Add wireguardConfigGenerator.sh

This commit is contained in:
Stephen Seo 2021-05-12 20:06:36 +09:00
parent 6bea261bf1
commit d1c6a428f5

138
wireguardConfigGenerator.sh Executable file
View file

@ -0,0 +1,138 @@
#!/bin/bash
set -e
function print_help {
echo "Generates config for wireguard"
echo "-h - prints this help"
echo "-n <name> - gives a name to the config"
echo "-c <count> - number of clients to generate for"
echo "-i <ipv4_third> - sets the third byte of the ipv4"
echo "-e <endpoint> - ip address or domain name (required)"
echo "-p <port> - listen port of server (defaults to 50000)"
echo "-k - enables persistent keepalive for clients"
echo "-o <directory> - output dir to place configs (required)"
}
WGNAME="wg$(date | sha1sum | head -c 8)"
CLIENT_COUNT=1
IPV4_FIRST=10
IPV4_SECOND=8
IPV4_THIRD=0 # this can be modified with "-i <integer>"
# IPV4_FOURTH is generated automatically. Server starts with 1, and clients increment afterward.
SERVER_ENDPOINT="REQUIRED"
SERVER_LISTEN_PORT=50000
ENABLE_PERSISTENT_KEEPALIVE=0
CONFIG_OUTPUT_DIRECTORY="REQUIRED"
# OPTARG
while getopts 'hn:c:i:e:p:ko:' opt; do
if [ "$opt" == "?" ]; then
print_help
exit 1
elif [ "$opt" == "h" ]; then
print_help
exit 0
elif [ "$opt" == "n" ]; then
WGNAME="$OPTARG"
elif [ "$opt" == "c" ]; then
CLIENT_COUNT="$OPTARG"
elif [ "$opt" == "i" ]; then
IPV4_THIRD="$OPTARG"
elif [ "$opt" == "e" ]; then
SERVER_ENDPOINT="$OPTARG"
elif [ "$opt" == "p" ]; then
SERVER_LISTEN_PORT="$OPTARG"
if [[ ! "${SERVER_LISTEN_PORT}" =~ [0-9]+ ]]; then
echo "ERROR: Given port is not a number"
exit 5
elif (($SERVER_LISTEN_PORT > 65536)); then
echo "ERROR: Given port is too large"
exit 6
fi
elif [ "$opt" == "k" ]; then
ENABLE_PERSISTENT_KEEPALIVE=1
elif [ "$opt" == "o" ]; then
CONFIG_OUTPUT_DIRECTORY="$OPTARG"
fi
done
if [ "$SERVER_ENDPOINT" == "REQUIRED" ]; then
echo "ERROR: Endpoint is not set with \"-e\" !"
exit 2
elif [ "$CONFIG_OUTPUT_DIRECTORY" == "REQUIRED" ]; then
echo "ERROR: Output directory is not set with \"-o\" !"
exit 3
elif [ ! -d "$CONFIG_OUTPUT_DIRECTORY" ]; then
echo "ERROR: dir set with \"-o\" is not a directory!"
exit 4
fi
echo "Creating config with name \"$WGNAME\" with \"$CLIENT_COUNT\" clients..."
mkdir -p "$HOME/temp"
TEMP_DIR=$(mktemp -d -p "$HOME/temp")
# first create server config
SERVER_CONF="${TEMP_DIR}/${WGNAME}server.conf"
SERVER_PRK="$(wg genkey)"
SERVER_PUB="$(echo -n ${SERVER_PRK} | wg pubkey)"
echo "Creating server conf (will be appended to with client info)..."
cat >> "${SERVER_CONF}" <<EOF
[Interface]
Address = ${IPV4_FIRST}.${IPV4_SECOND}.${IPV4_THIRD}.1/24
ListenPort = ${SERVER_LISTEN_PORT}
PrivateKey = ${SERVER_PRK}
EOF
# generate config per each client
for ((i = 0; i < $CLIENT_COUNT; ++i)); do
CLIENT_CONF="${TEMP_DIR}/${WGNAME}client${i}.conf"
CLIENT_PRK="$(wg genkey)"
CLIENT_PUB="$(echo -n ${CLIENT_PRK} | wg pubkey)"
CLIENT_PRE="$(wg genpsk)"
echo "Appending client $((i + 1)) to server conf..."
cat >> "${SERVER_CONF}" <<EOF
[Peer]
PublicKey = ${CLIENT_PUB}
PresharedKey = ${CLIENT_PRE}
AllowedIPs = ${IPV4_FIRST}.${IPV4_SECOND}.${IPV4_THIRD}.$((i + 2))/32
EOF
echo "Creating client $((i + 1)) conf..."
cat >> "${CLIENT_CONF}" <<EOF
[Interface]
Address = ${IPV4_FIRST}.${IPV4_SECOND}.${IPV4_THIRD}.$((i + 2))/24
PrivateKey = ${CLIENT_PRK}
[Peer]
PublicKey = ${SERVER_PUB}
PresharedKey = ${CLIENT_PRE}
AllowedIPs = ${IPV4_FIRST}.${IPV4_SECOND}.${IPV4_THIRD}.1/32
Endpoint = ${SERVER_ENDPOINT}:${SERVER_LISTEN_PORT}
EOF
if (($ENABLE_PERSISTENT_KEEPALIVE)); then
cat >> "${CLIENT_CONF}" <<EOF
PersistentKeepAlive = 25
EOF
fi
done
# output configs to output directory
echo "Placing generated configs to output directory..."
cp -v "$SERVER_CONF" "${CONFIG_OUTPUT_DIRECTORY}/"
for ((i = 0; i < $CLIENT_COUNT; ++i)); do
cp -v "${TEMP_DIR}/${WGNAME}client${i}.conf" "${CONFIG_OUTPUT_DIRECTORY}/"
done
echo "Removing temporary directory..."
rm -rvf "$TEMP_DIR"
echo "Done. Configs should exist at \"$CONFIG_OUTPUT_DIRECTORY\" ."