pavel.muhortov/wireguard-management
1
0
Fork 0
generated from pavel.muhortov/template-bash
Code Issues Pull Requests Projects Releases Wiki Activity

added ifname support

Browse Source
This commit is contained in:
Pavel Muhortov 2023-08-17 13:00:10 +03:00
parent 55c12bbb16
commit d773f2bd66
2 changed files with 28 additions and 26 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
README.md
View File

@ -76,10 +76,11 @@ ____
| POSITION | PARAMETERS | DESCRIPTION | DEFAULT | | POSITION | PARAMETERS | DESCRIPTION | DEFAULT |
|-----------|--------------|------------------------|---------------| |-----------|--------------|------------------------|---------------|
| 1 |**add\|del**|add or delete client config|**REQUIRED**| | 1 |**\<ifname\>**|wireguard interface name|**REQUIRED**|
| 2 |**\<username\>**|client username|**REQUIRED**| | 2 |**add\|del**|add or delete client config|**REQUIRED**|
| 3 |**\<address\>**|client ip address|**REQUIRED**| | 3 |**\<username\>**|client username|**REQUIRED**|
| 4 |**[-f]**,**[--force]**|service will restart after add\|del username|| | 4 |**\<address\>**|client ip address|**REQUIRED**|
| 5 |**[-f]**,**[--force]**|service will restart after add\|del username||
Example usage: Example usage:
@ -113,12 +114,12 @@ ln -s /etc/wireguard/wg-client-management.sh ./wg
```bash ```bash
# create client # create client
sudo ./wg add username address sudo ./wg wg0 add username address
``` ```
```bash ```bash
# delete client and restart service # delete client and restart service
sudo ./wg del username address -f sudo ./wg wg0 del username address -f
``` ```
```bash ```bash

39
wg-client-management.sh
View File

@ -113,7 +113,7 @@ createcert() {
wg genkey | tee "/etc/wireguard/pki/${clientname}-private.key" | wg pubkey > "/etc/wireguard/pki/${clientname}-public.key" wg genkey | tee "/etc/wireguard/pki/${clientname}-private.key" | wg pubkey > "/etc/wireguard/pki/${clientname}-public.key"
clientpublkey=$(cat "/etc/wireguard/pki/${clientname}-public.key") clientpublkey=$(cat "/etc/wireguard/pki/${clientname}-public.key")
clientprivkey=$(cat "/etc/wireguard/pki/${clientname}-private.key") clientprivkey=$(cat "/etc/wireguard/pki/${clientname}-private.key")
wg set wg0 peer "${clientpublkey}" \ wg set "${iface_name}" peer "${clientpublkey}" \
allowed-ips "${clientaddr}/32" \ allowed-ips "${clientaddr}/32" \
persistent-keepalive 5 persistent-keepalive 5
{ {
@ -121,8 +121,8 @@ createcert() {
echo -e " PublicKey = ${clientpublkey}" echo -e " PublicKey = ${clientpublkey}"
echo -e " AllowedIPs = ${clientaddr}/32" echo -e " AllowedIPs = ${clientaddr}/32"
echo -e " PersistentKeepalive = 5" echo -e " PersistentKeepalive = 5"
} >> ${servercfgname} } >> "${servercfgname}"
ip -4 route add "${clientaddr}/32" dev wg0 ip -4 route add "${clientaddr}/32" dev "${iface_name}"
} }
####################################### #######################################
@ -173,19 +173,19 @@ END
deletecert() { deletecert() {
clientpublkey=$(cat "/etc/wireguard/pki/${clientname}-public.key") clientpublkey=$(cat "/etc/wireguard/pki/${clientname}-public.key")
clientprivkey=$(cat "/etc/wireguard/pki/${clientname}-private.key") clientprivkey=$(cat "/etc/wireguard/pki/${clientname}-private.key")
wg set wg0 peer "${clientpublkey}" remove wg set "${iface_name}" peer "${clientpublkey}" remove
rm -f "/etc/wireguard/pki/${clientname}-public.key" rm -f "/etc/wireguard/pki/${clientname}-public.key"
rm -f "/etc/wireguard/pki/${clientname}-private.key" rm -f "/etc/wireguard/pki/${clientname}-private.key"
