Skip to content
Snippets Groups Projects
Commit 278ad30f authored by Jiří Kalvoda's avatar Jiří Kalvoda
Browse files

blatto-wg

parent e0740c5f
No related branches found
No related tags found
No related merge requests found
Show whitespace changes
Inline Side-by-side
Showing
with 35 additions and 0 deletions
network/blatto-wg 0 → 100755
+ 35
0
View file @ 278ad30f
#!/bin/sh
set -euo xtrace -o pipefail
vlan_name=$1
id=$2
eval "$(ssh root@blatto.eu wg-get-metadata $vlan_name)"
mkdir -p /etc/wireguard/blatto
cd /etc/wireguard/blatto/
[ -f psk ] || (umask 0077 && wg genpsk > psk)
[ -f $id.key ] || wg genkey | (umask 0077 && tee $id.key) | wg pubkey > $id.pub
ssh root@blatto.eu cat /etc/wireguard/$vlan_name/blattes.pub > blattes.pub
cat psk | ssh root@blatto.eu "wg-register $vlan_name $id $(hostname) $(cat $id.pub)" < psk
#cat $id.pub | ssh root@blatto.eu "cat > /etc/wireguard/$vlan_name/$id.pub"
#cat psk | ssh root@blatto.eu "cat > /etc/wireguard/$vlan_name/$id.psk"
cat <<AMEN
#!/bin/sh
set -o xtrace
ip link add dev wg-blatto type wireguard
ip addr add $v4net.$id/24 dev wg-blatto
ip addr add $v6net::$id/64 dev wg-blatto
wg set wg-blatto listen-port 12061 private-key /etc/wireguard/blatto/$id.key
wg set wg-blatto peer \$(cat /etc/wireguard/blatto/blattes.pub) preshared-key /etc/wireguard/blatto/psk endpoint $blattes_ipv4:$port allowed-ips 0.0.0.0/0,::0/0
ip link set wg-blatto up
ip route add $ipv4_prefix.0.0/16 via $v4net.1 dev wg-blatto metric 1000
ip route add ${ipv6_prefix}00::0/56 via $v6net::1 dev wg-blatto metric 1000
AMEN
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment