diff options
Diffstat (limited to 'scripts/wireguard-new-client.sh')
-rw-r--r-- | scripts/wireguard-new-client.sh | 43 |
1 files changed, 43 insertions, 0 deletions
diff --git a/scripts/wireguard-new-client.sh b/scripts/wireguard-new-client.sh new file mode 100644 index 0000000..28ca90e --- /dev/null +++ b/scripts/wireguard-new-client.sh @@ -0,0 +1,43 @@ +#!/bin/bash + +set -euo pipefail +IFS=$'\n\t' + +if [[ $# -ne 2 ]]; then + echo "Usage: $0 <wg server config file> <desired ip for client (without CIDR)>" + exit 1 +fi + +# create client keypair +cli_privkey=$(wg genkey) +cli_pubkey=$(wg pubkey <<< "$cli_privkey") + +# PrivateKey = ... +# if you don't leave a space, this won't work +#srv_pubkey=$(awk -e '/PrivateKey/ { print $2; }' "$1" | wg pubkey) +srv_pubkey=$(awk -e 'match($0, /^PrivateKey\s*=\s*(.*)$/, ar) { print ar[1]; }' "$1" | wg pubkey) +srv_port=$(awk -e 'match($0, /^ListenPort\s*=\s*(.*)$/, ar) { print ar[1]; }' "$1") + +# create client config +echo "*** Scan this with your mobile phone ***" +qrencode -t ansiutf8 <<EOF +[Interface] +PrivateKey = $cli_privkey +Address = $2/24 + +[Peer] +PublicKey = $srv_pubkey +Endpoint = $(hostname --fqdn):${srv_port} +AllowedIPs = 0.0.0.0/0, ::/0 +PersistentKeepalive = 30 +EOF + +cat >> "$1" <<EOF + +# Auto-Generated +[Peer] +PublicKey = $cli_pubkey +AllowedIPs = $2/32 + +EOF + |