summaryrefslogtreecommitdiff
path: root/scripts/wireguard-new-client.sh
diff options
context:
space:
mode:
Diffstat (limited to 'scripts/wireguard-new-client.sh')
-rw-r--r--scripts/wireguard-new-client.sh43
1 files changed, 43 insertions, 0 deletions
diff --git a/scripts/wireguard-new-client.sh b/scripts/wireguard-new-client.sh
new file mode 100644
index 0000000..28ca90e
--- /dev/null
+++ b/scripts/wireguard-new-client.sh
@@ -0,0 +1,43 @@
+#!/bin/bash
+
+set -euo pipefail
+IFS=$'\n\t'
+
+if [[ $# -ne 2 ]]; then
+ echo "Usage: $0 <wg server config file> <desired ip for client (without CIDR)>"
+ exit 1
+fi
+
+# create client keypair
+cli_privkey=$(wg genkey)
+cli_pubkey=$(wg pubkey <<< "$cli_privkey")
+
+# PrivateKey = ...
+# if you don't leave a space, this won't work
+#srv_pubkey=$(awk -e '/PrivateKey/ { print $2; }' "$1" | wg pubkey)
+srv_pubkey=$(awk -e 'match($0, /^PrivateKey\s*=\s*(.*)$/, ar) { print ar[1]; }' "$1" | wg pubkey)
+srv_port=$(awk -e 'match($0, /^ListenPort\s*=\s*(.*)$/, ar) { print ar[1]; }' "$1")
+
+# create client config
+echo "*** Scan this with your mobile phone ***"
+qrencode -t ansiutf8 <<EOF
+[Interface]
+PrivateKey = $cli_privkey
+Address = $2/24
+
+[Peer]
+PublicKey = $srv_pubkey
+Endpoint = $(hostname --fqdn):${srv_port}
+AllowedIPs = 0.0.0.0/0, ::/0
+PersistentKeepalive = 30
+EOF
+
+cat >> "$1" <<EOF
+
+# Auto-Generated
+[Peer]
+PublicKey = $cli_pubkey
+AllowedIPs = $2/32
+
+EOF
+
generated by cgit v1.2.3 (git 2.39.1) at 2024-09-19 21:33:13 +0000