From 85744de848c61f3908bf161ffd5464eebfb837e0 Mon Sep 17 00:00:00 2001
From: steering7253
Date: Wed, 8 Apr 2026 19:14:27 +0000
Subject: minor updates

---
 config.py       |  2 +-
 cronjob.py      |  3 +++
 install.sh      | 11 ++++++++---
 lib_autopeer.py |  3 ++-
 4 files changed, 14 insertions(+), 5 deletions(-)

diff --git a/config.py b/config.py
index 7ac3b44..14c59eb 100644
--- a/config.py
+++ b/config.py
@@ -9,5 +9,5 @@ DB = sqlite3.connect('file:/opt/autopeer/db/sqlite3.db?mode=rw', uri=True, autoc
 
 try:
 	MY_PRIVKEY = open('/etc/wireguard/privkey', 'r').read().strip()
-except:
+except: # open will fail due to perms as user
 	MY_PRIVKEY = None
diff --git a/cronjob.py b/cronjob.py
index 38a19a9..81b5497 100755
--- a/cronjob.py
+++ b/cronjob.py
@@ -5,12 +5,15 @@ from lib_autopeer import *
 
 import os
 
+
 curs = DB.execute('SELECT name, asn FROM peers')
 while row := curs.fetchone():
 	name, asn = row
 	print(f'Processing {asn}-{name}...')
 	birdcfg = open(f'/etc/bird/peers/as{asn}{name}.conf', 'w')
+	old_umask = os.umask(0o077)
 	wgcfg = open(f'/etc/wireguard/wg{asn%10000:04}{name}.conf', 'w')
+	os.umask(old_umask)
 	print(_bird_config(name, _get_peer_info(name, asn), _get_my_info(asn)), file=birdcfg)
 	print(_wg_config(name, _get_peer_info(name, asn), _get_my_info(asn)), file=wgcfg)
 	birdcfg.close()
diff --git a/install.sh b/install.sh
index 60ff4fe..96f1b4e 100644
--- a/install.sh
+++ b/install.sh
@@ -1,11 +1,11 @@
 ssh-keygen -f /opt/autopeer/id_autopeer
-echo "You need to add your new SSH key (/opt/autopeer/id_autopeer) to dn42 git to clone the repo:"
+echo "You need to add your new SSH key (/opt/autopeer/id_autopeer) to dn42 gitea to clone the repo:"
 cat /opt/autopeer/id_autopeer.pub
 echo
 read -p "Press enter once you've done that..."
 
 
-apt install git
+apt install git wireguard-tools
 ln -s /opt/autopeer/sshd_config /etc/ssh/sshd_config.d/autopeer.conf
 addgroup autopeer
 adduser --disabled-password --comment '' new
@@ -16,6 +16,11 @@ echo '*/5 * * * * root /opt/autopeer/cronjob.py' >>/etc/cron.d/autopeer
 
 mkdir /opt/autopeer/db
 echo 'CREATE TABLE peers (name, asn, ipll, endpoint, port, pubkey, creator_ip, creator_name, creator_date, primary key (name, asn));' | python -m sqlite3 /opt/autopeer/db/sqlite3.db
-chgrp -R users /opt/autopeer/db/
+chgrp -R autopeer /opt/autopeer/db/
 chmod 770 /opt/autopeer/db/
 chmod 660 /opt/autopeer/db/sqlite3.db
+
+umask 0077
+wg genkey >/etc/wireguard/privkey
+umask 0022
+wg pubkey </etc/wireguard/privkey >/etc/wireguard/pubkey
diff --git a/lib_autopeer.py b/lib_autopeer.py
index 84f9a74..cf3b66e 100644
--- a/lib_autopeer.py
+++ b/lib_autopeer.py
@@ -17,7 +17,8 @@ def _get_peer_info(name, asn):
 def _get_my_info(asn):
 	return Peerdata(
 		asn=MY_ASN,
-		port=((int(asn) % 10000) + 20000),
+		# TODO: better port logic
+		port=((int(asn) % 100000)),
 		ipll=MY_IPLL,
 		endpoint=MY_ENDPOINT,
 		pubkey=MY_PUBKEY,
-- 
cgit v1.3.1-10-gc9f91