# PublicKey = # PublicKey =
s2=$(grep -n "${clientpublkey}" ${servercfgname} | cut -d":" -f1) s2=$(grep -n "${clientpublkey}" "${servercfgname}" | cut -d":" -f1)
# [Peer] # [Peer]
s1=$(( s2 - 1 )) s1=$(( s2 - 1 ))
# AllowedIPs = # AllowedIPs =
s3=$(( s2 + 1 )) s3=$(( s2 + 1 ))
# PersistentKeepalive = # PersistentKeepalive =
s4=$(( s2 + 2 )) s4=$(( s2 + 2 ))
sed -i "${s1}d;${s2}d;${s3}d;${s4}d" ${servercfgname} sed -i "${s1}d;${s2}d;${s3}d;${s4}d" "${servercfgname}"
ip -4 route del "${clientaddr}/32" dev wg0 ip -4 route del "${clientaddr}/32" dev "${iface_name}"
} }
####################################### #######################################
@ -214,9 +214,10 @@ deleteinfo() {
# VARIABLES: # VARIABLES:
# #
clienttodo=$1 iface_name=$1
clientname=$2 clienttodo=$2
clientaddr=$3 clientname=$3
clientaddr=$4
resetforce=0 resetforce=0
for argument in "${@}"; do for argument in "${@}"; do
@ -244,7 +245,7 @@ fi
if checkroot; then if checkroot; then
serverpublkey=$(cat /etc/wireguard/pki/server-public.key) serverpublkey=$(cat /etc/wireguard/pki/server-public.key)
servercfgname="/etc/wireguard/wg0.conf" servercfgname="/etc/wireguard/${iface_name}.conf"
clientpublkey='' clientpublkey=''
clientprivkey='' clientprivkey=''
clientconfdef="/etc/wireguard/client.conf.default" clientconfdef="/etc/wireguard/client.conf.default"
@ -254,7 +255,7 @@ if checkroot; then
[ -n "${clientname}" ] && \ [ -n "${clientname}" ] && \
grepcidr "0.0.0.0/0" <(echo "${clientaddr}") >/dev/null; then grepcidr "0.0.0.0/0" <(echo "${clientaddr}") >/dev/null; then
if [ -f "/etc/wireguard/${clientname}.conf" ] || \ if [ -f "/etc/wireguard/${clientname}.conf" ] || \
grep -q -w "${clientaddr}/32" ${servercfgname}; then grep -q -w "${clientaddr}/32" "${servercfgname}"; then
execerror "wireguard config exist or address used, exit" execerror "wireguard config exist or address used, exit"
else else
createcert && addtologs "created certificate for ${clientname}" createcert && addtologs "created certificate for ${clientname}"
@ -263,8 +264,8 @@ if checkroot; then
startsendmail startsendmail
fi fi
if [ "${resetforce}" -eq 1 ];then if [ "${resetforce}" -eq 1 ];then
addtologs "restarting wg-quick@wg0..." addtologs "restarting wg-quick@${iface_name}..."
systemctl restart wg-quick@wg0 systemctl restart "wg-quick@${iface_name}"
fi fi
elif [ "${clienttodo}" == "del" ] && \ elif [ "${clienttodo}" == "del" ] && \
[ -n "${clientname}" ] && \ [ -n "${clientname}" ] && \
@ -275,16 +276,16 @@ if checkroot; then
if [ -f "/etc/wireguard/${clientname}.png" ]; then if [ -f "/etc/wireguard/${clientname}.png" ]; then
deleteinfo && addtologs "deleted info file for ${clientname}" deleteinfo && addtologs "deleted info file for ${clientname}"
fi fi
if grep -q -w "${clientaddr}/32" ${servercfgname}; then if grep -q -w "${clientaddr}/32" "${servercfgname}"; then
deletecert && addtologs "deleted certificate for ${clientname}" deletecert && addtologs "deleted certificate for ${clientname}"
fi fi
if [ "${resetforce}" -eq 1 ];then if [ "${resetforce}" -eq 1 ];then
addtologs "restarting wg-quick@wg0..." addtologs "restarting wg-quick@${iface_name}..."
systemctl restart wg-quick@wg0 systemctl "restart wg-quick@${iface_name}"
fi fi
else else
printf "%s\n" "Usage example: $0 'add' 'username(surname)' 'address(ww.xx.yy.zz) -f'" printf "%s\n" "Usage example: $0 'wg0' 'add' 'username(surname)' 'address(ww.xx.yy.zz) -f'"
printf "%s\n" "Usage example: $0 'del' 'username(surname)' 'address(ww.xx.yy.zz)'" printf "%s\n" "Usage example: $0 'wg0' 'del' 'username(surname)' 'address(ww.xx.yy.zz)'"
fi fi
else else
execerror "Restart this as root!" execerror "Restart this as root!"