proxmox-utils/wireguard/templates/root/Makefile

#----------------------------------------------------------------------
#
#----------------------------------------------------------------------

INTERFACE := wg0

SERVER_DIR := /etc/wireguard/
SERVER_TPL := templates/server.conf
SERVER_CLIENT_TPL := templates/client.tpl
SERVER_CONF := $(SERVER_DIR)/$(INTERFACE).conf
SERVER_KEY := $(SERVER_DIR)/server_id
SERVER_PUBLIC_KEY := $(SERVER_DIR)/server_id.pub

CLIENT_TPL := templates/client.conf
CLIENT_DIR := $(SERVER_DIR)/clients/

QRCODE ?= 1

ENDPOINT ?= ${ENDPOINT}
ENDPOINT_PORT ?= ${ENDPOINT_PORT}
DNS ?= ${DNS}
CLIENT_IPS ?= ${CLIENT_IPS}
ALLOWED_IPS ?= ${ALLOWED_IPS}


#----------------------------------------------------------------------

%_id:
	@ mkdir -p $$(dirname $@)
	wg genkey 2> /dev/null > $@
	chmod 600 $@


%_id.pub: %_id
	cat $< | wg pubkey > $@


%_ip:
	./getFreeClientIP > $@


# NOTE: the first letter of each pattern is quoted to prevent it from 
# 	being substituted when generating this Makefile from template.
# XXX build this from client files...
$(SERVER_CONF): $(SERVER_TPL) $(SERVER_KEY)
	cat $< \
		| sed \
			-e 's/\$${\ENDPOINT_PORT}/$(ENDPOINT_PORT)/g' \
			-e 's/\$${\CLIENT_IPS}/$(subst /,\/,$(CLIENT_IPS))/g' \
			-e 's/\$${\SERVER_PRIVATE_KEY}/'$$(sed -e 's/\//\\\//g' "$(SERVER_KEY)")'/g' \
		> "$@"
	chmod 600 $@
	wg-quick up $(INTERFACE) 


.PRECIOUS: %.wg
%.wg: $(CLIENT_TPL) $(SERVER_CLIENT_TPL) \
		%_id %_id.pub %_ip \
		$(SERVER_CONF) $(SERVER_PUBLIC_KEY)
	@ mkdir -p $(shell dirname "$*")
	cat "$<" \
		| sed \
			-e 's/\$${\DNS}/$(DNS)/g' \
			-e 's/\$${\ENDPOINT}/$(ENDPOINT)/g' \
			-e 's/\$${\ENDPOINT_PORT}/$(ENDPOINT_PORT)/g' \
			-e 's/\$${\ALLOWED_IPS}/$(subst /,\/,$(ALLOWED_IPS))/g' \
			-e 's/\$${\CLIENT_IP}/$(shell cat $*_ip)\/32/g' \
			-e 's/\$${\CLIENT_PRIVATE_KEY}/$(shell sed -e 's/\//\\\//g' "$*_id")/g' \
			-e 's/\$${\SERVER_PUBLIC_KEY}/$(shell sed -e 's/\//\\\//g' "$(SERVER_PUBLIC_KEY)")/g' \
		> "$@"
	cat "$(SERVER_CLIENT_TPL)" \
		| sed \
			-e 's/\$${\CLIENT_IP}/$(shell cat $*_ip)\/32/g' \
			-e 's/\$${\ENDPOINT}/$(ENDPOINT)/g' \
			-e 's/\$${\ENDPOINT_PORT}/$(ENDPOINT_PORT)/g' \
			-e 's/\$${\CLIENT_PUBLIC_KEY}/$(shell sed -e 's/\//\\\//g' "$*_id.pub")/g' \
			-e 's/\$${\SERVER_PUBLIC_KEY}/$(shell sed -e 's/\//\\\//g' "$(SERVER_PUBLIC_KEY)")/g' \
		>> "$(SERVER_CONF)"


.PHONY: %.show
%.show: %.wg
	@ [ "$(QRCODE)" == "1" ] \
		&& ( echo "# Profile: $*" \
			&& qrencode -t UTF8 -r "$<" )
	@ cat "$<"
	@ echo 


.PHONY: %.client
%.client: $(CLIENT_DIR)/%.wg update $(CLIENT_DIR)/%.show
	@


#----------------------------------------------------------------------

.PHONY: update
update:
	wg syncconf $(INTERFACE) <(wg-quick strip $(INTERFACE))


.PHONY: server
server: $(SERVER_CONF)


