This repository has been archived by the owner on Jun 8, 2024. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 3
/
Copy pathgen_wireguard_conf
executable file
·33 lines (28 loc) · 1.81 KB
/
gen_wireguard_conf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
#!/bin/bash -ue
SCRIPT_DIR=$( cd -- "$( dirname -- "${BASH_SOURCE[0]}" )" &> /dev/null && pwd )
CREDS_FILE="${CREDS_FILE:-"creds.env"}"
[ -f "$CREDS_FILE" ] && source "$CREDS_FILE"
PRIVADO_DATA_DIR="${PRIVADO_DATA_DIR:-"$SCRIPT_DIR/data"}"
WIREGUARD_TEMPLATE_FILE="${WIREGUARD_TEMPLATE_FILE:-"$SCRIPT_DIR/wireguard.tmpl"}"
command -v jq >/dev/null 2>&1 || { echo >&2 "I require jq but it's not installed. Aborting."; exit 254; }
generate_config() {
SERVER_NAME="${1-}"
JSON_FILE="$PRIVADO_DATA_DIR/wg_$SERVER_NAME.json"
[ -f "$JSON_FILE" ] || { echo >&2 "ERROR: missing json file"; return 255; }
WG_INTERFACE_IP="${2-}"
[ -n "$WG_INTERFACE_IP" ] || { echo >&2 "ERROR: missing wg interface ip"; return 255; }
OUTPUT_FILE="${3:-"$PRIVADO_DATA_DIR/wg_${SERVER_NAME}_${WG_INTERFACE_IP}.conf"}"
CLIENT_LISTENPORT="${4-}"
export WIREGUARD_DNS_SERVERS="${WIREGUARD_DNS_SERVERS:-"198.18.0.1 198.18.0.2"}"
export WIREGUARD_PEER_KEEP_ALIVE="${WIREGUARD_PEER_KEEP_ALIVE:-"25"}"
export WIREGUARD_PEER_ALLOWED_IPS="${WIREGUARD_PEER_ALLOWED_IPS:-"0.0.0.0/0"}"
export WIREGUARD_LISTENPORT="${WIREGUARD_LISTENPORT:-"51820"}"
WIREGUARD_JSON="$(jq -e --arg wg_ip_address "$WG_INTERFACE_IP" '.[] | select(.WGIPAddress == $wg_ip_address)' "$JSON_FILE")" || { echo >&2 "ERROR: cannot find wg_ip_address $WG_INTERFACE_IP in $JSON_FILE"; return 100; }
[ -f "$WIREGUARD_TEMPLATE_FILE" ] || { echo >&2 "ERROR: cannot find template file $WIREGUARD_TEMPLATE_FILE"; exit 200; }
eval export $(jq -r '.[0] | to_entries|map("\(.key)=\(.value|tostring)")|.[]' "$JSON_FILE")
mkdir -p "$(dirname "$OUTPUT_FILE")"
envsubst < "$WIREGUARD_TEMPLATE_FILE" | sed -e 's/§/$/g' >"$OUTPUT_FILE"
}
generate_config $@ \
&& echo "Successfully generated wireguard config $OUTPUT_FILE" \
|| echo >&2 "ERROR: failed to generate wireguard config $OUTPUT_FILE"