boig01/network-scripts
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
network-scripts/wireguard/genconfig_simple
Guy Boisvert bd67283438 First Commit
2025-08-12 23:01:13 -04:00

431 lines
9.8 KiB
Bash
Executable file
Raw Permalink Blame History

#!/bin/bash
Version=250731-1953
debug=0
ScriptMode="" # Script gen mode for client: user or router
BOLD=$( tput bold)
NORMAL=$( tput sgr0)
RESET=$( tput sgr0)
NC=$( tput sgr0) # No color
BOLD=$( tput bold)
BLACK=$( tput setaf 0)
RED=$( tput setaf 1)
GREEN=$( tput setaf 2)
YELLOW=$( tput setaf 3)
BLUE=$( tput setaf 4)
MAGENTA=$( tput setaf 5)
CYAN=$( tput setaf 6)
WHITE=$( tput setaf 7)
DEFAULT=$( tput setaf 9)
#---ini file parameters list
unset PARAMS;
PARAMS=(
RtrInterface
Rtr_Addr_Admin
Rtr_Addr_Public
Rrt_Port
Rtr_Addr_Private
Rtr_CIDR_Mask
Rtr_PUB_KEY
Rtr_DNS
Rtr_Route_Subnet
)
#---A enlever apres testing
export RouterName=""
export RouterInterface=""
export DeviceName=""
export Company=""
export CORP=""
export UserName=""
#========== INTERNAL FUNCTIONS ================================================
#---------- function Info -----------------------------------------------------
#
# With date / time prefix
#
Info()
{
printf "${GREEN}%s ${NC} %s\n" "$( date +%F_%T )" "$*"
}
#---------- function Message --------------------------------------------------
#
# Send to STDOUT
#
function Message()
{
printf "\n${GREEN}[i] ${BLUE}%s${NC}\n" "$*"
}
#---------- ip2int ------------------------------------------------------------
#
function ip2int()
{
local a b c d
{ IFS=. read a b c d; } <<< $1
echo $(((((((a << 8) | b) << 8) | c) << 8) | d))
}
#---------- int2ip ------------------------------------------------------------
#
function int2ip()
{
local ui32=$1; shift
local ip n
for n in 1 2 3 4; do
ip=$((ui32 & 0xff))${ip:+.}$ip
ui32=$((ui32 >> 8))
done
echo $ip
}
#---------- RouterCommand -----------------------------------------------------
#
function RouterConnect()
{
local Command="$"
}
#---------- CreateUser --------------------------------------------------------
#
function CreateUser()
{
local RouterName=$1
local RouterInterface=$2
local UserNumber=$3
local UserName=$4
local debug=0
RouterCfg="${RouterName}.cfg"
#---Read values from config file
for PARAM in "${PARAMS[@]}"
do
eval local ${PARAM}=$(sed -nr "/^\[${RouterName}\]/ { :l /^${PARAM}[ ]*=/ { s/[^=]*=[ ]*//; p; q;}; n; b l;}" $RouterCfg)
done
Digits=000
Temp="${Digits}${UserNumber}"
ClientNumPad=$(echo ${Temp:(-${#Digits})})
IFS=. read -r octet1 octet2 octet3 octet4 <<< "$Rtr_Addr_Private"
Subnet="${octet1}.${octet2}.${octet3}"
UserAddress=${Subnet}.${UserNumber}/32
Message "Subnet : $Subnet"
Message "ClientNumPad : $ClientNumPad"
((debug)) && echo -e "
DEBUG - CreateUser
User Number = $1
UserName = $2
UserName = $3
UserAddress = $UserAddress
Rtr_Addr_Public = $Rtr_Addr_Public
Rrt_Port = $Rrt_Port
RouterInterface = $RouterInterface
Rtr_Addr_Private = $Rtr_Addr_Private
Rtr_CIDR_Mask = $Rtr_CIDR_Mask
Rtr_PUB_KEY = $Rtr_PUB_KEY
Subnet = $Subnet
Rtr_DNS = $Rtr_DNS
Rtr_Route_Subnet = $Rtr_Route
" | column -t && exit
CLIENT_PRIV_KEY=$(wg genkey)
CLIENT_PUB_KEY=$(echo "${CLIENT_PRIV_KEY}" | wg pubkey)
CLIENT_PRE_SHARED_KEY=$(wg genpsk)
ROUTER_PUB_KEY="$RouterPubKey"
