY_PATH"; then
-    echo "Error: Failed to generate keys."
-    exit 1
-  fi
-fi
-
-# Read the generated keys
-GENERATED_PRIVATE_KEY=$(<"$PRIVATE_KEY_PATH")
-GENERATED_PUBLIC_KEY=$(<"$PUBLIC_KEY_PATH")
-
-# Backup old configuration file if it exists
-if [[ -f $CONFIGURATION_PATH ]]; then
-  mv "$CONFIGURATION_PATH" "${CONFIGURATION_PATH}_old_$(date +%Y%m%d%H%M%S)"
-fi
-
-# Create the WireGuard configuration file
-cat >"$CONFIGURATION_PATH" <<EOL
-[Interface]
-Address = $RASPBERRY_ADDRESS/32
-PrivateKey = $GENERATED_PRIVATE_KEY
-
-[Peer]
-PublicKey = $SERVER_PUBLIC_KEY
-Endpoint = $SERVER_PUBLIC_IP:$SERVER_PORT
-AllowedIPs = $NETWORK
-PersistentKeepalive = 25
-EOL
-
-# Ensure the WireGuard configuration file is readable and not empty
-if [[ ! -r $CONFIGURATION_PATH || ! -s $CONFIGURATION_PATH ]]; then
-  echo "Error: The WireGuard configuration file is not readable or is empty."
-  exit 1
-fi
-
-# Check if the WireGuard interface needs to be enabled on boot
-if ! systemctl is-enabled --quiet wg-quick@wg0
-then
-    echo -e "${BLUE}►► Enabling the wg0 interface on boot...${NC}"
-    systemctl enable wg-quick@wg0
-fi
-
-# Bring up the WireGuard interface
-if ip link show wg0 &> /dev/null; then
-    echo -e "${BLUE}►► Restarting wg0...${NC}"
-    wg-quick down wg0
-    wg-quick up wg0
-else
-    echo -e "${BLUE}►► Bringing wg0 up...${NC}"
-    wg-quick up wg0
-fi
-
-# Fin 
-echo -e "\n${GREEN}✓ Success!${NC}"
-echo -e "There should now be an interface named ${BOLD}wg0${NC} on this machine."
-echo -e "The IP of the WireGuard interface is ${BOLD}$RASPBERRY_ADDRESS${NC}"
-echo -e "The public key to put in the server is ${BOLD}$GENERATED_PUBLIC_KEY${NC}\n"