++ tool to generate wireguard tunnels

wireguard/.gitignore

@@ -0,0 +1 @@
+*.conf

wireguard/gen-tunnels.sh

@@ -0,0 +1,67 @@
+#!/bin/sh
+# 2021-12-30
+# Nico Schottelius
+
+if [ $# -ne 7 ] ; then
+    echo $0 "v6|v4" vpngw vpnpubkey prefix mask start end
+    echo "f.i. $0 v4 vpn-....ungleich.ch:51820 6BRnQ.. 192.0.0. 32 22 43"
+    echo "f.i. $0 v6 vpn-....ungleich.ch:51820 6BRnQ.. 2a0a:e5c0: 48 22 333"
+    exit 1
+fi
+
+v4v6=$1; shift
+vpngw=$1; shift
+vpnpub=$1; shift
+prefix=$1; shift
+mask=$1; shift
+start=$1; shift
+end=$1; shift
+
+case "$v4v6" in
+    v6)
+        sep=":"
+        allowed_ips="::/0"
+        ;;
+    v4)
+        sep="."
+        allowed_ips="0.0.0.0/0"
+        ;;
+
+    *)
+        echo "Unsupported, use v6 or v4" >&2
+        exit 1
+        ;;
+esac
+
+: > gw.conf
+
+for ip in $(seq $start $end); do
+    privkey=$(wg genkey)
+    pubkey=$(echo $privkey | wg pubkey)
+
+    addr=$prefix${sep}${ip}/${mask}
+    addr_nomask=$prefix${sep}${ip}
+    file="vpn-${addr_nomask}.conf"
+    echo "Writing ${file} and updating gw.conf"
+
+    cat <<EOF > $file
+[Interface]
+PrivateKey = $privkey
+ListenPort = 51820
+Address = ${addr}
+
+[Peer]
+PublicKey = 6BRnQ+dmeFzVCH9RbM1pbJ7u3y3qrl+zUzzYCmC88kE=
+Endpoint = vpn-18515529.ungleich.ch:51820
+AllowedIPs = $allowed_ips
+
+EOF
+    cat <<EOF >> gw.conf
+
+[Peer]
+PublicKey = ${pubkey}
+AllowedIPs = ${addr}
+EOF
+
+
+done