git Service of IN-Ulm e.V. Explore Help
Sign In
ulpeters
/
snippets
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Tree: 55b575347a
Branches Tags
snippets
/
linux
/
wireguard
/
create-config
/
wg-createconfig.sh

wg-createconfig.sh 1.6 KB
History Raw

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576777879808182 
  1. #!/bin/bash
    2. 

  2. 

  3. # Setup keys, psk and config for a central wireguard server including peers
    4. 

  4. 

  5. # Dependencies
    6. 

  6. # apk add wireguard-tools libqrencode
    7. 

  7. 

  8. ### References
    9. 

  9. # https://wiki.archlinux.org/title/WireGuard
    10. 

  10. 

  11. # Source global variables
    12. 

  12. source server.cfg
    13. 

  13. 

  14. # ---------Functions-----------
    15. 

  15. 

  16. ## Create key-pair
    17. 

  17. wgkeypair() { wg genkey | (umask 0077 && tee   $1.key) | wg pubkey > $1.pub; }
    18. 

  18. 

  19. ## Create psk
    20. 

  20. wgpsk()     { wg genpsk | (umask 0077 && cat > $1.psk) } 
    21. 

  21. 

  22. ## Create peer config file
    23. 

  23. wgconfig() {
    24. 

  24.   peer=$1
    25. 

  25.   ip=$2
    26. 

  26. 

  27.   cat >$confdir/$peer.conf <<EOL
    28. 

  28. # Client config for $peer
    29. 

  29. [Interface]
    30. 

  30. PrivateKey = `cat $confdir/$peer.key`
    31. 

  31. Address = $ip
    32. 

  32. DNS = $dns
    33. 

  33.  
    34. 

  34. [Peer]
    35. 

  35. PublicKey = `cat $confdir/$servername.pub`
    36. 

  36. AllowedIPs = $network
    37. 

  37. Endpoint = $servername:$serverport
    38. 

  38. PersistentKeepalive = 15
    39. 

  39. PresharedKey = `cat $confdir/$peer.psk`
    40. 

  40. EOL
    41. 

  41. 

  42.   qrencode  -t ANSIUTF8 -r $confdir/$peer.conf > $peer-qr.txt
    43. 

  43.   qrencode  -t png -r $confdir/$peer.conf > $peer.png
    44. 

  44. }
    45. 

  45. 

  46. 

  47. # ---------Functions-----------
    48. 

  48. 

  49. ## Create and move to output folder
    50. 

  50. mkdir -p $confdir
    51. 

  51. cd $confdir
    52. 

  52. 

  53. ## Create server keys
    54. 

  54. wgkeypair $servername
    55. 

  55. 

  56. ## Create server config
    57. 

  57.    cat >$confdir/$servername.conf <<EOL
    58. 

  58. # Config for $peer
    59. 

  59. [Interface]
    60. 

  60. PrivateKey = `cat $confdir/$servername.key`
    61. 

  61. Address = $serverip
    62. 

  62. DNS = $dns
    63. 

  63. EOL
    64. 

  64. 

  65. ## Create peers' key-pair, psk and config from peers.cfg
    66. 

  66. while read peer;
    67. 

  67.  do
    68. 

  68.      ip=`echo $peer | cut -d' ' -f1`
    69. 

  69.    host=`echo $peer | cut -d' ' -f2`
    70. 

  70.    
    71. 

  71.    wgkeypair $host
    72. 

  72.    wgpsk $host
    73. 

  73.    wgconfig $host $ip
    74. 

  74. 

  75.    # Add peers to server config
    76. 

  76.       cat >>$confdir/$servername.conf <<EOL
    77. 

  77. [Peer]
    78. 

  78. PublicKey = `cat $confdir/$host.pub`
    79. 

  79. AllowedIPs = $ip
    80. 

  80. PresharedKey = `cat $confdir/$host.psk`
    81. 

  81. EOL
    82. 

  82.  done < peers.cfg
    83.