base

wg-gen

@@ -0,0 +1,132 @@
+#!/usr/bin/env python3
+
+import subprocess
+import argparse
+
+## a simple utility to generate a pair of mirrored config files
+
+# peers
+class Peer:
+    def __init__(self):
+        self.pubkey = -1
+        self.psk = -1
+        self.ip = -1
+        self.name = ""
+
+    def __repr__(self):
+        name = self.name if self.name != "" else "peer"
+        haspsk = True if (self.psk != -1) else False
+        return f"<Peer ip:{self.ip} pubkey:{self.pubkey} psk: {haspsk}>"
+
+    def __str__(self):
+        name = self.name if self.name != "" else "peer"
+        haspsk = True if (self.psk != -1) else False
+        return f"{name} ({self.ip}): {self.pubkey} psk: {haspsk}"
+
+    def update_ip(self, ip):
+        self.ip = ip
+
+    def update_pubkey(self, pubkey):
+        self.pubkey = pubkey
+
+    def update_psk(self, psk):
+        self.psk = psk
+
+    def update_name(self, name):
+        self.name = name
+
+# parser
+## Returns 
+def read_config(configfile):
+   
+    config = open(configfile, "r")
+
+    peers = []
+    currentPeer = -1
+    lastIP = -1
+    # skip the interface section
+    # TODO modify to parse config for base IP/allowed
+    config = config.readlines()[4:]
+
+    for line in config:
+        # skip linebreaks and comments
+        if line == "\n":
+            continue
+
+        line = line.strip()
+
+
+        if line == "[Peer]":
+            peers.append(Peer())
+            currentPeer += 1
+
+        if line[0] == "#":
+            name = line[1:]
+            peers[currentPeer].update_name(name.strip())
+        
+        if "PublicKey" in line:
+            pubkey = line.split("=", 1)
+            peers[currentPeer].update_pubkey(pubkey[1].strip())
+
+        if "PresharedKey" in line:
+            psk = line.split("=", 1)
+            peers[currentPeer].update_psk(psk[1].strip())
+
+        if "AllowedIPs" in line:
+            ip = line.split("=", 1)
+            peers[currentPeer].update_ip(ip[1].strip())
+            peerip = ip[1].split(".")
+            peerip = int(peerip[3][0])
+            lastIP = peerip if peerip > lastIP else lastIP
+
+    for peer in peers:
+       print(peer)
+
+    return lastIP
+
+parser = argparse.ArgumentParser()
+
+parser.add_argument("-i", type=int, help="digit to use for peer ip")
+parser.add_argument("-n", required=True, help="name of device")
+
+args = parser.parse_args()
+
+# globals set from args
+
+serverfile = open("backup.conf", "a")
+lastIP = read_config("backup.conf") + 1
+# exit()
+
+ALLOWED_IP = "192.168.2.1/32"
+DOMAIN = "lindoship.com:51820"
+PORT = 51280
+SERVER_KEY = "X3tEqq9iC6ZD3r4COyTLXWoHw4f8HwlR+WtSH4z4AW4="
+
+preKey = subprocess.run(["wg", "genpsk"], capture_output=True, universal_newlines=True)
+
+privKeyA = subprocess.run(["wg", "genkey"], capture_output=True, universal_newlines=True)
+pubKeyA = subprocess.run(["wg", "pubkey"], input=privKeyA.stdout, text=True,  capture_output=True)
+
+
+peerfile = open("%s.conf" % args.n, "w")
+
+peerfile.write("[Interface]\n")
+peerfile.write("ListenPort = %d\n" % PORT)
+peerfile.write("Address = 192.168.2.%d/32\n" % lastIP)
+peerfile.write("PrivateKey = %s\n\n" % privKeyA.stdout.strip())
+peerfile.write("[Peer]\n")
+peerfile.write("PublicKey = %s\n" % SERVER_KEY)
+peerfile.write("PresharedKey = %s\n" % preKey.stdout.strip())
+peerfile.write("AllowedIPs = %s\n" % ALLOWED_IP)
+peerfile.write("Endpoint = %s\n" % DOMAIN)
+
+
+# SERVER
+serverfile.write("\n[Peer]\n")
+serverfile.write("# %s\n" % args.n)
+serverfile.write("PublicKey = %s\n" % pubKeyA.stdout.strip())
+serverfile.write("PresharedKey = %s\n" % preKey.stdout.strip())
+serverfile.write("AllowedIPs = 192.168.2.%d/32\n" % lastIP)
+
+
+