++ tool to generate wireguard tunnels

This commit is contained in:
Nico Schottelius 2021-12-31 16:03:13 +01:00
parent efdfb94c72
commit 8d4803b888
2 changed files with 68 additions and 0 deletions

1
wireguard/.gitignore vendored Normal file
View file

@ -0,0 +1 @@
*.conf

67
wireguard/gen-tunnels.sh Executable file
View file

@ -0,0 +1,67 @@
#!/bin/sh
# 2021-12-30
# Nico Schottelius
if [ $# -ne 7 ] ; then
echo $0 "v6|v4" vpngw vpnpubkey prefix mask start end
echo "f.i. $0 v4 vpn-....ungleich.ch:51820 6BRnQ.. 192.0.0. 32 22 43"
echo "f.i. $0 v6 vpn-....ungleich.ch:51820 6BRnQ.. 2a0a:e5c0: 48 22 333"
exit 1
fi
v4v6=$1; shift
vpngw=$1; shift
vpnpub=$1; shift
prefix=$1; shift
mask=$1; shift
start=$1; shift
end=$1; shift
case "$v4v6" in
v6)
sep=":"
allowed_ips="::/0"
;;
v4)
sep="."
allowed_ips="0.0.0.0/0"
;;
*)
echo "Unsupported, use v6 or v4" >&2
exit 1
;;
esac
: > gw.conf
for ip in $(seq $start $end); do
privkey=$(wg genkey)
pubkey=$(echo $privkey | wg pubkey)
addr=$prefix${sep}${ip}/${mask}
addr_nomask=$prefix${sep}${ip}
file="vpn-${addr_nomask}.conf"
echo "Writing ${file} and updating gw.conf"
cat <<EOF > $file
[Interface]
PrivateKey = $privkey
ListenPort = 51820
Address = ${addr}
[Peer]
PublicKey = 6BRnQ+dmeFzVCH9RbM1pbJ7u3y3qrl+zUzzYCmC88kE=
Endpoint = vpn-18515529.ungleich.ch:51820
AllowedIPs = $allowed_ips
EOF
cat <<EOF >> gw.conf
[Peer]
PublicKey = ${pubkey}
AllowedIPs = ${addr}
EOF
done