CLIENT_FILE_PREFIX="U-${ClientNumPad}-${UserName}"
CLIENT_FILE_WIN="${CLIENT_FILE_PREFIX}.conf"
CLIENT_FILE_RTR="${CLIENT_FILE_PREFIX}.Peer.rsc"
echo -e "\nClient:
${GREEN}---------------------------------------------------------${NC}"
echo -e "[Interface]
PrivateKey = ${CLIENT_PRIV_KEY}
ListenPort = 51821
Address = ${UserAddress}
DNS = ${Rtr_DNS}
[Peer]
PublicKey = ${Rtr_PUB_KEY}
PresharedKey = ${CLIENT_PRE_SHARED_KEY}
AllowedIPs = ${Rtr_Route_Subnet}
Endpoint = ${Rtr_Addr_Public}:${Rrt_Port}
PersistentKeepalive = 25
" | tee "${CLIENT_FILE_WIN}"
echo -e "\nRouter:
${GREEN}---------------------------------------------------------${NC}"
echo -e "/interface wireguard peers
add allowed-address=${Subnet}.${UserNumber}/32 disabled=no name=\"${UserName}\" interface=${RouterInterface} \\
preshared-key=\"${CLIENT_PRE_SHARED_KEY}\" public-key=\"${CLIENT_PUB_KEY}\""| tee "${CLIENT_FILE_RTR}"
Message "QR Code:"
qrencode -t ansiutf8 -l L < "${CLIENT_FILE_WIN}"
qrencode -l L -s 6 -d 225 -o "${CLIENT_FILE_WIN}.png" < "${CLIENT_FILE_WIN}"
Message "Generated User Files:"
ls -1 ${CLIENT_FILE_PREFIX}*
}
#---------- CreateRouter ------------------------------------------------------
#
function CreateRouter()
{
local debug=1
local RouterNum="$1"
local RouterSubnet="$2"
local Corp="$3"
local BaseDir="${BaseDir}/${Corp}" # BaseDir global variable
local WgRtrDir="${BaseDir}/routers"
#---Create paths if not there
[ ! -d "$WgRtrDir" ] && mkdir -p "${WgRtrDir}"
RTR_PRIV_KEY=$(wg genkey)
Endpoint_Rtr_PUB_KEY=$(echo "${RTR_PRIV_KEY}" | wg pubkey)
RTR_PRE_SHARED_KEY=$(wg genpsk)
RTR_NUM=$(printf "%03d" $1)
RTR_FILE_PREFIX="${RTR_NUM}-Router"
RTR_FILE_RTR="${WgRtrDir}/${RTR_FILE_PREFIX}_Client.rsc"
RTR_FILE_RTR_ENDPOINT="${WgRtrDir}/${RTR_FILE_PREFIX}_Endpoint.rsc"
((debug)) && echo -e "
Corp = $Corp
RTR_NUM = $RTR_NUM
CLIENT_FILE_RTR = $RTR_FILE_RTR
BaseDir = $BaseDir
PreShared Key = $RTR_PRE_SHARED_KEY
" && exit
[ -d "${BaseDir}" ] && Message "Creating dir ${BaseDir}" && mkdir -p "${BaseDir}"
Message "Generated output files:"
echo -e "${GREEN}---------------------------------------------------------${NC}
${RTR_FILE_RTR}
${RTR_FILE_RTR_ENDPOINT}
"
Message "Client Router Config:"
echo -e "${GREEN}---------------------------------------------------------${NC}"
echo -e "/interface wireguard
add listen-port=13239 mtu=1420 name=wg01 private-key=\"${RTR_PRIV_KEY}\"
/ip address add address=172.18.1.${RouterNum}/32 comment=wg-wg01 interface=wg01
/interface wireguard peers add allowed-address=172.16.18.254 client-keepalive=10 disabled=no comment=\"CCR1 Montreal\" interface=wg01 \\
endpoint-address=${Endpoint_Rtr_Addr_Public} endpoint-port=${Endpoint_Rrt_Port} preshared-key=\"${RTR_PRE_SHARED_KEY}\" public-key=\"${Endpoint_Rtr_PUB_KEY}\"
/system script add dont-require-permissions=no name=ping-CCR1 owner=admin policy=ftp,reboot,read,write,policy,test,password,sniff,sensitive,romon source=\\
\"/ping interval=10 10.1.8.11 count=61\"
/system/scheduler add interval=10m name=Ping-CCR1 on-event=\"/system/script/run ping-CCR1\" policy=ftp,reboot,read,write,policy,test,password,sniff,sensitive,romon start-date=apr/02/2022 start-time=12:00:00 " \
| tee "${RTR_FILE_RTR}"
#echo -e "\n"
Message "${EndpointID} endpoint Config:"