#----------------------------------------------------------------------
happy-ish with the Makefile... Signed-off-by: Alex A. Naanou <alex.nanou@gmail.com> 2024-01-16 04:19:15 +03:00			`#----------------------------------------------------------------------`
			`#`
			`#----------------------------------------------------------------------`
added wireguard (untested)... Signed-off-by: Alex A. Naanou <alex.nanou@gmail.com> 2024-01-09 03:21:36 +03:00
tweaks... Signed-off-by: Alex A. Naanou <alex.nanou@gmail.com> 2024-01-15 20:48:11 +03:00			`INTERFACE := wg0`
added wireguard (untested)... Signed-off-by: Alex A. Naanou <alex.nanou@gmail.com> 2024-01-09 03:21:36 +03:00
dir creation... Signed-off-by: Alex A. Naanou <alex.nanou@gmail.com> 2024-01-09 14:05:06 +03:00			`SERVER_DIR := /etc/wireguard/`
tweaks... Signed-off-by: Alex A. Naanou <alex.nanou@gmail.com> 2024-01-15 20:48:11 +03:00			`SERVER_TPL := templates/server.conf`
			`SERVER_CLIENT_TPL := templates/client.tpl`
			`SERVER_CONF := $(SERVER_DIR)/$(INTERFACE).conf`
dir creation... Signed-off-by: Alex A. Naanou <alex.nanou@gmail.com> 2024-01-09 14:05:06 +03:00			`SERVER_KEY := $(SERVER_DIR)/server_id`
			`SERVER_PUBLIC_KEY := $(SERVER_DIR)/server_id.pub`
added wireguard (untested)... Signed-off-by: Alex A. Naanou <alex.nanou@gmail.com> 2024-01-09 03:21:36 +03:00
			`CLIENT_TPL := templates/client.conf`
dir creation... Signed-off-by: Alex A. Naanou <alex.nanou@gmail.com> 2024-01-09 14:05:06 +03:00			`CLIENT_DIR := $(SERVER_DIR)/clients/`
added wireguard (untested)... Signed-off-by: Alex A. Naanou <alex.nanou@gmail.com> 2024-01-09 03:21:36 +03:00
moved qrcode generation to makefile... Signed-off-by: Alex A. Naanou <alex.nanou@gmail.com> 2024-01-11 02:19:16 +03:00			`QRCODE ?= 1`
wireguard almost done... Signed-off-by: Alex A. Naanou <alex.nanou@gmail.com> 2024-01-09 15:49:42 +03:00
wireguard mostly done... Signed-off-by: Alex A. Naanou <alex.nanou@gmail.com> 2024-01-10 06:40:46 +03:00			`ENDPOINT ?= ${ENDPOINT}`
			`ENDPOINT_PORT ?= ${ENDPOINT_PORT}`
fix... Signed-off-by: Alex A. Naanou <alex.nanou@gmail.com> 2024-01-10 04:46:43 +03:00			`DNS ?= ${DNS}`
wireguard mostly done... Signed-off-by: Alex A. Naanou <alex.nanou@gmail.com> 2024-01-10 06:40:46 +03:00			`CLIENT_IPS ?= ${CLIENT_IPS}`
			`ALLOWED_IPS ?= ${ALLOWED_IPS}`
added wireguard (untested)... Signed-off-by: Alex A. Naanou <alex.nanou@gmail.com> 2024-01-09 03:21:36 +03:00

added ip generation... Signed-off-by: Alex A. Naanou <alex.nanou@gmail.com> 2024-01-10 06:01:28 +03:00
happy-ish with the Makefile... Signed-off-by: Alex A. Naanou <alex.nanou@gmail.com> 2024-01-16 04:19:15 +03:00			`#----------------------------------------------------------------------`

added wireguard (untested)... Signed-off-by: Alex A. Naanou <alex.nanou@gmail.com> 2024-01-09 03:21:36 +03:00			`%_id:`
dir creation... Signed-off-by: Alex A. Naanou <alex.nanou@gmail.com> 2024-01-09 14:05:06 +03:00			`@ mkdir -p $$(dirname $@)`
tweaks... Signed-off-by: Alex A. Naanou <alex.nanou@gmail.com> 2024-01-09 15:16:25 +03:00			`wg genkey 2> /dev/null > $@`
			`chmod 600 $@`
added wireguard (untested)... Signed-off-by: Alex A. Naanou <alex.nanou@gmail.com> 2024-01-09 03:21:36 +03:00
wireguard working... Signed-off-by: Alex A. Naanou <alex.nanou@gmail.com> 2024-01-15 21:11:02 +03:00
added wireguard (untested)... Signed-off-by: Alex A. Naanou <alex.nanou@gmail.com> 2024-01-09 03:21:36 +03:00			`%_id.pub: %_id`
			`cat $< \| wg pubkey > $@`


