Cleanup codebase for release.

Resolve additional bugs found during testing. All
x64 tests pass (Pi hardware not available).

Added:
* Test validating last release (2023-10-21) migrates correctly to current head.

Changed:
* Cleaned up and standardized strings, variables, comments.
* Update log_* messages to confirm to recommended 60 characters or less while
  still informing what is going on.
* init-premount - check wg-quick dependencies before attempting to bring up
  interface.
* migrate_project_structure.sh
  * Update migration script for current head with logging to inform end user of
    new configuration location.
  * set ListenPort to default value; PEER_PORT was implemented but never in a
    released version; ignore.
  * Set PersistentKeepalive during migration.
  * Use script directory detection to correctly source config location
    regardless of execution directory.
* README.md - updated migration instructions.

Author: r-pufky

README.md

@@ -93,15 +93,20 @@ wireguard first. Then restrict to the wireguard network once it is working:
 DROPBEAR_OPTIONS='... -p 172.31.255.10:22 ...'
 ```
 
-## Legacy compatibility
+## Legacy compatibility (Migration)
 
 If you are a user using a previous release, such as the one dated
-2023-10-21, you can update your current projects by running
+2023-10-21, you can update your current projects by running:
 
 ```bash
 sudo bash scripts/migrate_project_structure.sh
+make install
+make build_initramfs
 ```
 
+Adapter configuration is located in `/etc/wireguard/initramfs.conf` and
+initramfs configuration is located in `/etc/wireguard/initramfs`.
+
 This should keep your project structure and contents intact; however manual
 **validation** is required as full wireguard adapter configs are now supported.
 

TESTING.md

@@ -22,6 +22,14 @@
 # Absolute path to working wireguard adapter config for initramfs. This is
 # copied to initramfs and loaded after the hardware device is initialized to
 # complete wireguard configuration.
+#
+# PersistentKeepalive is usually required so the machine checks in with the
+# wireguard endpoint while booting. If there are issues with no connectivity
+# but the adapter config works fine when the system is fully booted, this is
+# very likely the cause. Suggest 25 seconds:
+#
+#   PersistentKeepalive = 25
+#
 ADAPTER=/etc/wireguard/initramfs.conf
 
 # Enable wg-quick for adapter management?

configs/initramfs

@@ -28,20 +28,20 @@ esac
 
 . /usr/share/initramfs-tools/hook-functions
 
-WG_INIT_CONFIG="/etc/wireguard/initramfs"
+WG_INIT_CONFIG='/etc/wireguard/initramfs'
 
-if [ ! -s "$WG_INIT_CONFIG" ]; then
-  echo "Wireguard initramfs config required. Missing: $WG_INIT_CONFIG"
+if [ ! -s "${WG_INIT_CONFIG}" ]; then
+  echo "Wireguard initramfs config required. Missing: ${WG_INIT_CONFIG}"
   return 1
 fi
-. "$WG_INIT_CONFIG"
+. "${WG_INIT_CONFIG}"
 
 if [ ! -s "${ADAPTER}" ]; then
   echo "Wireguard adapter config not found. Missing: ${ADAPTER}"
   exit 1
 fi
 if [ -z "${DATETIME_URL}" ]; then
-  echo "DATETIME_URL not set (may cause issues for Raspberry Pi devices)."
+  echo 'DATETIME_URL not set (may cause issues for Raspberry Pi devices).'
 fi
 
 # Parse interface section and sanity check.
@@ -116,8 +116,8 @@ fi
 cat > "${DESTDIR}/etc/wireguard/initramfs" <<EOL
 ADAPTER="${ADAPTER}"
 DATETIME_URL="${DATETIME_URL}"
-ENABLE_QUICK=${ENABLE_QUICK}
-PERSISTENT=${PERSISTENT}
+ENABLE_QUICK="${ENABLE_QUICK}"
+PERSISTENT="${PERSISTENT}"
 INTERFACE="${WG_INTERFACE_NAME}"
 INTERFACE_MTU=${WG_INTERFACE_MTU}
 INTERFACE_ADDR_IPV4="$(echo "${INTERFACE_ADDR_IPV4}" | sed 's/^[[:space:]]*//;s/[[:space:]]*$//')"
@@ -129,11 +129,11 @@ EOL
 if [ -n "${DEBUG}" ]; then
   echo "${DESTDIR}${ADAPTER}"
   cat "${DESTDIR}${ADAPTER}"
-  echo "-----"
+  echo '---'
   echo "${DESTDIR}/etc/wireguard/initramfs"
   cat "${DESTDIR}/etc/wireguard/initramfs"
 fi
 
-# Add modules and wireguard exec
+# Required wireguard dependencies.
 manual_add_modules wireguard
 copy_exec /usr/bin/wg /sbin

initramfs/hooks

@@ -16,7 +16,7 @@ esac
