#!/usr/bin/with-contenv bash if [ ! -f /config/wg0.conf ] || [ -z "$PEERS" ] || [ -z "$SERVERURL" ]; then echo "Wireguard is not set up in server mode" exit 0 fi for i in {1..254}; do if grep -q "AllowedIPs = 10.13.13.$(( $i + 1 ))/32" /config/wg0.conf; then echo "Peer $i exists" else echo "Adding new Peer $i" mkdir -p /config/peer${i} if [ ! -f /config/peer${i}/privatekey-peer${i} ]; then umask 077 wg genkey | tee /config/peer${i}/privatekey-peer${i} | wg pubkey > /config/peer${i}/publickey-peer${i} fi SERVERPORT=${SERVERPORT:-51820} PEERDNS=${PEERDNS:-8.8.8.8} cat < /config/peer${i}/peer${i}.conf [Interface] Address = 10.13.13.$(( $i + 1 )) PrivateKey = $(cat /config/peer${i}/privatekey-peer${i}) ListenPort = 51820 DNS = ${PEERDNS} [Peer] PublicKey = $(cat /config/server/publickey-server) Endpoint = ${SERVERURL}:${SERVERPORT} AllowedIPs = 0.0.0.0/0, ::/0 DUDE cat <> /config/wg0.conf [Peer] PublicKey = $(cat /config/peer${i}/publickey-peer${i}) AllowedIPs = 10.13.13.$(( $i + 1 ))/32 DUDE echo "PEER ${i} QR code:" qrencode -t ansiutf8 < /config/peer${i}/peer${i}.conf qrencode -o /config/peer${i}/peer${i}.png < /config/peer${i}/peer${i}.conf chown -R abc:abc /config/peer${i} s6-svc -t /var/run/s6/services/wireguard break fi done