-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathjoin-wg.sh
74 lines (67 loc) · 2.18 KB
/
join-wg.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
#!/usr/bin/env bash
# this script depends on wireguard-tools, python3 and curl
if test $EUID -ne 0
then
echo "Please run with root permissions"
exit 10
fi
if test -z "${2}"
then
if test -f /etc/wireguard/wg0.conf
then
echo "/etc/wireguard/wg0.conf already exists. You must specify an interface manually"
exit 11
fi
fi
FIX_WG_QUICK="true"
PEER=${1:-google.com}
IFACE=${2:-wg0}
fix_wg_quick(){
# fix the wg-quick service file because it's not robust enough
local _broken_service_file="/usr/lib/systemd/system/[email protected]"
local _fixed_service_file=$(dirname "${_broken_service_file}")/[email protected]
cp -af "${_broken_service_file}" "${_fixed_service_file}"
sed 's,^\[Unit\],[Unit]\nStartLimitBurst=0,' -i "${_fixed_service_file}"
sed 's,^\[Service\],[Service]\nRestart=on-failure\nRestartSec=3,' -i "${_fixed_service_file}"
systemctl daemon-reload
}
which wg-request >/dev/null 2>/dev/null
wret=$?
if test $wret -ne 0
then
rm -f /tmp/wg-request
curl --retry-max-time 0 --retry 999 -fsSL -o /tmp/wg-request https://raw.githubusercontent.com/greyltc/wg-request/master/wg-request >/dev/null 2>/dev/null
if test ! -f /tmp/wg-request
then
exit 12
fi
chmod +x /tmp/wg-request >/dev/null 2>/dev/null
run_cmd="python3 /tmp/wg-request"
else
run_cmd="wg-request"
fi
wg genkey | tee /tmp/peer_A.key | wg pubkey > /tmp/peer_A.pub
timeout 65 ${run_cmd} --private-key $(cat /tmp/peer_A.key) $(cat /tmp/peer_A.pub) "${PEER}" > "/etc/wireguard/${IFACE}.conf" 2>/dev/null
rslt=$?
rm -f /tmp/wg-request >/dev/null 2>/dev/null
rm -f /tmp/peer_A.key >/dev/null 2>/dev/null
rm -f /tmp/peer_A.pub >/dev/null 2>/dev/null
if test ${rslt} -eq 0
then
echo "New config written to /etc/wireguard/${IFACE}.conf"
cat "/etc/wireguard/${IFACE}.conf"
wg-quick down "${IFACE}" >/dev/null 2>/dev/null
wg-quick up "${IFACE}" >/dev/null 2>/dev/null
if test "${FIX_WG_QUICK}" = "true"
then
fix_wg_quick
systemctl enable "wg-quick-fixed@${IFACE}" >/dev/null 2>/dev/null
else
systemctl enable "wg-quick@${IFACE}" >/dev/null 2>/dev/null
fi
rslt=0
else
echo "New config NOT written to /etc/wireguard/${IFACE}.conf"
rm "/etc/wireguard/${IFACE}.conf"
fi
exit ${rslt}