und3fined · July 20, 2020 06:11
diff --git a/wg-manager.sh b/wg-manager.sh
 #!/bin/bash
 # wireguard user manager

 WG_CONFIG="/etc/wireguard/wg0.conf"
 WG_CONFIG_USER="/etc/wireguard/user.d"

 function get_free_ip {
    local ip=$(shuf -i 2-254 -n 1)
    wg show | grep "10.0.0.$ip" > /dev/null
    if [[ $? == 1 ]] ; then
        echo "$ip"
    else
        get_free_ip
    fi
 }

 function newClient {
    mkdir -p $WG_CONFIG_USER

    echo "Tell me a name for the client."
    echo "Use one word only, no special characters."
    until [[ $CLIENT_NAME =~ ^[a-zA-Z0-9_\.]+$ ]]; do
        read -rp "Client name: " -e CLIENT_NAME
    done

    # server address
    SERVER_PUBLIC_IP=$(ip addr | grep 'inet' | grep -v inet6 | grep -vE '127\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}' | grep -oE '[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}' | head -1)
    SERVER_PORT=$( grep "ListenPort" /etc/wireguard/wg0.conf | tail -n1 | awk '{print $3}' )
    ENDPOINT="$SERVER_PUBLIC_IP:$SERVER_PORT"
    # end region

    # free client
    FREE_IP=$( get_free_ip )
    PRIVATE_SUBNET=$( ifconfig wg0 | grep inet | tail -n1 | awk '{print $2}' )
    FREE_IP="${PRIVATE_SUBNET::-1}$FREE_IP"

    CLIENT_PRIVKEY=$( wg genkey )
    CLIENT_PUBKEY=$( echo $CLIENT_PRIVKEY | wg pubkey )
    CLIENT_ADDRESS="$FREE_IP/24"

    echo "Server Addr: $ENDPOINT"
    echo "Client IP: $CLIENT_ADDRESS"
    echo "Client Priv: $CLIENT_PRIVKEY"
    echo "Client Pub: $CLIENT_PUBKEY"

    echo "[Interface]
 PrivateKey = $CLIENT_PRIVKEY
 Address = $CLIENT_ADDRESS
 DNS = $PRIVATE_SUBNET

 [Peer]
 PublicKey = $( head -n1 /etc/wireguard/publickey )
 AllowedIPs = 0.0.0.0/0, ::/0
 Endpoint = $ENDPOINT"> $WG_CONFIG_USER/$CLIENT_NAME-wg0.conf

    qrencode -t ansiutf8 -l L < $WG_CONFIG_USER/$CLIENT_NAME-wg0.conf
    ip address | grep -q wg0 && wg set wg0 peer "$CLIENT_PUBKEY" allowed-ips "$FREE_IP"
    echo "Client added, new configuration file --> $WG_CONFIG_USER/$CLIENT_NAME-wg0.conf"
 }

 function revokeClient {
    CLIENT_COUNT=$( wg showconf wg0 | grep -c "Peer" )
    if [[ $CLIENT_COUNT == '' ]]; then
        echo ""
        echo "You have no existing clients!"
        exit 1
    fi

    echo "Enter \`Client name\` you want to revoke."

    until [[ $CLIENT_NAME =~ ^[a-zA-Z0-9_\.]+$ ]]; do
        read -rp "Client name: " -e CLIENT_NAME
    done

    CLIENT_EXIST=$( ls -lah /etc/wireguard/user.d | tail -n1 | awk '{print $9}' | cut -d "-" -f 1 | grep -c "$CLIENT_NAME" )
    if [[ $CLIENT_EXIST == '0' ]]; then
        echo "Client not found!"
        exit 1
    fi

    CLIENT_FILE="$WG_CONFIG_USER/$CLIENT_NAME-wg0.conf"
    if [ -f "$CLIENT_FILE" ]; then
        echo "Client file: $CLIENT_FILE"
    else
        echo "-----------"
        echo "No client \`$CLIENT_NAME\` added in server."
        echo ""
        exit
    fi

    CLIENT_IP=$( grep "Address" $CLIENT_FILE | tail -n1 | awk '{print $3}' | cut -d "/" -f 1 )
    echo "Client IP: $CLIENT_IP"

