basics

2019-01-04 13:51:01 +01:00
commit cb27e100ff
4 changed files with 57 additions and 0 deletions
--- a/init.sh
+++ b/init.sh
@@ -0,0 +1,25 @@
+#!/bin/sh
+
+umask 077
+set -e
+
+WG_IF=${WG_INTERFACE:-wg0}
+PHY_IF=${WG_HOST_INTERFACE:-eth0}
+ADDRESS=${WG_ADDRESS:-192.168.2.1/24}
+
+if [ ! -f "/etc/wireguard/$WG_IF.conf" ]; then
+ mkdir -p /etc/wireguard/keys
+ wg genkey | tee /etc/wireguard/keys/$WG_IF | wg pubkey > /etc/wireguard/keys/$WG_IF.pub
+ 
+ echo "[Interface]" > /etc/wireguard/$WG_IF.conf
+ echo "PrivateKey = $(cat /etc/wireguard/keys/$WG_IF)" >> /etc/wireguard/$WG_IF.conf
+ echo "Address = $ADDRESS" >> /etc/wireguard/$WG_IF.conf
+ echo "ListenPort = 51820" >> /etc/wireguard/$WG_IF.conf
+ echo "PostUp = iptables -A FORWARD -i $WG_IF -j ACCEPT; iptables -t nat -A POSTROUTING -o $PHY_IF -j MASQUERADE" >> /etc/wireguard/$WG_IF.conf
+ echo "PostDown = iptables -D FORWARD -i $WG_IF -j ACCEPT; iptables -t nat -D POSTROUTING -o $PHY_IF -j MASQUERADE" >> /etc/wireguard/$WG_IF.conf
+ echo "SaveConfig = true" >> /etc/wireguard/$WG_IF.conf
+ 
+ echo "Generated Config for $WG_IF, Publickey: $(cat /etc/wireguard/keys/$WG_IF.pub)"
+fi
+
+/usr/bin/wireguard-go -f $WG_IF