Lab 3: Menus and Users - squatchulator/Tech-Journal GitHub Wiki

manage-users.bash

#!/bin/bash

# Storyline: Script to add and delete VPN peers

while getopts 'hdcau:' OPTION ; do

	case "$OPTION" in

		d) u_del=${OPTION}
		;;
		c) u_check=${OPTION}
		;;
		a) u_add=${OPTION}
		;;
		u) t_user=${OPTARG}
		;;
		h)

			echo ""
			echo "Usage: $(basename $0) [-c][-a]|[-d] -u username"
			echo ""
			exit 1

		;;

		*)

			echo "Invalid value."
			exit 1

		;;
	esac
done

# Check to see if the -a and -d are empty or if they are both specified, then error
if [ (${u_del} == "" && ${u_add} == "") ](/squatchulator/Tech-Journal/wiki/|-(${u_del}-!=-""--&&-${u_add}-!=-"")-)
then

	echo "Please specify -a, -c, or -d, as well as -u followed by the username."

fi

# Check to ensure -u is specified

if [ (${u_del} != "" ](/squatchulator/Tech-Journal/wiki/|-${u_add}-!=-"")-&&-${t_user}-==-""-)
then

	echo "Please specify a user (-u)!"
	echo "Usage: $(basename $0) [-a][-d] -u username"
	exit 1
fi

# Delete a user
if [ ${u_del} ](/squatchulator/Tech-Journal/wiki/-${u_del}-)
then
	echo "Deleting user ${t_user}..."
	sed -i "/# ${t_user} begin/,/# ${t_user} end/d" wg0.conf
fi

# Add a user
if [ ${u_add} ](/squatchulator/Tech-Journal/wiki/-${u_add}-)
then

	echo "Creating the user ${t_user}..."
	bash peer.bash ${t_user}

fi

# Check for a user
if [ ${u_check} ](/squatchulator/Tech-Journal/wiki/-${u_check}-)
then

	if [ -n $(awk "/# ${t_user} begin/,/# ${t_user} end/" wg0.conf) ](/squatchulator/Tech-Journal/wiki/--n-$(awk-"/#-${t_user}-begin/,/#-${t_user}-end/"-wg0.conf)-)
	then
		echo "${t_user} already exists in the configuration file."
	else
		echo "${t_user} does NOT exist in the configuration file."
	fi
fi

menu.bash

#!/bin/bash

# Storyline: Menu for admin, VPN, and Security Functions

function invalid_opt() {

	echo ""
	echo "Invalid option"
	echo ""
	sleep 2


}
function menu() {
	# Just clears the screen
	clear

	echo "[1] Admin Menu"
	echo "[2] Security Menu"
	echo "[3] Exit"
	read -p "Please enter a choice above: " choice

	case "$choice" in

		1) admin_menu
		;;
		2) security_menu
		;;
		3) exit 0
		;;
		*)

			invalid_opt
			# Call the main menu
			menu
		;;
	esac
}

function admin_menu() {

	clear
	echo "[L]ist Running Processes"
	echo "[V]PN Menu"
	echo "[B]ack"
	echo "[4] Exit"
	read -p "Please enter a choice above: " choice

	case "$choice" in
		L|l) ps -ef |less
		;;
		N|n) netstat -an --inet |less
		;;
		V|v) vpn
		;;
		B|b) menu 
		;;
		4) exit 0
		;;

