@ -1,12 +1,20 @@
#!/usr/bin/with-contenv bash
if [ ! -f /config/wg0.conf ] || [ -z "$PEERS" ] || [ -z "$SERVERURL" ] ; then
if [ ! -f /config/wg0.conf ] || [ -z "$PEERS" ]; then
echo "Wireguard is not set up in server mode"
exit 0
fi
INTERNAL_SUBNET=${INTERNAL_SUBNET:-10.13.13.0}
INTERFACE=$(echo "$INTERNAL_SUBNET" | awk 'BEGIN{FS=OFS="."} NF--')
if [ -z "$SERVERURL" ] || [ "$SERVERURL" = "auto" ]; then
SERVERURL=$(curl icanhazip.com)
fi
SERVERPORT=${SERVERPORT:-51820}
PEERDNS=${PEERDNS:-8.8.8.8}
for i in {1..254}; do
if grep -q "AllowedIPs = 10.13.13.$(( $i + 1 ))/32" /config/wg0.conf; then
if grep -q "AllowedIPs = ${INTERFACE} .$(( $i + 1 ))/32" /config/wg0.conf; then
echo "Peer $i exists"
else
echo "Adding new Peer $i"
@ -15,24 +23,14 @@ for i in {1..254}; do
umask 077
wg genkey | tee /config/peer${i}/privatekey-peer${i} | wg pubkey > /config/peer${i}/publickey-peer${i}
fi
SERVERPORT=${SERVERPORT:-51820}
PEERDNS=${PEERDNS:-8.8.8.8}
eval "`printf %s`
cat <<DUDE > /config/peer${i}/peer${i}.conf
[Interface]
Address = 10.13.13.$(( $i + 1 ))
PrivateKey = $(cat /config/peer${i}/privatekey-peer${i})
ListenPort = 51820
DNS = ${PEERDNS}
[Peer]
PublicKey = $(cat /config/server/publickey-server)
Endpoint = ${SERVERURL}:${SERVERPORT}
AllowedIPs = 0.0.0.0/0, ::/0
DUDE
`cat /config/templates/peer.conf`
DUDE"
cat <<DUDE >> /config/wg0.conf
[Peer]
PublicKey = $(cat /config/peer${i}/publickey-peer${i})
AllowedIPs = 10.13.13 .$(( $i + 1 ))/32
AllowedIPs = ${INTERFACE}.$(( $i + 1 ))/32
DUDE
echo "PEER ${i} QR code:"