Accéder au contenu principal

AutoWG: a simple Bash script to connect two devices with Wireguard

 I made today a quite simple BASH script that allows to connect two devices running Wireguard (tested with Debian Linux 12, but should work with any device)

You can check it out (and fork it if you want) in this Gitlab Page

This is the source code as of now, but I could modify it later (any suggestions are welcome) :

#!/bin/bash
#
# AUTOWG written by Hamdi KADRI 
# No copyright in any form or kind
# This script is intended to create configurations for 
# a point-to-point Wireguard connection between a server
# and a client (/30 network)
#
# Step zero: declare configurations as variables
servercfg="[Interface]
Address = <serverwgIP>
SaveConfig = true
ListenPort = <port>
PrivateKey = <server-privatekey>
[Peer]
PublicKey = <client-pubkey>
AllowedIPs = <clientwgIP>
"
clientcfg="[Interface]
PrivateKey = <client-privatekey>
Address = <clientwgIP>
[Peer]
PublicKey = <server-pubkey>
AllowedIPs = 0.0.0.0/0
EndPoint = <serverIP>:<port>
PersistentKeepalive = 20"
# Step one: ask for some parameters (as an assistant)
# We need: point-to-point IPs, Server IP, port
echo "AutoWG requires some informations before generating your config"
echo "Please provide the next parameters."
echo "This script will not check if the IPs and netmask are valid!"
echo "Press Enter to continue.."
echo
read
read -p "Server IP for the Wireguard interface: " serverwgIP
echo 
read -p "Client IP for the Wireguard interface: " clientwgIP
echo 
read -p "Network Mask for both server and client WG interfaces: " netmask
echo 
read -p "Server Public IP address: " serverIP 
echo 
read -p "Network Port for Wireguard communication: " port
echo 
# Step two: generate keypairs
## Generate keypairs for machine 1 (client)
client_prvkey=$(wg genkey)
client_pubkey=$(echo $client_prvkey | wg pubkey)
## Generate keypairs for machine 2 (server)
server_prvkey=$(wg genkey)
server_pubkey=$(echo $server_prvkey | wg pubkey)
# Step three: generate configuration
serverconf=$(echo "$servercfg" | sed "s|<serverwgIP>|${serverwgIP}|g" | \
sed "s|<port>|${port}|g" | sed "s|<server-privatekey>|${server_prvkey}|g" |\
sed "s|<client-pubkey>|${client_pubkey}|g" | sed "s|<clientwgIP>|${clientwgIP}|g" )
clientconf=$(echo "$clientcfg" | sed "s|<client-privatekey>|${client_prvkey}|g" | \
sed "s|<clientwgIP>|${clientwgIP}|g" | sed "s|<server-pubkey>|${server_pubkey}|g" | \
sed "s|<serverIP>|${serverIP}|g" | sed "s|<port>|${port}|g" )
# Step four: display configuration for machine 1 (client)
echo 
echo "** Client Side Config **"
echo "$clientconf"
echo
# Step five: display configuration for machine 2 (server)
echo 
echo "** Server Side Config **"
echo "$serverconf"
echo
# Step six: Saving to a text file 
#
echo "** Client Side Config **" > wireguard-conf.txt
echo "$clientconf" >> wireguard-conf.txt
echo  >> wireguard-conf.txt

echo "** Server Side Config **" >> wireguard-conf.txt
echo "$serverconf" >> wireguard-conf.txt
echo >> wireguard-conf.txt

Commentaires

Posts les plus consultés de ce blog

GNS3 on Manjaro/Arch Linux: How to create virbr0 for NAT to work

Problem: You can't add a NAT connection to your GNS3 simulation, and you get the error : "ERROR template_manager:226 Error while creating node from template: NAT interface virbr0 is missing, please install libvirt" Steps to resolve: 1- Create a file named /tmp/default.xml 2- Paste this content and save: <network>   <name>default</name>   <bridge name="virbr0"/>   <forward mode="nat"/>   <ip address="192.168.123.1" netmask="255.255.255.0">     <dhcp>       <range start="192.168.123.2" end="192.168.123.254"/>     </dhcp>   </ip> </network> 3- Execute the following commands in your shell : virsh net-define /tmp/default.xml sudo virsh net-start default sudo virsh net-autostart default  

GNS3: Simulating a 100% opensource site2site VPN using Wireguard, VyOS and OpenVSwitch

 This is something I had in mind but didn't find the time to accomplish before. It just took a very cold day to convince me that I have to play with Wireguard on VyOS. I used GNS3 of course, on my personal Linux laptop to create this setup. Of course the performance was not that great since it is just a simulation.  In real life, I am using Wireguard on a 10 years old Raspberry Pi Model B and amazingly with just a 700MHz single core ARM CPU and less than 512 MB of RAM I had a decent and stable permanent Wireguard tunnel. (My bandwidth would reach 24 Mbps without issue) Back to my simulation, this is what it looks like : Quick explanation: the VYOS routers labeled IPERF1 and IPERF2 are only used for an iperf3 test, which was able to reach about 50 to 60 Mbps each time. It ain't much but it was honest (and free) secure bandwidth! I won't get into the details of this setup but I will just post the two most important configurations : R-East and R-West : #### VYOS WireGuard Site...

Les 69 bonnes raisons de préférer la bière aux femmes:

J'ai trouvé ça sur Facebook et j'ai trouvé marrant. 01- Une bière froide est une bonne bière 02- On arrive toujours a faire mousser une bière 03- Une bière est toujours prête et humide 04- Une bière n'a jamais la migraine 05- On peut consommer 2 bières en même temps sans complications 06- Une bière n'est jamais jalouse d'une autre 07- On n'a pas besoin de raconter des mots doux a une bière pour se soulager 08- Une bière, ça se commande 09- En soirée, on peut toujours se taper une bière 10- Une bière ne parle pas 11- Une bière reste consommable 28 jours sur 28 12- Quand on finit une bière, on peut récupérer la consigne 13- Quand on ne la finit pas, elle ne fait pas la gueule 14- La bière ne donne que PARFOIS mal a la tête 15- On peut rester actif après s'être taper une bonne bière 16- Même la bière belge n'est pas stupide 17- Une bière est non violente 18- Une bière n'est jamais complexée 19- On voit toujours facilement a l'intérieur d'une biè...