wgclient.sh
Wireguard client config generator
01:
02:
03: SERVER_CONF='/etc/wireguard/wg0.conf'
04: SERVER_PUBLIC_KEY="$(grep PrivateKey $SERVER_CONF |cut -d= -f2-|tr -d '[:blank:]'|wg pubkey)"
05: SERVER_ENDPOINT= example.com
06: CLIENT_IP="10.0.0.$1"
07:
08: CONFNAME=$(basename "$SERVER_CONF")
09: IFNAME=${CONFNAME%.conf}
10: CLIENT_PRIVATE_KEY="$(wg genkey)"
11: CLIENT_PUBLIC_KEY="$(echo -n $CLIENT_PRIVATE_KEY| wg pubkey)"
12: CLIENTCONF=client$1.conf
13: CLIENTUSER="${2:-root}"
14: cat > $CLIENTCONF << WGCLIENT
15: [Interface]
16: Address = $CLIENT_IP/24
17: PrivateKey = $CLIENT_PRIVATE_KEY
18:
19: [Peer]
20: PublicKey = $SERVER_PUBLIC_KEY
21: Endpoint = $SERVER_ENDPOINT:51820
22: AllowedIPs = 10.0.0.0/24
23: WGCLIENT
24: chown $CLIENTUSER:$CLIENTUSER $CLIENTCONF
25: chmod 600 $CLIENTCONF
26: CLIENT_CONFPATH=$(getent passwd "$CLIENTUSER"| cut -d: -f6)
27: [ "$CLIENTCONF" -ef "$CLIENT_CONFPATH/$CLIENTCONF" ] || mv -f $CLIENTCONF $CLIENT_CONFPATH
28:
29: cat >> $SERVER_CONF << WGSERVER
30: [Peer]
31: PublicKey = $CLIENT_PUBLIC_KEY
32: AllowedIPs = $CLIENT_IP
33: WGSERVER
34:
35: systemctl reload wg-quick@$IFNAME
36: