proxmox-utils/wireguard/templates/root/Makefile


INTERFACE := wg0

SERVER_DIR := /etc/wireguard/
SERVER_TPL := templates/server.conf
SERVER_CLIENT_TPL := templates/client.tpl
SERVER_CONF := $(SERVER_DIR)/$(INTERFACE).conf
SERVER_KEY := $(SERVER_DIR)/server_id
SERVER_PUBLIC_KEY := $(SERVER_DIR)/server_id.pub

CLIENT_TPL := templates/client.conf
CLIENT_DIR := $(SERVER_DIR)/clients/

QRCODE ?= 1

ENDPOINT ?= ${ENDPOINT}
ENDPOINT_PORT ?= ${ENDPOINT_PORT}
DNS ?= ${DNS}
CLIENT_IPS ?= ${CLIENT_IPS}
ALLOWED_IPS ?= ${ALLOWED_IPS}


%_id:
	@ mkdir -p $$(dirname $@)
	wg genkey 2> /dev/null > $@
	chmod 600 $@


%_id.pub: %_id
	cat $< | wg pubkey > $@


# NOTE: the first letter of each pattern is quoted to prevent it from 
# 	being substituted when generating this Makefile from template.
$(SERVER_CONF): $(SERVER_TPL) $(SERVER_KEY)
	cat $< \
		| sed \
			-e 's/\$${\ENDPOINT_PORT}/$(ENDPOINT_PORT)/g' \
			-e 's/\$${\CLIENT_IPS}/$(subst /,\/,$(CLIENT_IPS))/g' \
			-e 's/\$${\SERVER_PRIVATE_KEY}/'$$(sed -e 's/\//\\\//g' "$(SERVER_KEY)")'/g' \
		> "$@"
	chmod 600 $@
	wg-quick up $(INTERFACE) 


# XXX need to figure out a way to link this to the .config file without 
# 	conflicting with the server's wg0.conf
%.client: $(CLIENT_TPL) $(SERVER_CLIENT_TPL) \
		$(CLIENT_DIR)/%_id $(CLIENT_DIR)/%_id.pub \
		$(SERVER_CONF) $(SERVER_PUBLIC_KEY)
	@ mkdir -p $(CLIENT_DIR)
	cat "$<" \
		| sed \
			-e 's/\$${\DNS}/$(DNS)/g' \
			-e 's/\$${\ENDPOINT}/$(ENDPOINT)/g' \
			-e 's/\$${\ENDPOINT_PORT}/$(ENDPOINT_PORT)/g' \
			-e 's/\$${\ALLOWED_IPS}/$(subst /,\/,$(ALLOWED_IPS))/g' \
			-e 's/\$${\CLIENT_IP}/$(shell ./getFreeClientIP)\/32/g' \
			-e 's/\$${\CLIENT_PRIVATE_KEY}/'$$(sed -e 's/\//\\\//g' "$(CLIENT_DIR)/$*_id")'/g' \
			-e 's/\$${\SERVER_PUBLIC_KEY}/'$$(sed -e 's/\//\\\//g' "$(SERVER_PUBLIC_KEY)")'/g' \
		> "$(CLIENT_DIR)/$*.conf"
	ln -s "$(CLIENT_DIR)/$*.conf" $*.client
	cat "$(SERVER_CLIENT_TPL)" \
		| sed \
			-e 's/\$${\CLIENT_IP}/$(shell ./getFreeClientIP)\/32/g' \
			-e 's/\$${\ENDPOINT}/$(ENDPOINT)/g' \
			-e 's/\$${\ENDPOINT_PORT}/$(ENDPOINT_PORT)/g' \
			-e 's/\$${\CLIENT_PUBLIC_KEY}/'$$(sed -e 's/\//\\\//g' "$(CLIENT_DIR)/$*_id.pub")'/g' \
			-e 's/\$${\SERVER_PUBLIC_KEY}/'$$(sed -e 's/\//\\\//g' "$(SERVER_PUBLIC_KEY)")'/g' \
		>> "$(SERVER_CONF)"
	make update
	@ [ "$(QRCODE)" == "1" ] \
		&& ( echo "# Profile: $*" \
			&& qrencode -t UTF8 -r "$(CLIENT_DIR)/$*.conf" )
	@ cat "$(CLIENT_DIR)/$*.conf"
	@ echo 


