boig01/network-scripts
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
network-scripts/wireguard/real/genconfig
Guy Boisvert bd67283438 First Commit
2025-08-12 23:01:13 -04:00

288 lines
7.3 KiB
Bash
Executable file
Raw Blame History

#!/bin/bash
Version=240226-1434
debug=0
CORP=EVOQ
Rtr_CCR1_Addr="d90d0d815e13.sn.mynetname.net"
Rtr_CCR1_Port="13232"
Usr_CCR1_Addr="d90d0d815e13.sn.mynetname.net"
Usr_CCR1_Port="13233"
ScriptName=$(basename "$0")
BaseDir="/home/boig01/temp/wireguard/real"
WgRtrDir="${BaseDir}/routers"
WgUsrDir="${BaseDir}/users"
RTR_CCR1_PUB_KEY="9au45IDNJhHDNtN+LIpJDyMFTEYdN9WOSSHEJS8WRmw="
USR_CCR1_PUB_KEY="vaH/ozwjGfhC1ODOJZ6PExwDNTRlms2kU43xmGi67yg="
NumUser=0
NumRouter=0
NameUser=0
Mode=0
YELLOW='\033[0;33«m'
GREEN='\033[0;32m'
RED='\033[0;31m'
BLUE='\033[0;34m'
NC='\033[0m' # No Color
# Create paths if not there
[ ! -d "$WgRtrDir" ] && mkdir -p "${WgRtrDir}"
[ ! -d "$WgUsrDir" ] && mkdir -p "${WgUsrDir}"
Start_Subnet=10.1.32.0
Bits_Subnet=3
Subnet_Bits=$((32-Bits_Subnet)) # Router address subnet bits
NAPS=$((2**Bits_Subnet)) # Nombre d'Adresses Par Subnet
#=================== function Help ============================================
#
function Help()
{
echo -e "
WireGuard-MikroTik ${BLUE}${CORP}${NC} configurator
usage:
${ScriptName} [Options]
-n User # (Unique user number between 1 and 253)
-u User name (AdrianSmith)
-r Router # (EVOQ router #, like 1 or 11)
When in user mode, you must provide name & unique user number between 2 and 253.
This user number will be assigned an ip address 10.1.40.[user #].
" && exit
}
#=================== function Info =============================================
#
# Avec date / time prefix
#
Info() { printf "${GREEN}%s ${NC} %s\n" "$( date +%F_%T )" "$*" >&2; } # send to stderr
#=================== function Message ==========================================
#
#
Message() { printf "\n${GREEN}%s${NC}\n" "$*"; } # send to stdout
#=================== function ip2int ===========================================
#
ip2int()
{
local a b c d
{ IFS=. read a b c d; } <<< $1
echo $(((((((a << 8) | b) << 8) | c) << 8) | d))
}
#=================== function int2ip ===========================================
#
int2ip()
{
local ui32=$1; shift
local ip n
for n in 1 2 3 4; do
ip=$((ui32 & 0xff))${ip:+.}$ip
ui32=$((ui32 >> 8))
done
echo $ip
}
#======================== CreateUser ==========================================
#
function CreateUser()
{
ClientName=$1
ClientNum=$2
CLIENT_PRIV_KEY=$(wg genkey)
CLIENT_PUB_KEY=$(echo "${CLIENT_PRIV_KEY}" | wg pubkey)
CLIENT_PRE_SHARED_KEY=$(wg genpsk)
CLIENT_NUM=$(printf "%03d" $2)
CLIENT_FILE_PREFIX="${CLIENT_NUM}-${ClientName}"
CLIENT_FILE_WIN="${WgUsrDir}/${CLIENT_FILE_PREFIX}.conf"
CLIENT_FILE_RTR="${WgUsrDir}/${CLIENT_FILE_PREFIX}.CCR1.rsc"
((debug)) && echo -e "
ClientName = $1
CLIENT_NUM = $CLIENT_NUM
CLIENT_FILE_WIN = $CLIENT_FILE_WIN
CLIENT_FILE_RTR = $CLIENT_FILE_RTR
" && exit
echo -e "Client:
${GREEN}---------------------------------------------------------${NC}"
echo -e "[Interface]
PrivateKey = ${CLIENT_PRIV_KEY}
ListenPort = 51821
Address = 192.168.10.${ClientNum}/32
DNS = 192.168.10.1,1.1.1.1
[Peer]
PublicKey = ${USR_CCR1_PUB_KEY}
PresharedKey = ${CLIENT_PRE_SHARED_KEY}
AllowedIPs = 192.168.0.0/16
Endpoint = ${Usr_CCR1_Addr}:${Usr_CCR1_Port}
" | tee "${CLIENT_FILE_WIN}"
echo -e "\nCCR:
---------------------------------------------------------"
echo -e "/interface wireguard peers add
allowed-address=192.168.10.${ClientNum}/32 client-keepalive=10 disabled=no comment=\"User ${ClientName}\" interface=wg1 \\
preshared-key=\"${CLIENT_PRE_SHARED_KEY}\" public-key=\"${CLIENT_PUB_KEY}\""| tee "${CLIENT_FILE_RTR}"
}
