#!/usr/bin/env bash ################################################################################# # Cloudflare WARP Installation Script # # Installs Cloudflare WARP client for encrypted DNS and private routing # # Features: # - Encrypted DNS (1.1.1.1 with WARP) # - Optional VPN-like routing through Cloudflare network # - Prevents ISP DNS snooping # # Usage modes: # - warp-cli connect # Connect to WARP # - warp-cli disconnect # Disconnect # - warp-cli status # Check status # - warp-cli set-mode warp # Full WARP (VPN-like) # - warp-cli set-mode doh # DNS-over-HTTPS only # # Note: Free tier available, paid WARP+ for faster speeds ################################################################################# set -euo pipefail # Colors RED='\033[0;31m' GREEN='\033[0;32m' YELLOW='\033[1;33m' CYAN='\033[0;36m' NC='\033[0m' echo -e "${CYAN}━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━${NC}" echo -e "${CYAN} Cloudflare WARP Installation${NC}" echo -e "${CYAN}━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━${NC}" echo "" # Check if already installed if command -v warp-cli &>/dev/null; then echo -e "${YELLOW}Cloudflare WARP is already installed${NC}" warp-cli --version echo "" read -p "Reinstall? [y/N] " -n 1 -r echo if [[ ! $REPLY =~ ^[Yy]$ ]]; then echo -e "${GREEN}Skipping installation${NC}" exit 0 fi fi # Detect distro if [[ -f /etc/os-release ]]; then . /etc/os-release DISTRO_ID="${ID:-unknown}" DISTRO_CODENAME="${VERSION_CODENAME:-$(lsb_release -cs 2>/dev/null || echo 'unknown')}" else echo -e "${RED}Cannot detect distribution${NC}" exit 1 fi echo -e "${GREEN}Detected:${NC} $DISTRO_ID ($DISTRO_CODENAME)" echo "" # Handle Debian trixie/sid -> use bookworm packages case "$DISTRO_CODENAME" in trixie|sid|testing) echo -e "${YELLOW}Note: Using bookworm packages for $DISTRO_CODENAME${NC}" DISTRO_CODENAME="bookworm" ;; esac # Add Cloudflare GPG key echo -e "${GREEN}[1/4]${NC} Adding Cloudflare GPG key..." curl -fsSL https://pkg.cloudflareclient.com/pubkey.gpg | sudo gpg --yes --dearmor --output /usr/share/keyrings/cloudflare-warp-archive-keyring.gpg # Fix permissions (must be world-readable for apt) sudo chmod 644 /usr/share/keyrings/cloudflare-warp-archive-keyring.gpg # Add repository echo -e "${GREEN}[2/4]${NC} Adding Cloudflare repository..." echo "deb [signed-by=/usr/share/keyrings/cloudflare-warp-archive-keyring.gpg] https://pkg.cloudflareclient.com/ ${DISTRO_CODENAME} main" | sudo tee /etc/apt/sources.list.d/cloudflare-client.list > /dev/null # Update and install echo -e "${GREEN}[3/4]${NC} Updating package lists..." sudo apt-get update echo -e "${GREEN}[4/4]${NC} Installing cloudflare-warp..." sudo apt-get install -y cloudflare-warp echo "" echo -e "${CYAN}━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━${NC}" echo -e "${GREEN}✓${NC} Cloudflare WARP installed successfully" echo -e "${CYAN}━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━${NC}" echo "" echo -e "${YELLOW}First-time setup:${NC}" echo -e " ${CYAN}warp-cli registration new${NC} # Register device (one-time)" echo -e " ${CYAN}warp-cli connect${NC} # Connect to WARP" echo "" echo -e "${YELLOW}Common commands:${NC}" echo -e " ${CYAN}warp-cli status${NC} # Check connection status" echo -e " ${CYAN}warp-cli disconnect${NC} # Disconnect" echo -e " ${CYAN}warp-cli set-mode doh${NC} # DNS-over-HTTPS only (no VPN)" echo -e " ${CYAN}warp-cli set-mode warp${NC} # Full WARP routing" echo ""