Lab 2: Wireguard - squatchulator/Tech-Journal GitHub Wiki

peer.bash

#!/bin/bash

# Storyline: Create peer VPN configuration file
if [ $1 == "" ](/squatchulator/Tech-Journal/wiki/-$1-==-""-)
then
	# What is the peer's name?
	echo -n "What is the name for the peer?: "
	read the_client
else

	the_client="$1"
fi
# Filename Variable
pFile="${the_client}-wg0.conf"
echo "${pFile}"
# Check if the peer file exists
if [ -f "${pFile}" ](/squatchulator/Tech-Journal/wiki/--f-"${pFile}"-)
then
	echo "The file ${pFile} already exists."
	echo -n "Would you like to overwrite it? [Y|N]: "
	read to_overwrite
	
	if [ "${to_overwrite}" == "N" ](/squatchulator/Tech-Journal/wiki/|-"${to_overwrite}"-==-"n"-||-"${to_overwrite}"-==-""-)
	then
		echo "Exit..."
		exit 0
	elif [ "${to_overwrite}" == "Y" ](/squatchulator/Tech-Journal/wiki/|-"${to_overwrite}"-==-"y"-)
	then
		echo "Creating the wireguard configuration file..."
	else
		echo "Invalid value."
		exit 1
	fi
fi 

# Generate private key
p="$(wg genkey)"
# Generate public key
clientPub="$(echo ${p} | wg pubkey)"
# Generate a preshared key
pre="$(wg genpsk)"
# Endpoint
end="$(head -1 wg0.conf | awk ' { print $3 } ')"
# Server Public Key
pub="$(head -1 wg0.conf | awk ' { print $4 } ')"
# DNS Servers
dns="$(head -1 wg0.conf | awk ' { print $5 } ')"
# MTU
mtu="$(head -1 wg0.conf | awk ' { print $6 } ')"
# KeepAlive
keep="$(head -1 wg0.conf | awk ' { print $7 } ')"
# Listen Port
lport="$(shuf -n1 -i 40000-50000)"
# Default Routes for VPN
routes="$(head -1 wg0.conf | awk ' { print $8 } ')"

# Create the client (peer) configuration file
echo "[Interface]
Address = 10.254.132.100/24
DNS = ${dns}
ListenPort = ${lport}
MTU = ${mtu}
PrivateKey = ${p}

[Peer]
AllowedIPs = ${routes}
PersistentKeepAlive = ${keep}
PresharedKey =  ${pre}
PublicKey = ${pub}
Endpoint = ${end}
" > /etc/wireguard/${pFile}

# Add our peer configuration to the server config
echo "

# ${the_client} begin
[Peer]
PublicKey = ${clientPub}
PresharedKey = ${pre}
AllowedIPs = 10.254.132.100/32
# ${the_client} end" | tee -a wg0.conf

echo "
sudo cp wg0.conf /etc/wireguard
sudo wg addconf wg0 <(wg-quick strip wg0)
"

server.bash

#!/bin/bash

# Storyline: Script to create a wireguard server

# Create a private key
p="$(wg genkey)"
# Create a public key
pub="$(echo ${p} | wg pubkey)"
# Set the addresses
address="10.254.132.0/24,172.16.28.0/24"
# Set Server IP addresses
ServerAddress="10.254.132.1/24,172.16.28.1/24"
# Set the listen port
lport="4282"
# Create the format for the client configuration options
peerinfo="# ${address} 198.199.97.163:4282 ${pub} 8.8.8.8,1.1.1.1 1280 120 0.0.0.0/0"

echo "${peerinfo}
[Interface]
Address = ${ServerAddress}
#PostUp = /etc/wireguard/wg-up.bash
#PostDown = /etc/wireguard/wg-down.bash
ListenPort = ${lport}
PrivateKey = ${p}
" > wg0.conf

wg0.conf

# 10.254.132.0/24,172.16.28.0/24 198.199.97.163:4282 +La4lphaxo3j+/2YwCDe1oBaJwekbshfw/keS40Hy08= 8.8.8.8,1.1.1.1 1280 120 0.0.0.0/0
[Interface]
Address = 10.254.132.1/24,172.16.28.1/24
#PostUp = /etc/wireguard/wg-up.bash
#PostDown = /etc/wireguard/wg-down.bash
ListenPort = 4282
PrivateKey = IM6QKIeSROztKd5ydRbdZdGCtLJXa8+G7E30/NBHe1U=



# Miles begin
[Peer]
PublicKey = GCWqwg2QHX1XqYPDRL3EuyFAt+VDmCeG6m1gHYlA7SA=
PresharedKey = Y2zhtvNVFYuTGoOk1bT1ITLmEm+YRh/AMrznKEAKTaE=
AllowedIPs = 10.254.132.100/32
# Miles end


# john begin
[Peer]
PublicKey = nYEYLIeIy6sde61Yv8jloD9LJDxpL5bztgpLbVV/D1A=
PresharedKey = Ccx1uW8U/UeeB+vRI/TFKtOmfL4Uuh3Yma45dzb+nNU=
AllowedIPs = 10.254.132.100/32
# john end


# john begin
[Peer]
PublicKey = iwXBtJF0r82Nj4ay62FX7NDYL7BjKKT/ZO4e7Ex7+nI=
PresharedKey = DPTFlSHZEFDF6Hqfl6Uz79rYZV3S6aRAI4CzZ1bN09I=
AllowedIPs = 10.254.132.100/32
# john end