ungleich-tools/wireguard/gen-tunnels.sh
2023-04-20 13:52:24 +02:00

68 lines
1.2 KiB
Bash
Executable file

#!/bin/sh
# 2021-12-30
# Nico Schottelius
if [ $# -ne 7 ] ; then
echo $0 "v6|v4" vpngw vpnpubkey prefix mask start end
echo "f.i. $0 v4 vpn-....ungleich.ch:51820 6BRnQ.. 192.0.0. 32 22 43"
echo "f.i. $0 v6 vpn-....ungleich.ch:51820 6BRnQ.. 2a0a:e5c0: 48 22 333"
exit 1
fi
v4v6=$1; shift
vpngw=$1; shift
vpnpub=$1; shift
prefix=$1; shift
mask=$1; shift
start=$1; shift
end=$1; shift
case "$v4v6" in
v6)
sep=":"
allowed_ips="::/0"
gw_mask="/128"
;;
v4)
sep="."
allowed_ips="0.0.0.0/0"
gw_mask="/32"
;;
*)
echo "Unsupported, use v6 or v4" >&2
exit 1
;;
esac
: > gw.conf
for ip in $(seq $start $end); do
privkey=$(wg genkey)
pubkey=$(echo $privkey | wg pubkey)
addr=$prefix${sep}${ip}/${mask}
addr_nomask=$prefix${sep}${ip}
file="${addr_nomask}.conf"
echo "Writing ${file} and updating gw.conf"
cat <<EOF > $file
[Interface]
PrivateKey = ${privkey}
Address = ${addr}
[Peer]
PublicKey = ${vpnpub}
Endpoint = ${vpngw}
AllowedIPs = ${allowed_ips}
EOF
cat <<EOF >> gw.conf
[Peer]
PublicKey = ${pubkey}
AllowedIPs = ${addr_nomask}${gw_mask}
EOF
done