84 lines
3.2 KiB
Go
84 lines
3.2 KiB
Go
package main
|
|
|
|
import (
|
|
"encoding/base64"
|
|
"encoding/hex"
|
|
"net"
|
|
"net/netip"
|
|
"strconv"
|
|
"time"
|
|
)
|
|
|
|
type ipT netip.Addr
|
|
|
|
func (o *ipT) UnmarshalFlag(value string) error {
|
|
ip, err := netip.ParseAddr(value)
|
|
*o = ipT(ip)
|
|
return err
|
|
}
|
|
|
|
func (o ipT) String() string {
|
|
return netip.Addr(o).String()
|
|
}
|
|
|
|
type hostPortT struct {
|
|
host string
|
|
port uint16
|
|
}
|
|
|
|
func (o *hostPortT) UnmarshalFlag(value string) error {
|
|
host, port, err := net.SplitHostPort(value)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
port16, err := strconv.ParseUint(port, 10, 16)
|
|
*o = hostPortT{host, uint16(port16)}
|
|
return err
|
|
}
|
|
|
|
type keyT string
|
|
|
|
func (o *keyT) UnmarshalFlag(value string) error {
|
|
key, err := base64.StdEncoding.DecodeString(value)
|
|
*o = keyT(hex.EncodeToString(key))
|
|
return err
|
|
}
|
|
|
|
type timeT int64
|
|
|
|
func (o *timeT) UnmarshalFlag(value string) error {
|
|
i, err := strconv.ParseInt(value, 10, 32)
|
|
if err == nil {
|
|
*o = timeT(i)
|
|
return nil
|
|
}
|
|
d, err := time.ParseDuration(value)
|
|
*o = timeT(d.Seconds())
|
|
return err
|
|
}
|
|
|
|
type options struct {
|
|
ClientIPs []ipT `long:"client-ip" env:"CLIENT_IP" env-delim:"," required:"true" description:"[Interface].Address\tfor WireGuard client (can be set multiple times)"`
|
|
ClientPort int `long:"client-port" env:"CLIENT_PORT" description:"[Interface].ListenPort\tfor WireGuard client (optional)"`
|
|
PrivateKey keyT `long:"private-key" env:"PRIVATE_KEY" required:"true" description:"[Interface].PrivateKey\tfor WireGuard client (format: base64)"`
|
|
DNS string `long:"dns" env:"DNS" description:"[Interface].DNS\tfor WireGuard network (format: protocol://ip:port)\nProtocol includes udp(default), tcp, tls(DNS over TLS) and https(DNS over HTTPS)"`
|
|
MTU int `long:"mtu" env:"MTU" default:"1280" description:"[Interface].MTU\tfor WireGuard network"`
|
|
|
|
PeerEndpoint hostPortT `long:"peer-endpoint" env:"PEER_ENDPOINT" required:"true" description:"[Peer].Endpoint\tfor WireGuard server (format: host:port)"`
|
|
PeerKey keyT `long:"peer-key" env:"PEER_KEY" required:"true" description:"[Peer].PublicKey\tfor WireGuard server (format: base64)"`
|
|
PresharedKey keyT `long:"preshared-key" env:"PRESHARED_KEY" description:"[Peer].PresharedKey\tfor WireGuard network (optional, format: base64)"`
|
|
KeepaliveInterval timeT `long:"keepalive-interval" env:"KEEPALIVE_INTERVAL" description:"[Peer].PersistentKeepalive\tfor WireGuard network (optional)"`
|
|
|
|
ResolveDNS string `long:"resolve-dns" env:"RESOLVE_DNS" description:"DNS for resolving WireGuard server address (optional, format: protocol://ip:port)\nProtocol includes udp(default), tcp, tls(DNS over TLS) and https(DNS over HTTPS)"`
|
|
ResolveInterval timeT `long:"resolve-interval" env:"RESOLVE_INTERVAL" default:"1m" description:"Interval for resolving WireGuard server address (set 0 to disable)"`
|
|
|
|
Listen string `long:"listen" env:"LISTEN" default:"localhost:8080" description:"HTTP & SOCKS5 server address"`
|
|
ExitMode string `long:"exit-mode" env:"EXIT_MODE" choice:"remote" choice:"local" default:"remote" description:"Exit mode"`
|
|
Verbose bool `short:"v" long:"verbose" description:"Show verbose debug information"`
|
|
|
|
ClientID string `long:"client-id" env:"CLIENT_ID" hidden:"true"`
|
|
|
|
TLSCert string `long:"tls-cert" env:"TLS_CERT"`
|
|
TLSKey string `long:"tls-key" env:"TLS_KEY"`
|
|
}
|