 . /scripts/functions
 
 translate_month() {
-    case "$1" in
+    case "${1}" in
     Jan) month_number=01 ;;
     Feb) month_number=02 ;;
     Mar) month_number=03 ;;
@@ -35,11 +35,11 @@ translate_month() {
 }
 
 convert_web_date() {
-  year=$(echo "$1" | cut -d' ' -f 4)
-  month=$(echo "$1" | cut -d' ' -f 3)
-  day=$(echo "$1" | cut -d' ' -f 2)
+  year=$(echo "${1}" | cut -d' ' -f 4)
+  month=$(echo "${1}" | cut -d' ' -f 3)
+  day=$(echo "${1}" | cut -d' ' -f 2)
 
-  datetime=$(echo "$1" | cut -d' ' -f 5)
+  datetime=$(echo "${1}" | cut -d' ' -f 5)
   hour=$(echo "${datetime}" | cut -d':' -f 1)
   minutes=$(echo "${datetime}" | cut -d':' -f 2)
   seconds=$(echo "${datetime}" | cut -d':' -f 3)
@@ -50,11 +50,11 @@ convert_web_date() {
 }
 
 convert_web_date_compare() {
-  year=$(echo "$1" | cut -d' ' -f 4)
-  month=$(echo "$1" | cut -d' ' -f 3)
-  day=$(echo "$1" | cut -d' ' -f 2)
+  year=$(echo "${1}" | cut -d' ' -f 4)
+  month=$(echo "${1}" | cut -d' ' -f 3)
+  day=$(echo "${1}" | cut -d' ' -f 2)
 
-  datetime=$(echo "$1" | cut -d' ' -f 5)
+  datetime=$(echo "${1}" | cut -d' ' -f 5)
   hour=$(echo "${datetime}" | cut -d':' -f 1)
   minutes=$(echo "${datetime}" | cut -d':' -f 2)
   seconds=$(echo "${datetime}" | cut -d':' -f 3)
@@ -86,14 +86,14 @@ generate_resolv_conf() {
   done
 }
 
-log_begin_msg 'Check dependencies'
+log_begin_msg 'Check required dependencies'
 if [ ! -e /sbin/wg ]; then
-  log_failure_msg 'Wireguard binary (/sbin/wg) not found; skipping start'
+  log_failure_msg '/sbin/wg: not found; skipping start'
   exit 0
 fi
 
 if [ ! -e /etc/wireguard/initramfs ]; then
-  log_failure_msg 'Wireguard config (/etc/wireguard/initramfs) not found; skipping start'
+  log_failure_msg '/etc/wireguard/initramfs: not found; skipping start'
   exit 0
 fi
 log_end_msg
@@ -109,13 +109,26 @@ log_end_msg
 
 log_begin_msg 'Loading wireguard config'
 . /etc/wireguard/initramfs
+log_end_msg
+
+log_begin_msg 'Check wg-quick dependencies'
+if [ -n "${ENABLE_QUICK}" ] && [ ! -e /sbin/wg-quick ]; then
+  log_failure_msg '/sbin/wg-quick: not found; skipping start'
+  exit 0
+fi
+
+if [ -n "${ENABLE_QUICK}" ] && [ ! -e /usr/bin/bash ]; then
+  log_failure_msg '/usr/bin/bash: not found; skipping start'
+  exit 0
+fi
+log_end_msg
 
+log_begin_msg 'Final sanity check to prevent boot wedging'
 if [ ! -e "${ADAPTER}" ]; then
-  log_failure_msg "Wireguard adapter config (${ADAPTER}) not found; skipping start"
+  log_failure_msg "${ADAPTER}: not found; skipping start"
   exit 0
 fi
 
-# Final sanity check to prevent boot wedging.
 if [ -z "${INTERFACE}" ]; then
   log_failure_msg 'Interface name is not defined'
   return 1
@@ -133,7 +146,7 @@ fi
 log_end_msg
 
 if [ -n "${DATETIME_URL}" ]; then
-  log_begin_msg 'set local date time'
+  log_begin_msg 'Set local date time'
   date_from_web=$(wget -qSO- "${DATETIME_URL}" 2>&1 | sed -n 's/^ *Date: *//p' | head -n 1)
 
   date_web_comp=$(date -d "$(convert_web_date_compare "${date_from_web}")" +%s)
@@ -145,12 +158,12 @@ if [ -n "${DATETIME_URL}" ]; then
     log_warning_msg "set date to: ${date_to_set}"
     date -s "${date_to_set}" > /dev/null
   else
-    log_success_msg "no need to set new date"
+    log_success_msg "No need to set new date"
   fi
   log_end_msg
 fi
 
-log_begin_msg 'Initialize and starting wireguard'
+log_begin_msg 'Initialize and start wireguard'
 if [ -n "${ENABLE_QUICK}" ]; then
   wg-quick up "${ADAPTER}"
 else

initramfs/init-premount

@@ -11,19 +11,17 @@ else
   CONFIG_PATH="${CONFIG}"
 fi
 
-# shellcheck source="${CONFIG_PATH}/initramfs" - load variables.
-WG_CONFIG="${CONFIG_PATH}/initramfs"
-source "${WG_CONFIG}"
+WG_INIT_CONFIG="${CONFIG_PATH}/initramfs"
+. "${WG_INIT_CONFIG}"
 
 if [ ! -s "${ADAPTER}" ]; then
   echo "Wireguard adapter config not found. Missing: ${ADAPTER}"
   exit 1
 fi
-
 if [ -z "${DATETIME_URL}" ]; then
   echo "DATETIME_URL not set (may cause issues for Raspberry Pi devices)."
 fi
 
-cp "${WG_CONFIG}" "/etc/wireguard/initramfs"
+cp "${WG_INIT_CONFIG}" "/etc/wireguard/initramfs"
 
 exit 0