Accéder au contenu principal

AutoWG: a simple Bash script to connect two devices with Wireguard

 I made today a quite simple BASH script that allows to connect two devices running Wireguard (tested with Debian Linux 12, but should work with any device)

You can check it out (and fork it if you want) in this Gitlab Page

This is the source code as of now, but I could modify it later (any suggestions are welcome) :

#!/bin/bash
#
# AUTOWG written by Hamdi KADRI 
# No copyright in any form or kind
# This script is intended to create configurations for 
# a point-to-point Wireguard connection between a server
# and a client (/30 network)
#
# Step zero: declare configurations as variables
servercfg="[Interface]
Address = <serverwgIP>
SaveConfig = true
ListenPort = <port>
PrivateKey = <server-privatekey>
[Peer]
PublicKey = <client-pubkey>
AllowedIPs = <clientwgIP>
"
clientcfg="[Interface]
PrivateKey = <client-privatekey>
Address = <clientwgIP>
[Peer]
PublicKey = <server-pubkey>
AllowedIPs = 0.0.0.0/0
EndPoint = <serverIP>:<port>
PersistentKeepalive = 20"
# Step one: ask for some parameters (as an assistant)
# We need: point-to-point IPs, Server IP, port
echo "AutoWG requires some informations before generating your config"
echo "Please provide the next parameters."
echo "This script will not check if the IPs and netmask are valid!"
echo "Press Enter to continue.."
echo
read
read -p "Server IP for the Wireguard interface: " serverwgIP
echo 
read -p "Client IP for the Wireguard interface: " clientwgIP
echo 
read -p "Network Mask for both server and client WG interfaces: " netmask
echo 
read -p "Server Public IP address: " serverIP 
echo 
read -p "Network Port for Wireguard communication: " port
echo 
# Step two: generate keypairs
## Generate keypairs for machine 1 (client)
client_prvkey=$(wg genkey)
client_pubkey=$(echo $client_prvkey | wg pubkey)
## Generate keypairs for machine 2 (server)
server_prvkey=$(wg genkey)
server_pubkey=$(echo $server_prvkey | wg pubkey)
# Step three: generate configuration
serverconf=$(echo "$servercfg" | sed "s|<serverwgIP>|${serverwgIP}|g" | \
 sed "s|<port>|${port}|g" | sed "s|<server-privatekey>|${server_prvkey}|g" |\
 sed "s|<client-pubkey>|${client_pubkey}|g" | sed "s|<clientwgIP>|${clientwgIP}|g" )
clientconf=$(echo "$clientcfg" | sed "s|<client-privatekey>|${client_prvkey}|g" | \
 sed "s|<clientwgIP>|${clientwgIP}|g" | sed "s|<server-pubkey>|${server_pubkey}|g" | \
 sed "s|<serverIP>|${serverIP}|g" | sed "s|<port>|${port}|g" )
# Step four: display configuration for machine 1 (client)
echo 
echo "** Client Side Config **"
echo "$clientconf"
echo
# Step five: display configuration for machine 2 (server)
echo 
echo "** Server Side Config **"
echo "$serverconf"
echo
# Step six: Saving to a text file 
#
echo "** Client Side Config **" > wireguard-conf.txt
echo "$clientconf" >> wireguard-conf.txt
echo  >> wireguard-conf.txt

echo "** Server Side Config **" >> wireguard-conf.txt
echo "$serverconf" >> wireguard-conf.txt
echo >> wireguard-conf.txt

Libellés :

Commentaires

Enregistrer un commentaire

Posts les plus consultés de ce blog

GNS3: Simulating a 100% opensource site2site VPN using Wireguard, VyOS and OpenVSwitch

 This is something I had in mind but didn't find the time to accomplish before. It just took a very cold day to convince me that I have to play with Wireguard on VyOS. I used GNS3 of course, on my personal Linux laptop to create this setup. Of course the performance was not that great since it is just a simulation.  In real life, I am using Wireguard on a 10 years old Raspberry Pi Model B and amazingly with just a 700MHz single core ARM CPU and less than 512 MB of RAM I had a decent and stable permanent Wireguard tunnel. (My bandwidth would reach 24 Mbps without issue) Back to my simulation, this is what it looks like : Quick explanation: the VYOS routers labeled IPERF1 and IPERF2 are only used for an iperf3 test, which was able to reach about 50 to 60 Mbps each time. It ain't much but it was honest (and free) secure bandwidth! I won't get into the details of this setup but I will just post the two most important configurations : R-East and R-West : #### VYOS WireGuard Site...
Enregistrer un commentaire
Lire la suite

GNS3 on Manjaro/Arch Linux: How to create virbr0 for NAT to work

Problem: You can't add a NAT connection to your GNS3 simulation, and you get the error : "ERROR template_manager:226 Error while creating node from template: NAT interface virbr0 is missing, please install libvirt" Steps to resolve: 1- Create a file named /tmp/default.xml 2- Paste this content and save: <network>   <name>default</name>   <bridge name="virbr0"/>   <forward mode="nat"/>   <ip address="192.168.123.1" netmask="255.255.255.0">     <dhcp>       <range start="192.168.123.2" end="192.168.123.254"/>     </dhcp>   </ip> </network> 3- Execute the following commands in your shell : virsh net-define /tmp/default.xml sudo virsh net-start default sudo virsh net-autostart default  
Enregistrer un commentaire
Lire la suite