    # make temp config
    SERVER_TEMP_NAME=$(
        head /dev/urandom | tr -dc A-Za-z0-9 | head -c 10
        echo ''
    )
    SERVER_TEMP_FILE="$WG_CONFIG_USER/$SERVER_TEMP_NAME.tmp"
    wg showconf wg0 > $SERVER_TEMP_FILE

    CLIENT_IP_LINE=$( grep -nr $CLIENT_IP $SERVER_TEMP_FILE | cut -d : -f 1 )
    if [ "$CLIENT_IP_LINE" == "" ]; then
        rm -rf $SERVER_TEMP_FILE # remove server tmp file
        rm -rf $CLIENT_FILE # remove client file
        echo "================"
        echo "\`$CLIENT_NAME\` is removed"
        echo "================"
        exit
    fi

    CLIENT_PUBKEY_LINE=$((CLIENT_IP_LINE - 1))
    CLIENT_PUBKEY=$( sed "${CLIENT_PUBKEY_LINE}q;d" $SERVER_TEMP_FILE | cut -d " " -f 3 )
    echo "Client public key: $CLIENT_PUBKEY"

    wg set wg0 peer $CLIENT_PUBKEY remove

    rm -rf $SERVER_TEMP_FILE # remove server tmp file
    rm -rf $CLIENT_FILE # remove client file

    echo "================"
    echo "\`$CLIENT_NAME\` is removed"
    echo "================"
 }

 echo "Welcome to WG Manager"
 echo "The git repository is available at: https://github.com/und3fined/wg-manager"
 echo ""
 echo "It looks like Wireguard is already installed."
 echo "Make sure Wireguard config store in: $WG_CONFIG"
 echo ""
 echo "What do you want to do?"
 echo "   1) Add a new client"
 echo "   2) Revoke existing client"
 echo "   3) Exit"
 until [[ $MENU_OPTION =~ ^[1-4]$ ]]; do
    read -rp "Select an option [1-4]: " MENU_OPTION
 done
 case $MENU_OPTION in
 1)
    newClient
    ;;
 2)
    revokeClient
    ;;
 3)
    exit 0
    ;;
 esac
	#!/bin/bash
	# wireguard user manager

	WG_CONFIG="/etc/wireguard/wg0.conf"
	WG_CONFIG_USER="/etc/wireguard/user.d"

	function get_free_ip {
	local ip=$(shuf -i 2-254 -n 1)
	wg show \| grep "10.0.0.$ip" > /dev/null
	if [[ $? == 1 ]] ; then
	echo "$ip"
	else
	get_free_ip
	fi
	}

	function newClient {
	mkdir -p $WG_CONFIG_USER

	echo "Tell me a name for the client."
	echo "Use one word only, no special characters."
	until [[ $CLIENT_NAME =~ ^[a-zA-Z0-9_\.]+$ ]]; do
	read -rp "Client name: " -e CLIENT_NAME
	done

	# server address
	SERVER_PUBLIC_IP=$(ip addr \| grep 'inet' \| grep -v inet6 \| grep -vE '127\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}' \| grep -oE '[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}' \| head -1)
	SERVER_PORT=$( grep "ListenPort" /etc/wireguard/wg0.conf \| tail -n1 \| awk '{print $3}' )
	ENDPOINT="$SERVER_PUBLIC_IP:$SERVER_PORT"
	# end region

	# free client
	FREE_IP=$( get_free_ip )
	PRIVATE_SUBNET=$( ifconfig wg0 \| grep inet \| tail -n1 \| awk '{print $2}' )
	FREE_IP="${PRIVATE_SUBNET::-1}$FREE_IP"

	CLIENT_PRIVKEY=$( wg genkey )
	CLIENT_PUBKEY=$( echo $CLIENT_PRIVKEY \| wg pubkey )
	CLIENT_ADDRESS="$FREE_IP/24"

	echo "Server Addr: $ENDPOINT"
	echo "Client IP: $CLIENT_ADDRESS"
	echo "Client Priv: $CLIENT_PRIVKEY"
	echo "Client Pub: $CLIENT_PUBKEY"

	echo "[Interface]
	PrivateKey = $CLIENT_PRIVKEY
	Address = $CLIENT_ADDRESS
	DNS = $PRIVATE_SUBNET

