++ tool to generate wireguard tunnels
This commit is contained in:
Nico Schottelius
parent
efdfb94c72
commit
8d4803b888
2 changed files with 68 additions and 0 deletions
1
wireguard/.gitignore
vendored
Normal file
1
wireguard/.gitignore
vendored
Normal file
|
|
@ -0,0 +1 @@
|
|||
*.conf
|
||||
67
wireguard/gen-tunnels.sh
Executable file
67
wireguard/gen-tunnels.sh
Executable file
|
|
@ -0,0 +1,67 @@
|
|||
#!/bin/sh
|
||||
# 2021-12-30
|
||||
# Nico Schottelius
|
||||
|
||||
if [ $# -ne 7 ] ; then
|
||||
echo $0 "v6|v4" vpngw vpnpubkey prefix mask start end
|
||||
echo "f.i. $0 v4 vpn-....ungleich.ch:51820 6BRnQ.. 192.0.0. 32 22 43"
|
||||
echo "f.i. $0 v6 vpn-....ungleich.ch:51820 6BRnQ.. 2a0a:e5c0: 48 22 333"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
v4v6=$1; shift
|
||||
vpngw=$1; shift
|
||||
vpnpub=$1; shift
|
||||
prefix=$1; shift
|
||||
mask=$1; shift
|
||||
start=$1; shift
|
||||
end=$1; shift
|
||||
|
||||
case "$v4v6" in
|
||||
v6)
|
||||
sep=":"
|
||||
allowed_ips="::/0"
|
||||
;;
|
||||
v4)
|
||||
sep="."
|
||||
allowed_ips="0.0.0.0/0"
|
||||
;;
|
||||
|
||||
*)
|
||||
echo "Unsupported, use v6 or v4" >&2
|
||||
exit 1
|
||||
;;
|
||||
esac
|
||||
|
||||
: > gw.conf
|
||||
|
||||
for ip in $(seq $start $end); do
|
||||
privkey=$(wg genkey)
|
||||
pubkey=$(echo $privkey | wg pubkey)
|
||||
|
||||
addr=$prefix${sep}${ip}/${mask}
|
||||
addr_nomask=$prefix${sep}${ip}
|
||||
file="vpn-${addr_nomask}.conf"
|
||||
echo "Writing ${file} and updating gw.conf"
|
||||
|
||||
cat <<EOF > $file
|
||||
[Interface]
|
||||
PrivateKey = $privkey
|
||||
ListenPort = 51820
|
||||
Address = ${addr}
|
||||
|
||||
[Peer]
|
||||
PublicKey = 6BRnQ+dmeFzVCH9RbM1pbJ7u3y3qrl+zUzzYCmC88kE=
|
||||
Endpoint = vpn-18515529.ungleich.ch:51820
|
||||
AllowedIPs = $allowed_ips
|
||||
|
||||
EOF
|
||||
cat <<EOF >> gw.conf
|
||||
|
||||
[Peer]
|
||||
PublicKey = ${pubkey}
|
||||
AllowedIPs = ${addr}
|
||||
EOF
|
||||
|
||||
|
||||
done
|
||||
Loading…
Reference in a new issue