%.qr: %.conf
	@ ( echo "# Profile: $*" \
		&& qrencode -t UTF8 -r "$*.conf" )


update:
	wg syncconf $(INTERFACE) <(wg-quick strip $(INTERFACE))


server: $(SERVER_CONF)
added wireguard (untested)... Signed-off-by: Alex A. Naanou <alex.nanou@gmail.com> 2024-01-09 03:21:36 +03:00
tweaks... Signed-off-by: Alex A. Naanou <alex.nanou@gmail.com> 2024-01-15 20:48:11 +03:00			`INTERFACE := wg0`
added wireguard (untested)... Signed-off-by: Alex A. Naanou <alex.nanou@gmail.com> 2024-01-09 03:21:36 +03:00
dir creation... Signed-off-by: Alex A. Naanou <alex.nanou@gmail.com> 2024-01-09 14:05:06 +03:00			`SERVER_DIR := /etc/wireguard/`
tweaks... Signed-off-by: Alex A. Naanou <alex.nanou@gmail.com> 2024-01-15 20:48:11 +03:00			`SERVER_TPL := templates/server.conf`
			`SERVER_CLIENT_TPL := templates/client.tpl`
			`SERVER_CONF := $(SERVER_DIR)/$(INTERFACE).conf`
dir creation... Signed-off-by: Alex A. Naanou <alex.nanou@gmail.com> 2024-01-09 14:05:06 +03:00			`SERVER_KEY := $(SERVER_DIR)/server_id`
			`SERVER_PUBLIC_KEY := $(SERVER_DIR)/server_id.pub`
added wireguard (untested)... Signed-off-by: Alex A. Naanou <alex.nanou@gmail.com> 2024-01-09 03:21:36 +03:00
			`CLIENT_TPL := templates/client.conf`
dir creation... Signed-off-by: Alex A. Naanou <alex.nanou@gmail.com> 2024-01-09 14:05:06 +03:00			`CLIENT_DIR := $(SERVER_DIR)/clients/`
added wireguard (untested)... Signed-off-by: Alex A. Naanou <alex.nanou@gmail.com> 2024-01-09 03:21:36 +03:00
moved qrcode generation to makefile... Signed-off-by: Alex A. Naanou <alex.nanou@gmail.com> 2024-01-11 02:19:16 +03:00			`QRCODE ?= 1`
wireguard almost done... Signed-off-by: Alex A. Naanou <alex.nanou@gmail.com> 2024-01-09 15:49:42 +03:00
wireguard mostly done... Signed-off-by: Alex A. Naanou <alex.nanou@gmail.com> 2024-01-10 06:40:46 +03:00			`ENDPOINT ?= ${ENDPOINT}`
			`ENDPOINT_PORT ?= ${ENDPOINT_PORT}`
fix... Signed-off-by: Alex A. Naanou <alex.nanou@gmail.com> 2024-01-10 04:46:43 +03:00			`DNS ?= ${DNS}`
wireguard mostly done... Signed-off-by: Alex A. Naanou <alex.nanou@gmail.com> 2024-01-10 06:40:46 +03:00			`CLIENT_IPS ?= ${CLIENT_IPS}`
			`ALLOWED_IPS ?= ${ALLOWED_IPS}`
added wireguard (untested)... Signed-off-by: Alex A. Naanou <alex.nanou@gmail.com> 2024-01-09 03:21:36 +03:00

added ip generation... Signed-off-by: Alex A. Naanou <alex.nanou@gmail.com> 2024-01-10 06:01:28 +03:00
added wireguard (untested)... Signed-off-by: Alex A. Naanou <alex.nanou@gmail.com> 2024-01-09 03:21:36 +03:00			`%_id:`
dir creation... Signed-off-by: Alex A. Naanou <alex.nanou@gmail.com> 2024-01-09 14:05:06 +03:00			`@ mkdir -p $$(dirname $@)`
tweaks... Signed-off-by: Alex A. Naanou <alex.nanou@gmail.com> 2024-01-09 15:16:25 +03:00			`wg genkey 2> /dev/null > $@`
			`chmod 600 $@`
added wireguard (untested)... Signed-off-by: Alex A. Naanou <alex.nanou@gmail.com> 2024-01-09 03:21:36 +03:00
wireguard working... Signed-off-by: Alex A. Naanou <alex.nanou@gmail.com> 2024-01-15 21:11:02 +03:00
added wireguard (untested)... Signed-off-by: Alex A. Naanou <alex.nanou@gmail.com> 2024-01-09 03:21:36 +03:00			`%_id.pub: %_id`
			`cat $< \| wg pubkey > $@`