experimenting... Signed-off-by: Alex A. Naanou <alex.nanou@gmail.com> 2024-01-16 04:07:04 +03:00			`%_ip:`
			`./getFreeClientIP > $@`


tweaking... Signed-off-by: Alex A. Naanou <alex.nanou@gmail.com> 2024-01-10 02:14:36 +03:00			`# NOTE: the first letter of each pattern is quoted to prevent it from`
			`# being substituted when generating this Makefile from template.`
tweak... Signed-off-by: Alex A. Naanou <alex.nanou@gmail.com> 2024-01-16 22:55:05 +03:00			`# XXX build this from client files...`
added wireguard (untested)... Signed-off-by: Alex A. Naanou <alex.nanou@gmail.com> 2024-01-09 03:21:36 +03:00			`$(SERVER_CONF): $(SERVER_TPL) $(SERVER_KEY)`
			`cat $< \`
			`\| sed \`
moved Makefile to templates... Signed-off-by: Alex A. Naanou <alex.nanou@gmail.com> 2024-01-10 01:22:06 +03:00			`-e 's/\$${\ENDPOINT_PORT}/$(ENDPOINT_PORT)/g' \`
			`-e 's/\$${\CLIENT_IPS}/$(subst /,\/,$(CLIENT_IPS))/g' \`
			`-e 's/\$${\SERVER_PRIVATE_KEY}/'$$(sed -e 's/\//\\\//g' "$(SERVER_KEY)")'/g' \`
added wireguard (untested)... Signed-off-by: Alex A. Naanou <alex.nanou@gmail.com> 2024-01-09 03:21:36 +03:00			`> "$@"`
tweaks... Signed-off-by: Alex A. Naanou <alex.nanou@gmail.com> 2024-01-15 20:55:54 +03:00			`chmod 600 $@`
experimenting... Signed-off-by: Alex A. Naanou <alex.nanou@gmail.com> 2024-01-15 21:16:10 +03:00			`wg-quick up $(INTERFACE)`
added wireguard (untested)... Signed-off-by: Alex A. Naanou <alex.nanou@gmail.com> 2024-01-09 03:21:36 +03:00
wireguard working... Signed-off-by: Alex A. Naanou <alex.nanou@gmail.com> 2024-01-15 21:11:02 +03:00
experimenting... Signed-off-by: Alex A. Naanou <alex.nanou@gmail.com> 2024-01-16 04:07:04 +03:00			`.PRECIOUS: %.wg`
			`%.wg: $(CLIENT_TPL) $(SERVER_CLIENT_TPL) \`
			`%_id %_id.pub %_ip \`
added wireguard (untested)... Signed-off-by: Alex A. Naanou <alex.nanou@gmail.com> 2024-01-09 03:21:36 +03:00			`$(SERVER_CONF) $(SERVER_PUBLIC_KEY)`
experimenting... Signed-off-by: Alex A. Naanou <alex.nanou@gmail.com> 2024-01-16 04:07:04 +03:00			`@ mkdir -p $(shell dirname "$*")`
added wireguard (untested)... Signed-off-by: Alex A. Naanou <alex.nanou@gmail.com> 2024-01-09 03:21:36 +03:00			`cat "$<" \`
			`\| sed \`
moved Makefile to templates... Signed-off-by: Alex A. Naanou <alex.nanou@gmail.com> 2024-01-10 01:22:06 +03:00			`-e 's/\$${\DNS}/$(DNS)/g' \`
			`-e 's/\$${\ENDPOINT}/$(ENDPOINT)/g' \`
			`-e 's/\$${\ENDPOINT_PORT}/$(ENDPOINT_PORT)/g' \`
			`-e 's/\$${\ALLOWED_IPS}/$(subst /,\/,$(ALLOWED_IPS))/g' \`
experimenting... Signed-off-by: Alex A. Naanou <alex.nanou@gmail.com> 2024-01-16 04:07:04 +03:00			`-e 's/\$${\CLIENT_IP}/$(shell cat $*_ip)\/32/g' \`
			`-e 's/\$${\CLIENT_PRIVATE_KEY}/$(shell sed -e 's/\//\\\//g' "$*_id")/g' \`
			`-e 's/\$${\SERVER_PUBLIC_KEY}/$(shell sed -e 's/\//\\\//g' "$(SERVER_PUBLIC_KEY)")/g' \`
			`> "$@"`
added wireguard (untested)... Signed-off-by: Alex A. Naanou <alex.nanou@gmail.com> 2024-01-09 03:21:36 +03:00			`cat "$(SERVER_CLIENT_TPL)" \`
			`\| sed \`
experimenting... Signed-off-by: Alex A. Naanou <alex.nanou@gmail.com> 2024-01-16 04:07:04 +03:00			`-e 's/\$${\CLIENT_IP}/$(shell cat $*_ip)\/32/g' \`
moved Makefile to templates... Signed-off-by: Alex A. Naanou <alex.nanou@gmail.com> 2024-01-10 01:22:06 +03:00			`-e 's/\$${\ENDPOINT}/$(ENDPOINT)/g' \`
			`-e 's/\$${\ENDPOINT_PORT}/$(ENDPOINT_PORT)/g' \`
experimenting... Signed-off-by: Alex A. Naanou <alex.nanou@gmail.com> 2024-01-16 04:07:04 +03:00			`-e 's/\$${\CLIENT_PUBLIC_KEY}/$(shell sed -e 's/\//\\\//g' "$*_id.pub")/g' \`
			`-e 's/\$${\SERVER_PUBLIC_KEY}/$(shell sed -e 's/\//\\\//g' "$(SERVER_PUBLIC_KEY)")/g' \`
added wireguard (untested)... Signed-off-by: Alex A. Naanou <alex.nanou@gmail.com> 2024-01-09 03:21:36 +03:00			`>> "$(SERVER_CONF)"`
experimenting... Signed-off-by: Alex A. Naanou <alex.nanou@gmail.com> 2024-01-15 21:38:50 +03:00

