archived: tailscale replacement

archive/firewall.sh

@@ -0,0 +1,65 @@
+#!/usr/bin/env bash
+# ---
+# @file_name: mullvad_tailscale.sh
+# @version: 1.0.0
+# @description: Installs mullvad nft rules
+# @author: Jamie Albert (empty_produce)
+# @author_contact: <mailto:empty.produce@flatmail.me>
+# @license: GNU Affero General Public License v3.0 (Included in LICENSE)
+# Copyright (C) 2025, Jamie Albert
+# ---
+
+# ---
+# shellcheck disable=1091
+# --
+#!/usr/bin/env bash
+
+set -euo pipefail
+
+setup() {
+	. /usr/local/share/dao/config/dao.conf
+}
+
+wait_for_network() {
+	echo "[i] Waiting for network connectivity..."
+	local max_attempts=30
+	local attempt=1
+
+	while ! ping -c1 -W1 nasa.gov >/dev/null 2>&1; do
+		if [ $attempt -ge $max_attempts ]; then
+			echo "[e] Network not available after ${max_attempts} attempts"
+			exit 1
+		fi
+		echo "[i] Attempt $attempt/${max_attempts}: Network not ready, waiting 2 seconds..."
+		sleep 2
+		((attempt++))
+	done
+	echo "[i] Network connectivity confirmed"
+}
+
+nft_mullvad() {
+	echo "[i] Applying firewall rules..."
+	if sudo nft -f "$DAO_USER_HOME/.config/dao/firewall/mullvad_tailscale.conf"; then
+		echo "[i] Firewall rules applied successfully"
+	else
+		echo "[e] Failed to apply firewall rules"
+		exit 1
+	fi
+}
+
+main() {
+	setup
+	case "${1:-}" in
+		--enable)
+			wait_for_network
+			nft_mullvad
+			;;
+		*)
+			echo "Usage: $0 --enable"
+			exit 1
+			;;
+	esac
+}
+
+main "$@"
+