tweaking... Signed-off-by: Alex A. Naanou <alex.nanou@gmail.com> 2024-01-10 02:14:36 +03:00			`# NOTE: the first letter of each pattern is quoted to prevent it from`
			`# being substituted when generating this Makefile from template.`
added wireguard (untested)... Signed-off-by: Alex A. Naanou <alex.nanou@gmail.com> 2024-01-09 03:21:36 +03:00			`$(SERVER_CONF): $(SERVER_TPL) $(SERVER_KEY)`
			`cat $< \`
			`\| sed \`
moved Makefile to templates... Signed-off-by: Alex A. Naanou <alex.nanou@gmail.com> 2024-01-10 01:22:06 +03:00			`-e 's/\$${\ENDPOINT_PORT}/$(ENDPOINT_PORT)/g' \`
			`-e 's/\$${\CLIENT_IPS}/$(subst /,\/,$(CLIENT_IPS))/g' \`
			`-e 's/\$${\SERVER_PRIVATE_KEY}/'$$(sed -e 's/\//\\\//g' "$(SERVER_KEY)")'/g' \`
added wireguard (untested)... Signed-off-by: Alex A. Naanou <alex.nanou@gmail.com> 2024-01-09 03:21:36 +03:00			`> "$@"`
tweaks... Signed-off-by: Alex A. Naanou <alex.nanou@gmail.com> 2024-01-15 20:55:54 +03:00			`chmod 600 $@`
experimenting... Signed-off-by: Alex A. Naanou <alex.nanou@gmail.com> 2024-01-15 21:16:10 +03:00			`wg-quick up $(INTERFACE)`
added wireguard (untested)... Signed-off-by: Alex A. Naanou <alex.nanou@gmail.com> 2024-01-09 03:21:36 +03:00
wireguard working... Signed-off-by: Alex A. Naanou <alex.nanou@gmail.com> 2024-01-15 21:11:02 +03:00
cleanup... Signed-off-by: Alex A. Naanou <alex.nanou@gmail.com> 2024-01-13 16:39:42 +03:00			`# XXX need to figure out a way to link this to the .config file without`
			`# conflicting with the server's wg0.conf`
experimenting... Signed-off-by: Alex A. Naanou <alex.nanou@gmail.com> 2024-01-15 21:22:55 +03:00			`%.client: $(CLIENT_TPL) $(SERVER_CLIENT_TPL) \`
added wireguard (untested)... Signed-off-by: Alex A. Naanou <alex.nanou@gmail.com> 2024-01-09 03:21:36 +03:00			`$(CLIENT_DIR)/%_id $(CLIENT_DIR)/%_id.pub \`
			`$(SERVER_CONF) $(SERVER_PUBLIC_KEY)`
tweaks... Signed-off-by: Alex A. Naanou <alex.nanou@gmail.com> 2024-01-09 15:16:25 +03:00			`@ mkdir -p $(CLIENT_DIR)`
added wireguard (untested)... Signed-off-by: Alex A. Naanou <alex.nanou@gmail.com> 2024-01-09 03:21:36 +03:00			`cat "$<" \`
			`\| sed \`
moved Makefile to templates... Signed-off-by: Alex A. Naanou <alex.nanou@gmail.com> 2024-01-10 01:22:06 +03:00			`-e 's/\$${\DNS}/$(DNS)/g' \`
			`-e 's/\$${\ENDPOINT}/$(ENDPOINT)/g' \`
			`-e 's/\$${\ENDPOINT_PORT}/$(ENDPOINT_PORT)/g' \`
			`-e 's/\$${\ALLOWED_IPS}/$(subst /,\/,$(ALLOWED_IPS))/g' \`
... Signed-off-by: Alex A. Naanou <alex.nanou@gmail.com> 2024-01-10 07:06:58 +03:00			`-e 's/\$${\CLIENT_IP}/$(shell ./getFreeClientIP)\/32/g' \`
moved Makefile to templates... Signed-off-by: Alex A. Naanou <alex.nanou@gmail.com> 2024-01-10 01:22:06 +03:00			`-e 's/\$${\CLIENT_PRIVATE_KEY}/'$$(sed -e 's/\//\\\//g' "$(CLIENT_DIR)/$*_id")'/g' \`
			`-e 's/\$${\SERVER_PUBLIC_KEY}/'$$(sed -e 's/\//\\\//g' "$(SERVER_PUBLIC_KEY)")'/g' \`
tweaks... Signed-off-by: Alex A. Naanou <alex.nanou@gmail.com> 2024-01-09 15:16:25 +03:00			`> "$(CLIENT_DIR)/$*.conf"`
experimenting... Signed-off-by: Alex A. Naanou <alex.nanou@gmail.com> 2024-01-15 21:22:55 +03:00			`ln -s "$(CLIENT_DIR)/$.conf" $.client`
added wireguard (untested)... Signed-off-by: Alex A. Naanou <alex.nanou@gmail.com> 2024-01-09 03:21:36 +03:00			`cat "$(SERVER_CLIENT_TPL)" \`
			`\| sed \`
... Signed-off-by: Alex A. Naanou <alex.nanou@gmail.com> 2024-01-10 07:06:58 +03:00			`-e 's/\$${\CLIENT_IP}/$(shell ./getFreeClientIP)\/32/g' \`
moved Makefile to templates... Signed-off-by: Alex A. Naanou <alex.nanou@gmail.com> 2024-01-10 01:22:06 +03:00			`-e 's/\$${\ENDPOINT}/$(ENDPOINT)/g' \`
			`-e 's/\$${\ENDPOINT_PORT}/$(ENDPOINT_PORT)/g' \`
			`-e 's/\$${\CLIENT_PUBLIC_KEY}/'$$(sed -e 's/\//\\\//g' "$(CLIENT_DIR)/$*_id.pub")'/g' \`
			`-e 's/\$${\SERVER_PUBLIC_KEY}/'$$(sed -e 's/\//\\\//g' "$(SERVER_PUBLIC_KEY)")'/g' \`
added wireguard (untested)... Signed-off-by: Alex A. Naanou <alex.nanou@gmail.com> 2024-01-09 03:21:36 +03:00			`>> "$(SERVER_CONF)"`
tweaks... Signed-off-by: Alex A. Naanou <alex.nanou@gmail.com> 2024-01-15 20:48:11 +03:00			`make update`
			`@ [ "$(QRCODE)" == "1" ] \`
			`&& ( echo "# Profile: $*" \`
cleanup... Signed-off-by: Alex A. Naanou <alex.nanou@gmail.com> 2024-01-11 02:26:54 +03:00			`&& qrencode -t UTF8 -r "$(CLIENT_DIR)/$*.conf" )`
wireguard working... Signed-off-by: Alex A. Naanou <alex.nanou@gmail.com> 2024-01-15 21:11:02 +03:00			`@ cat "$(CLIENT_DIR)/$*.conf"`
			`@ echo`
added wireguard (untested)... Signed-off-by: Alex A. Naanou <alex.nanou@gmail.com> 2024-01-09 03:21:36 +03:00