happy-ish with the Makefile... Signed-off-by: Alex A. Naanou <alex.nanou@gmail.com> 2024-01-16 04:19:15 +03:00			`.PHONY: %.show`
experimenting... Signed-off-by: Alex A. Naanou <alex.nanou@gmail.com> 2024-01-16 04:07:04 +03:00			`%.show: %.wg`
tweaks... Signed-off-by: Alex A. Naanou <alex.nanou@gmail.com> 2024-01-15 20:48:11 +03:00			`@ [ "$(QRCODE)" == "1" ] \`
			`&& ( echo "# Profile: $*" \`
experimenting... Signed-off-by: Alex A. Naanou <alex.nanou@gmail.com> 2024-01-16 04:07:04 +03:00			`&& qrencode -t UTF8 -r "$<" )`
			`@ cat "$<"`
wireguard working... Signed-off-by: Alex A. Naanou <alex.nanou@gmail.com> 2024-01-15 21:11:02 +03:00			`@ echo`
added wireguard (untested)... Signed-off-by: Alex A. Naanou <alex.nanou@gmail.com> 2024-01-09 03:21:36 +03:00

happy-ish with the Makefile... Signed-off-by: Alex A. Naanou <alex.nanou@gmail.com> 2024-01-16 04:19:15 +03:00			`.PHONY: %.client`
experimenting... Signed-off-by: Alex A. Naanou <alex.nanou@gmail.com> 2024-01-16 04:07:04 +03:00			`%.client: $(CLIENT_DIR)/%.wg update $(CLIENT_DIR)/%.show`
			`@`


happy-ish with the Makefile... Signed-off-by: Alex A. Naanou <alex.nanou@gmail.com> 2024-01-16 04:19:15 +03:00			`#----------------------------------------------------------------------`

			`.PHONY: update`
tweaks... Signed-off-by: Alex A. Naanou <alex.nanou@gmail.com> 2024-01-15 20:48:11 +03:00			`update:`
			`wg syncconf $(INTERFACE) <(wg-quick strip $(INTERFACE))`


happy-ish with the Makefile... Signed-off-by: Alex A. Naanou <alex.nanou@gmail.com> 2024-01-16 04:19:15 +03:00			`.PHONY: server`
wireguard working... Signed-off-by: Alex A. Naanou <alex.nanou@gmail.com> 2024-01-15 21:11:02 +03:00			`server: $(SERVER_CONF)`


added wireguard (untested)... Signed-off-by: Alex A. Naanou <alex.nanou@gmail.com> 2024-01-09 03:21:36 +03:00
happy-ish with the Makefile... Signed-off-by: Alex A. Naanou <alex.nanou@gmail.com> 2024-01-16 04:19:15 +03:00			`#----------------------------------------------------------------------`