flynx/proxmox-utils
1
0
Fork 0
mirror of https://github.com/flynx/proxmox-utils.git synced 2025-10-31 04:00:08 +00:00
Code Issues Packages Projects Releases Wiki Activity

added wireguard (untested)...

Browse Source 
Signed-off-by: Alex A. Naanou <alex.nanou@gmail.com>
This commit is contained in:
Alex A. Naanou 2024-01-09 03:21:36 +03:00
parent be0983f859
commit 97f88b63af
8 changed files with 121 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

0
wireguard/assets/etc/wireguard/wg0.conf
View File

64
wireguard/assets/root/Makefile Normal file
View File

@ -0,0 +1,64 @@
SERVER_TPL := templates/wg0.conf
SERVER_CLIENT_TPL := templates/wg0-client.conf
SERVER_CONF := /etc/wireguard/wg0.conf
SERVER_KEY := /etc/wireguard/server_id
SERVER_PUBLIC_KEY := /etc/wireguard/server_id.pub
CLIENT_TPL := templates/client.conf
CLIENT_DIR := /etc/wireguard/clients/
ENDPOINT_PORT := 51820
ENDPOINT :=
CLIENT_IPS := 10.42.0.0/16
DNS := 10.1.1.1
%_id:
wg genkey > $@
%_id.pub: %_id
cat $< | wg pubkey > $@
$(SERVER_CONF): $(SERVER_TPL) $(SERVER_KEY)
cat $< \
| sed \
-e 's/$${SERVER_PORT}/$(SERVER_PORT)/g' \
-e 's/$${CLIENT_IPS}/$(CLIENT_IPS)/g' \
-e 's/$${SERVER_PRIVATE_KEY}/'$$(cat "$(SERVER_KEY)")'/g' \
> "$@"
$(CLIENT_DIR)/%.conf: $(CLIENT_TPL) $(SERVER_CLIENT_TPL) \
$(CLIENT_DIR)/%_id $(CLIENT_DIR)/%_id.pub \
$(SERVER_CONF) $(SERVER_PUBLIC_KEY)
cat "$<" \
| sed \
-e 's/$${DNS}/$(DNS)/g' \
-e 's/$${ENDPOINT}/$(ENDPOINT)/g' \
-e 's/$${ENDPOINT_PORT}/$(ENDPOINT_PORT)/g' \
-e 's/$${ALLOWED_IPS}/$(ALLOWED_IPS)/g' \
-e 's/$${CLIENT_IP}/$(CLIENT_IP)/g' \
-e 's/$${CLIENT_PRIVATE_KEY}/'$$(cat "$(CLIENT_DIR)/$%_id")'/g' \
-e 's/$${SERVER_PUBLIC_KEY}/'$$(cat "$(SERVER_PUBLIC_KEY)")'/g' \
> "$@"
cat "$(SERVER_CLIENT_TPL)" \
| sed \
-e 's/$${CLIENT_IP}/$(CLIENT_IP)/g' \
-e 's/$${ENDPOINT}/$(ENDPOINT)/g' \
-e 's/$${ENDPOINT_PORT}/$(ENDPOINT_PORT)/g' \
-e 's/$${CLIENT_PUBLIC_KEY}/'$$(cat "$(CLIENT_DIR)/$%_id.pub")'/g' \
-e 's/$${SERVER_PUBLIC_KEY}/'$$(cat "$(SERVER_PUBLIC_KEY)")'/g' \
>> "$(SERVER_CONF)"
server: $(SERVER_CONF)
clients:

0
wireguard/assets/root/addwgprofile.sh
View File

8
wireguard/assets/root/make-client Executable file
View File

@ -0,0 +1,8 @@
#!/usr/bin/bash
SERVER_TEMPLATE=
CLIENT_TEMPLATE=
PRIVATE_KEY=
PUBLIC_KEY=

24
wireguard/assets/root/make-server Executable file
View File

@ -0,0 +1,24 @@
#!/usr/bin/bash
SERVER_TEMPLATE=${SERVER_TEMPLATE:=templates/wg0.conf}
SERVER_CONF=/etc/wireguard/wg0.conf
PUBLIC_KEY=/etc/wireguard/server_id
PRIVATE_KEY=/etc/wireguard/server_id.pub
if ! [ -e "$PRIVATE_KEY" ] ; then
wg genkey > "$PRIVATE_KEY"
fi
if ! [ -e "$PUBLIC_KEY" ] ; then
cat "$PRIVATE_KEY" | wg pubkey > "$PUBLIC_KEY"
fi
PRIVATE_KEY=$(cat "$PRIVATE_KEY")
cat ${SERVER_TEMPLATE} \
| sed \
-q 's/\${SERVER_PRIVATE_KEY}/'${PRIVATE_KEY}'/g' \
> "${SERVER_CONF}"
./make-client

10
wireguard/assets/root/templates/client.config Normal file
View File

@ -0,0 +1,10 @@
[Interface]
PrivateKey = ${CLIENT_PRIVATE_KEY}
Address = ${CLIENT_IP}/32
DNS = ${DNS}
[Peer]
PublicKey = ${SERVER_PUBLIC_KEY}
AllowedIPs = ${ALLOWED_IPS}
Endpoint = ${ENDPOINT}:${ENDPOINT_PORT}

6
wireguard/assets/root/templates/wg0-client.tpl Normal file
View File

@ -0,0 +1,6 @@
[Peer]
PublicKey = ${CLIENT_PUBLIC_KEY}
AllowedIPs = ${CLIENT_IP}/32
Endpoint = ${ENDPOINT}:${ENDPOINT_PORT}

9
wireguard/assets/root/templates/wg0.conf Normal file
View File

@ -0,0 +1,9 @@
[Interface]
Address = ${CLIENT_IPS}
SaveConfig = true
PostUp = iptables -A FORWARD -i wg0 -j ACCEPT; iptables -t nat -A POSTROUTING -o lan -j MASQUERADE; iptables -t nat -A POSTROUTING -o admin -j MASQUERADE;
PostDown = iptables -D FORWARD -i wg0 -j ACCEPT; iptables -t nat -D POSTROUTING -o lan -j MASQUERADE; iptables -t nat -D POSTROUTING -o admin -j MASQUERADE;
ListenPort = ${ENDPOINT_PORT}
PrivateKey = ${SERVER_PRIVATE_KEY}