	[Peer]
	PublicKey = $( head -n1 /etc/wireguard/publickey )
	AllowedIPs = 0.0.0.0/0, ::/0
	Endpoint = $ENDPOINT"> $WG_CONFIG_USER/$CLIENT_NAME-wg0.conf

	qrencode -t ansiutf8 -l L < $WG_CONFIG_USER/$CLIENT_NAME-wg0.conf
	ip address \| grep -q wg0 && wg set wg0 peer "$CLIENT_PUBKEY" allowed-ips "$FREE_IP"
	echo "Client added, new configuration file --> $WG_CONFIG_USER/$CLIENT_NAME-wg0.conf"
	}

	function revokeClient {
	CLIENT_COUNT=$( wg showconf wg0 \| grep -c "Peer" )
	if [[ $CLIENT_COUNT == '' ]]; then
	echo ""
	echo "You have no existing clients!"
	exit 1
	fi

	echo "Enter \`Client name\` you want to revoke."

	until [[ $CLIENT_NAME =~ ^[a-zA-Z0-9_\.]+$ ]]; do
	read -rp "Client name: " -e CLIENT_NAME
	done

	CLIENT_EXIST=$( ls -lah /etc/wireguard/user.d \| tail -n1 \| awk '{print $9}' \| cut -d "-" -f 1 \| grep -c "$CLIENT_NAME" )
	if [[ $CLIENT_EXIST == '0' ]]; then
	echo "Client not found!"
	exit 1
	fi

	CLIENT_FILE="$WG_CONFIG_USER/$CLIENT_NAME-wg0.conf"
	if [ -f "$CLIENT_FILE" ]; then
	echo "Client file: $CLIENT_FILE"
	else
	echo "-----------"
	echo "No client \`$CLIENT_NAME\` added in server."
	echo ""
	exit
	fi

	CLIENT_IP=$( grep "Address" $CLIENT_FILE \| tail -n1 \| awk '{print $3}' \| cut -d "/" -f 1 )
	echo "Client IP: $CLIENT_IP"

	# make temp config
	SERVER_TEMP_NAME=$(
	head /dev/urandom \| tr -dc A-Za-z0-9 \| head -c 10
	echo ''
	)
	SERVER_TEMP_FILE="$WG_CONFIG_USER/$SERVER_TEMP_NAME.tmp"
	wg showconf wg0 > $SERVER_TEMP_FILE

	CLIENT_IP_LINE=$( grep -nr $CLIENT_IP $SERVER_TEMP_FILE \| cut -d : -f 1 )
	if [ "$CLIENT_IP_LINE" == "" ]; then
	rm -rf $SERVER_TEMP_FILE # remove server tmp file
	rm -rf $CLIENT_FILE # remove client file
	echo "================"
	echo "\`$CLIENT_NAME\` is removed"
	echo "================"
	exit
	fi

	CLIENT_PUBKEY_LINE=$((CLIENT_IP_LINE - 1))
	CLIENT_PUBKEY=$( sed "${CLIENT_PUBKEY_LINE}q;d" $SERVER_TEMP_FILE \| cut -d " " -f 3 )
	echo "Client public key: $CLIENT_PUBKEY"

	wg set wg0 peer $CLIENT_PUBKEY remove

	rm -rf $SERVER_TEMP_FILE # remove server tmp file
	rm -rf $CLIENT_FILE # remove client file

	echo "================"
	echo "\`$CLIENT_NAME\` is removed"
	echo "================"
	}

	echo "Welcome to WG Manager"
	echo "The git repository is available at: https://github.com/und3fined/wg-manager"
	echo ""
	echo "It looks like Wireguard is already installed."
	echo "Make sure Wireguard config store in: $WG_CONFIG"
	echo ""
	echo "What do you want to do?"
	echo " 1) Add a new client"
	echo " 2) Revoke existing client"
	echo " 3) Exit"
	until [[ $MENU_OPTION =~ ^[1-4]$ ]]; do
	read -rp "Select an option [1-4]: " MENU_OPTION
	done
	case $MENU_OPTION in
	1)
	newClient
	;;
	2)
	revokeClient
	;;
	3)
	exit 0
	;;
	esac