git Service of IN-Ulm e.V. Explore Help
Sign In
ulpeters
/
snippets
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Tree: 16aedfb80d
Branches Tags
snippets
/
linux
/
wireguard
/
create-config
/
wg-createconfig.sh

wg-createconfig.sh 1.7 KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384 
  1. #!/bin/bash
    2. 

  2. 

  3. # Setup keys, psk and config for a central wireguard server including peers
    4. 

  4. 

  5. # Dependencies
    6. 

  6. # apk add wireguard-tools libqrencode
    7. 

  7. 

  8. ### References
    9. 

  9. # https://wiki.archlinux.org/title/WireGuard
    10. 

  10. 

  11. # Source global variables
    12. 

  12. confdir='./config'
    13. 

  13. source ./config/server.cfg
    14. 

  14. 

  15. # ---------Functions-----------
    16. 

  16. 

  17. ## Create key-pair
    18. 

  18. wgkeypair() { wg genkey | (umask 0077 && tee   $1.key) | wg pubkey > $1.pub; }
    19. 

  19. 

  20. ## Create psk
    21. 

  21. wgpsk()     { wg genpsk | (umask 0077 && cat > $1.psk) } 
    22. 

  22. 

  23. ## Create peer config file
    24. 

  24. wgconfig() {
    25. 

  25.   peer=$1
    26. 

  26.   ip=$2
    27. 

  27. 

  28.   cat >$confdir/$peer.conf <<EOL
    29. 

  29. # Client config for $peer
    30. 

  30. [Interface]
    31. 

  31. PrivateKey = `cat $confdir/$peer.key`
    32. 

  32. Address = $ip
    33. 

  33. DNS = $dns
    34. 

  34.  
    35. 

  35. [Peer]
    36. 

  36. PublicKey = `cat $confdir/$servername.pub`
    37. 

  37. AllowedIPs = $network
    38. 

  38. Endpoint = $servername:$serverport
    39. 

  39. PersistentKeepalive = 15
    40. 

  40. PresharedKey = `cat $confdir/$peer.psk`
    41. 

  41. EOL
    42. 

  42. 

  43.   qrencode  -t ANSIUTF8 -r $confdir/$peer.conf > $peer-qr.txt
    44. 

  44.   qrencode  -t png -r $confdir/$peer.conf > $peer.png
    45. 

  45. }
    46. 

  46. 

  47. 

  48. # ---------Functions-----------
    49. 

  49. 

  50. ## Create and move to output folder
    51. 

  51. mkdir -p $confdir
    52. 

  52. cd $confdir
    53. 

  53. 

  54. ## Create server keys
    55. 

  55. wgkeypair $servername
    56. 

  56. 

  57. ## Create server config
    58. 

  58. echo debug $confdir/$servername.conf
    59. 

  59. cat >$confdir/$servername.conf <<EOL
    60. 

  60. # Config for $peer
    61. 

  61. [Interface]
    62. 

  62. PrivateKey = `cat $confdir/$servername.key`
    63. 

  63. Address = $serverip
    64. 

  64. DNS = $dns
    65. 

  65. EOL
    66. 

  66. 

  67. ## Create peers' key-pair, psk and config from peers.cfg
    68. 

  68. while read peer;
    69. 

  69.  do
    70. 

  70.      ip=`echo $peer | cut -d' ' -f1`
    71. 

  71.    host=`echo $peer | cut -d' ' -f2`
    72. 

  72.    
    73. 

  73.    wgkeypair $host
    74. 

  74.    wgpsk $host
    75. 

  75.    wgconfig $host $ip
    76. 

  76. 

  77.    # Add peers to server config
    78. 

  78.       cat >>$confdir/$servername.conf <<EOL
    79. 

  79. [Peer]
    80. 

  80. PublicKey = `cat $confdir/$host.pub`
    81. 

  81. AllowedIPs = $ip
    82. 

  82. PresharedKey = `cat $confdir/$host.psk`
    83. 

  83. EOL
    84. 

  84.  done < peers.cfg
    85.