#======================== CreateRouter ========================================
#
function CreateRouter()
{
RouterNum="$1"
RouterSubnet="$2"
RTR_PRIV_KEY=$(wg genkey)
RTR_PUB_KEY=$(echo "${RTR_PRIV_KEY}" | wg pubkey)
RTR_PRE_SHARED_KEY=$(wg genpsk)
RTR_NUM=$(printf "%03d" $1)
RTR_FILE_PREFIX="${RTR_NUM}-Router"
RTR_FILE_RTR="${WgRtrDir}/${RTR_FILE_PREFIX}.rsc"
RTR_FILE_RTR_CCR1="${WgRtrDir}/${RTR_FILE_PREFIX}.CCR1.rsc"
((debug)) && echo -e "
ClientName = $1
CLIENT_NUM = $RTR_NUM
CLIENT_FILE_RTR = $RTR_FILE_RTR
" && exit
Message "** Generated output files:"
echo -e "${GREEN}---------------------------------------------------------${NC}
${RTR_FILE_RTR}
${RTR_FILE_RTR_CCR1}
"
Message "** Router Client Config:"
echo -e "${GREEN}---------------------------------------------------------${NC}"
echo -e "/interface wireguard
add listen-port=13239 mtu=1420 name=wg01 private-key=\"${RTR_PRIV_KEY}\"
/ip address add address=10.1.41.${RouterNum}/32 comment=wg-wg01 interface=wg01
/ip route add dst-address=10.0.0.0/8 gateway=wg01
/ip route add dst-address=192.168.0.0/16 gateway=wg01
/interface wireguard peers add allowed-address=10.0.0.0/8,192.168.0.0/16 client-keepalive=10 disabled=no comment=\"CCR1 Montreal\" interface=wg01 \\
endpoint-address=${Rtr_CCR1_Addr} endpoint-port=${Rtr_CCR1_Port} preshared-key=\"${RTR_PRE_SHARED_KEY}\" public-key=\"${RTR_CCR1_PUB_KEY}\"
/system script add dont-require-permissions=no name=ping-CCR1 owner=admin policy=ftp,reboot,read,write,policy,test,password,sniff,sensitive,romon source=\\
\"/ping interval=10 10.1.8.11 count=61\"
/system/scheduler add interval=10m name=Ping-CCR1 on-event=\"/system/script/run ping-CCR1\" policy=ftp,reboot,read,write,policy,test,password,sniff,sensitive,romon start-date=apr/02/2022 start-time=12:00:00 " \
| tee "${RTR_FILE_RTR}"
#echo -e "\n"
Message "** CCR1 Config:"
echo -e "${GREEN}---------------------------------------------------------${NC}"
echo -e "/interface wireguard peers add allowed-address=10.1.41.${RouterNum}/32,${RouterSubnet} disabled=no comment=\"Router ${RouterNum}\" \\
interface=WG-Routers preshared-key=\"${RTR_PRE_SHARED_KEY}\" public-key=\"${RTR_PUB_KEY}\"
/ip route add dst-address=${RouterSubnet} gateway=10.1.41.${RouterNum}" \
| tee "${RTR_FILE_RTR_CCR1}"
}
#=================== function RrtSubnet ========================================
#
RtrSubnet()
{
local RtrNum=$1
BaseNum=$(ip2int $Start_Subnet) # Subnet de depart en format integer
Nth=$((RtrNum-1)) # Le router #1 est "0" dans la séquence de subnet, #2 est 1, etc
Nth=$((Nth*NAPS)) # Decimal a aditionner en fonction pour le Nth router
Subnet=$((BaseNum+Nth)) # Nth subnet calculé
# Subnet="${Subnet}/$(Bits_Subnet=3})"
echo -e "$(int2ip $Subnet)/${Subnet_Bits}"
}
#================ MAIN ========================================================
#
((!$#)) && Help && exit # If no command parameters passed, help and bail out
echo -e "\nWireGuard-MikroTik ${BLUE}${CORP}${NC} configurator version $Version\n"
while getopts dhn:r:u: option
do
case "${option}" in
d) debug=1
;;
h) Help
exit ;;
n) NumUser=${OPTARG}
Mode="User"
;;
r) NumRouter=${OPTARG}
Mode="Router"
;;
u) NameUser=${OPTARG}
;;
*) echo -e "Usage (bad argument: $OPTARG) \n"
exit 1;;
esac
done
((debug)) && echo -e "
NumRouter = ${NumRouter}
NumUser = ${NumUser}
RtrSubnet = $(RtrSubnet ${NumRouter})
" && exit
if [[ "${NumRouter}" -ne "0" && "${NumUser}" -ne "0" ]]
then
echo "** Error, can't use user and router # simulteaneously"
exit 1
fi
case "$Mode" in
User) CreateUser $NameUser $NumUser
exit
;;
Router) CreateRouter $NumRouter $(RtrSubnet ${NumRouter})
exit
;;
*) echo -e "\n** ERROR : User # was not provided"
Help
;;
esac
Reference in a new issue View git blame Copy permalink