103 lines
4.1 KiB
Bash
Executable file
103 lines
4.1 KiB
Bash
Executable file
#!/usr/bin/env bash
|
|
|
|
#################################################################################
|
|
# Cloudflare WARP Installation Script
|
|
#
|
|
# Installs Cloudflare WARP client for encrypted DNS and private routing
|
|
#
|
|
# Features:
|
|
# - Encrypted DNS (1.1.1.1 with WARP)
|
|
# - Optional VPN-like routing through Cloudflare network
|
|
# - Prevents ISP DNS snooping
|
|
#
|
|
# Usage modes:
|
|
# - warp-cli connect # Connect to WARP
|
|
# - warp-cli disconnect # Disconnect
|
|
# - warp-cli status # Check status
|
|
# - warp-cli set-mode warp # Full WARP (VPN-like)
|
|
# - warp-cli set-mode doh # DNS-over-HTTPS only
|
|
#
|
|
# Note: Free tier available, paid WARP+ for faster speeds
|
|
#################################################################################
|
|
|
|
set -euo pipefail
|
|
|
|
# Colors
|
|
RED='\033[0;31m'
|
|
GREEN='\033[0;32m'
|
|
YELLOW='\033[1;33m'
|
|
CYAN='\033[0;36m'
|
|
NC='\033[0m'
|
|
|
|
echo -e "${CYAN}━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━${NC}"
|
|
echo -e "${CYAN} Cloudflare WARP Installation${NC}"
|
|
echo -e "${CYAN}━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━${NC}"
|
|
echo ""
|
|
|
|
# Check if already installed
|
|
if command -v warp-cli &>/dev/null; then
|
|
echo -e "${YELLOW}Cloudflare WARP is already installed${NC}"
|
|
warp-cli --version
|
|
echo ""
|
|
read -p "Reinstall? [y/N] " -n 1 -r
|
|
echo
|
|
if [[ ! $REPLY =~ ^[Yy]$ ]]; then
|
|
echo -e "${GREEN}Skipping installation${NC}"
|
|
exit 0
|
|
fi
|
|
fi
|
|
|
|
# Detect distro
|
|
if [[ -f /etc/os-release ]]; then
|
|
. /etc/os-release
|
|
DISTRO_ID="${ID:-unknown}"
|
|
DISTRO_CODENAME="${VERSION_CODENAME:-$(lsb_release -cs 2>/dev/null || echo 'unknown')}"
|
|
else
|
|
echo -e "${RED}Cannot detect distribution${NC}"
|
|
exit 1
|
|
fi
|
|
|
|
echo -e "${GREEN}Detected:${NC} $DISTRO_ID ($DISTRO_CODENAME)"
|
|
echo ""
|
|
|
|
# Handle Debian trixie/sid -> use bookworm packages
|
|
case "$DISTRO_CODENAME" in
|
|
trixie|sid|testing)
|
|
echo -e "${YELLOW}Note: Using bookworm packages for $DISTRO_CODENAME${NC}"
|
|
DISTRO_CODENAME="bookworm"
|
|
;;
|
|
esac
|
|
|
|
# Add Cloudflare GPG key
|
|
echo -e "${GREEN}[1/4]${NC} Adding Cloudflare GPG key..."
|
|
curl -fsSL https://pkg.cloudflareclient.com/pubkey.gpg | sudo gpg --yes --dearmor --output /usr/share/keyrings/cloudflare-warp-archive-keyring.gpg
|
|
|
|
# Fix permissions (must be world-readable for apt)
|
|
sudo chmod 644 /usr/share/keyrings/cloudflare-warp-archive-keyring.gpg
|
|
|
|
# Add repository
|
|
echo -e "${GREEN}[2/4]${NC} Adding Cloudflare repository..."
|
|
echo "deb [signed-by=/usr/share/keyrings/cloudflare-warp-archive-keyring.gpg] https://pkg.cloudflareclient.com/ ${DISTRO_CODENAME} main" | sudo tee /etc/apt/sources.list.d/cloudflare-client.list > /dev/null
|
|
|
|
# Update and install
|
|
echo -e "${GREEN}[3/4]${NC} Updating package lists..."
|
|
sudo apt-get update
|
|
|
|
echo -e "${GREEN}[4/4]${NC} Installing cloudflare-warp..."
|
|
sudo apt-get install -y cloudflare-warp
|
|
|
|
echo ""
|
|
echo -e "${CYAN}━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━${NC}"
|
|
echo -e "${GREEN}✓${NC} Cloudflare WARP installed successfully"
|
|
echo -e "${CYAN}━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━${NC}"
|
|
echo ""
|
|
echo -e "${YELLOW}First-time setup:${NC}"
|
|
echo -e " ${CYAN}warp-cli registration new${NC} # Register device (one-time)"
|
|
echo -e " ${CYAN}warp-cli connect${NC} # Connect to WARP"
|
|
echo ""
|
|
echo -e "${YELLOW}Common commands:${NC}"
|
|
echo -e " ${CYAN}warp-cli status${NC} # Check connection status"
|
|
echo -e " ${CYAN}warp-cli disconnect${NC} # Disconnect"
|
|
echo -e " ${CYAN}warp-cli set-mode doh${NC} # DNS-over-HTTPS only (no VPN)"
|
|
echo -e " ${CYAN}warp-cli set-mode warp${NC} # Full WARP routing"
|
|
echo ""
|