		*)
			invalid_opt

		;;
	esac
admin_menu
}
function security_menu () {
	clear
	echo "[L]ist all open network sockets"
	echo "[C]heck for users with UID of 0"
	echo "[D]isplay last 10 logged in users"
	echo "[S]how currently logged in users"
	echo "[B]ack"
	read -p "Please enter a choice above: " choice

	case "$choice" in

                L|l) netstat -an --inet |less
		;;
		C|c) id -nu 0 |less
		;;
		D|d) last -n 10 |less
		;;
		S|s) w less
		;;
		B|b) menu
		;;
		*)
			invalid_opt
		;;
	esac
}
function vpn() {
	clear

	echo "[A]dd a peer"
	echo "[D]elete a peer"
	echo "[B]ack to admin menu"
	echo "[M]ain menu"
	echo "[E]xit"
	read -p "Please select an option: " choice

	case "$choice" in

		A|a)

		 bash peer.bash
	 	 tail -6 wg0.conf |less
		;;
		D|d) #  Create a prompt for the user to delete
		     #  Call the manage-user.bash and pass the proper switches and arguement to delete the user
		;;
		B|b) admin_menu
		;;
		M|m) menu
		;;
		E|e) exit 0
		;;
		*)
			invalid_opt

		;;

	esac
vpn
}
# Call the main function
menu

peer.bash

#!/bin/bash

# Storyline: Create peer VPN configuration file
if [ $1 == "" ](/squatchulator/Tech-Journal/wiki/-$1-==-""-)
then
	# What is the peer's name?
	echo -n "What is the name for the peer?: "
	read the_client
else

	the_client="$1"
fi
# Filename Variable
pFile="${the_client}-wg0.conf"
echo "${pFile}"
# Check if the peer file exists
if [ -f "${pFile}" ](/squatchulator/Tech-Journal/wiki/--f-"${pFile}"-)
then
	echo "The file ${pFile} already exists."
	echo -n "Would you like to overwrite it? [Y|N]: "
	read to_overwrite
	
	if [ "${to_overwrite}" == "N" ](/squatchulator/Tech-Journal/wiki/|-"${to_overwrite}"-==-"n"-||-"${to_overwrite}"-==-""-)
	then
		echo "Exit..."
		exit 0
	elif [ "${to_overwrite}" == "Y" ](/squatchulator/Tech-Journal/wiki/|-"${to_overwrite}"-==-"y"-)
	then
		echo "Creating the wireguard configuration file..."
	else
		echo "Invalid value."
		exit 1
	fi
fi 

# Generate private key
p="$(wg genkey)"
# Generate public key
clientPub="$(echo ${p} | wg pubkey)"
# Generate a preshared key
pre="$(wg genpsk)"
# Endpoint
end="$(head -1 wg0.conf | awk ' { print $3 } ')"
# Server Public Key
pub="$(head -1 wg0.conf | awk ' { print $4 } ')"
# DNS Servers
dns="$(head -1 wg0.conf | awk ' { print $5 } ')"
# MTU
mtu="$(head -1 wg0.conf | awk ' { print $6 } ')"
# KeepAlive
keep="$(head -1 wg0.conf | awk ' { print $7 } ')"
# Listen Port
lport="$(shuf -n1 -i 40000-50000)"
# Default Routes for VPN
routes="$(head -1 wg0.conf | awk ' { print $8 } ')"

# Generate the IP address
tempIP=$(grep AllowedIPs wg0.conf | sort -u | tail -1 | cut -d\. -f4 | cut -d\/ -f1)
ip=$(expr ${tempIP} + 1)


# Create the client (peer) configuration file
echo "[Interface]
Address = 10.254.132.${ip}/24
DNS = ${dns}
ListenPort = ${lport}
MTU = ${mtu}
PrivateKey = ${p}

[Peer]
AllowedIPs = ${routes}
PersistentKeepAlive = ${keep}
PresharedKey =  ${pre}
PublicKey = ${pub}
Endpoint = ${end}
" > /etc/wireguard/${pFile}

# Add our peer configuration to the server config
echo "

# ${the_client} begin
[Peer]
PublicKey = ${clientPub}
PresharedKey = ${pre}
AllowedIPs = 10.254.132.${ip}/32
# ${the_client} end" | tee -a wg0.conf


sudo cp wg0.conf /etc/wireguard
sudo wg addconf wg0 <(wg-quick strip wg0)