diff options
| -rw-r--r-- | scripts/wireguard-new-peer.sh | 40 |
1 files changed, 40 insertions, 0 deletions
diff --git a/scripts/wireguard-new-peer.sh b/scripts/wireguard-new-peer.sh new file mode 100644 index 0000000..d810d4f --- /dev/null +++ b/scripts/wireguard-new-peer.sh @@ -0,0 +1,40 @@ +#!/bin/bash + +set -euo pipefail +IFS=$'\n\t' + +if [[ $# -ne 3 ]]; then + echo "Usage: $0 <wg server config file> <server endpoint with port> <desired ip for client (without CIDR)>" + exit 1 +fi + +# create client keypair +cli_privkey=$(wg genkey) +cli_pubkey=$(wg pubkey <<< "$cli_privkey") + +# PrivateKey = ... +# if you don't leave a space, this won't work +srv_pubkey=$(awk -e '/PrivateKey/ { print $3; }' "$1" | wg pubkey) + +# create client config +echo "*** Scan this with your mobile phone ***" +qrencode -t ansiutf8 <<EOF +[Interface] +PrivateKey = $cli_privkey +Address = $3/24 + +[Peer] +PublicKey = $srv_pubkey +Endpoint = $2 +AllowedIPs = 0.0.0.0/0, ::/0 +EOF + +tee -a "$1" <<EOF + +# Auto-Generated +[Peer] +PublicKey = $cli_pubkey +AllowedIPs = $3/32 + +EOF + |