echo -e "${GREEN}---------------------------------------------------------${NC}"
echo -e "/interface wireguard peers add allowed-address=10.1.41.${RouterNum}/32,${RouterSubnet} disabled=no comment=\"Router ${RouterNum} ${NameRouter}\" \\
interface=WG-Routers preshared-key=\"${RTR_PRE_SHARED_KEY}\" public-key=\"${Endpoint_Rtr_PUB_KEY}\"
/ip route add dst-address=${RouterSubnet} gateway=10.1.41.${RouterNum}" \
| tee "${RTR_FILE_RTR_ENDPOINT}"
}
#---------- GetRouter_Infos ----------------------------------------------------
#
function GetRouter_Infos()
{
local RouterName="$1"
local IniFile="${1}.cfg"
local debug=0
((debug)) && echo -e "\nIniFile = ${IniFile}\n"
#read -p "Entrer l'interface du router: " RouterInterface
echo -e "[${RouterName}]" >> ${IniFile}
for PARAM in "${PARAMS[@]}"
do
echo -e "\nPARAM = $PARAM"
eval 'read -p "Entrer ${PARAM} " Value'
eval 'echo ${PARAM}=${Value} >> ${IniFile}'
done
((debug)) && echo "${FUNCNAME[0]} exit"
}
#---------- Help ---------------------------------------------------------------
#
function Help() {
cat << EOF
usage: $(basename "$0") [OPTIONS]
-a Debug mode
-d Device Name
-h Show this message
-i Interactive
-u User Name
-n User / Device number
EOF
}
#================= MAIN =======================================================
#
((!$#)) && Help && exit
while getopts ad:hi:n:qu: option
do
case "${option}" in
a) debug=1
;;
d) DeviceName="${OPTARG}"
;;
h) Help
exit
;;
i) Interactive
exit
;;
n) UserNumber="${OPTARG}"
;;
u) UserName="${OPTARG}"
;;
*) Message "Usage (bad argument: $OPTARG)"
exit 1
;;
esac
done
#---Init global variables
#for PARAM in "${PARAMS[@]}"
#do
# eval export '${PARAM}=""'
# done
if [[ ! -z ${UserName} ]] # User mode prioritised if both specified
then
ScriptMode=User
Message "User mode"
elif [[ ! -z ${DeviceName} ]]
then
ScriptMode=Device
Message "Device mode"
else
Message "Must use either -u or -d"
exit
fi
CfgNum=$(find . -maxdepth 1 -iname "*.cfg" |wc -l)
Message "Avant demande router infos"
if [[ $CfgNum -eq 1 ]]
then
RouterCfg=$(find . -maxdepth 1 -iname "*.cfg" -printf "%f")
RouterName="${RouterCfg%.*}"
else
read -p "Entrer Nom du Router: " RouterName
((debug)) && echo -e "Router Name = ${RouterName}"
GetRouter_Infos "${RouterName}"
RouterCfg=${RouterName}.cfg
fi
((debug)) && echo -e "
Après GetRouter_Infos
RouterName : $RouterName
RouterInterface : $RouterInterface
"
for PARAM in "${PARAMS[@]}"
do
eval ${PARAM}=$(sed -nr "/^\[${RouterName}\]/ { :l /^${PARAM}[ ]*=/ { s/[^=]*=[ ]*//; p; q;}; n; b l;}" $RouterCfg)
done
echo -e "Avant Create User"
((debug)) && echo -e "
RouterName = $RouterName
DeviceName = $DeviceName
UserNumber = $UserNumber
UserName = $UserName
Rtr_Addr_Admin = $Rtr_Addr_Admin
Rtr_Addr_Public = $Rtr_Addr_Public
Rrt_Port = $Rrt_Port
RtrInterface = $RtrInterface
Rtr_Addr_Private = $Rtr_Addr_Private
Rtr_CIDR_Mask = $Rtr_CIDR_Mask
Rtr_PUB_KEY = $Rtr_PUB_KEY
" | column -t && exit
case "${ScriptMode}" in
User) CreateUser ${RouterName} ${RtrInterface} ${UserNumber} ${UserName}
exit
;;
Router) CreateRouter ${RouterName} ${UserNumber} ${DeviceName}
;;
*) Message "Bad mode passed ${ScriptMode}"
exit 1
;;
esac
Message "All done."
Reference in a new issue View git blame Copy permalink