experiment... Signed-off-by: Alex A. Naanou <alex.nanou@gmail.com> 2024-01-13 10:03:29 +03:00
experimenting... Signed-off-by: Alex A. Naanou <alex.nanou@gmail.com> 2024-01-15 21:16:10 +03:00			`%.qr: %.conf`
experiment... Signed-off-by: Alex A. Naanou <alex.nanou@gmail.com> 2024-01-13 10:03:29 +03:00			`@ ( echo "# Profile: $*" \`
experiment... Signed-off-by: Alex A. Naanou <alex.nanou@gmail.com> 2024-01-13 10:20:04 +03:00			`&& qrencode -t UTF8 -r "$*.conf" )`
experiment... Signed-off-by: Alex A. Naanou <alex.nanou@gmail.com> 2024-01-13 10:03:29 +03:00

tweaks... Signed-off-by: Alex A. Naanou <alex.nanou@gmail.com> 2024-01-15 20:48:11 +03:00			`update:`
			`wg syncconf $(INTERFACE) <(wg-quick strip $(INTERFACE))`


wireguard working... Signed-off-by: Alex A. Naanou <alex.nanou@gmail.com> 2024-01-15 21:11:02 +03:00			`server: $(SERVER_CONF)`


added wireguard (untested)... Signed-off-by: Alex A. Naanou <alex.nanou@gmail.com> 2024-01-09 03:21:36 +03:00