From fc2560103fa32a6aa8e0b36af6062e169833db4b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jakobus=20Sch=C3=BCrz?= Date: Fri, 8 Nov 2024 09:40:12 +0100 Subject: [PATCH] create wg interface script --- functions.sh | 276 ++++++++++++++++++++++++++++++++++++++++++++++++++- 1 file changed, 273 insertions(+), 3 deletions(-) diff --git a/functions.sh b/functions.sh index e2019f6..295f6d6 100755 --- a/functions.sh +++ b/functions.sh @@ -1469,6 +1469,99 @@ EOF eval $SHOPTEXTGLOB } +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ # +# EXESUDO +# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ # +# +# Purpose: +# -------------------------------------------------------------------- # +# Execute a function with sudo +# +# Params: +# -------------------------------------------------------------------- # +# $1: string: name of the function to be executed with sudo +# +# Usage: +# -------------------------------------------------------------------- # +# exesudo "funcname" followed by any param +# +# -------------------------------------------------------------------- # +# Created 01 September 2012 Last Modified 02 September 2012 + +function exesudo () +{ + ### ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ## + # + # LOCAL VARIABLES: + # + ### ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ## + + # + # I use underscores to remember it's been passed + local _funcname_="$1" + + local params=( "$@" ) ## array containing all params passed here + local tmpfile="/dev/shm/$RANDOM" ## temporary file + local content ## content of the temporary file + local regex ## regular expression + + + ### ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ## + # + # MAIN CODE: + # + ### ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ## + + # + # WORKING ON PARAMS: + # ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + + # + # Shift the first param (which is the name of the function) + unset params[0] ## remove first element + # params=( "${params[@]}" ) ## repack array + + + # + # WORKING ON THE TEMPORARY FILE: + # ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + + content="#!/bin/bash\n\n" + + # + # Write the params array + content="${content}params=(\n" + + regex="\s+" + for param in "${params[@]}" + do + if [[ "$param" =~ $regex ]] + then + content="${content}\t\"${param}\"\n" + else + content="${content}\t${param}\n" + fi + done + + content="$content)\n" + echo -e "$content" > "$tmpfile" + + # + # Append the function source + echo "#$( type "$_funcname_" )" >> "$tmpfile" + + # + # Append the call to the function + echo -e "\n$_funcname_ \"\${params[@]}\"\n" >> "$tmpfile" + + + # + # DONE: EXECUTE THE TEMPORARY FILE WITH SUDO + # ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + sudo bash "$tmpfile" + rm "$tmpfile" +} + if ${SSHS-false} then echo declare tsudo @@ -1491,7 +1584,184 @@ tsudo () { sudo -u ${1} /bin/bash --rcfile ${bashrctmp} } fi + +function wg-genkeypair () { + local IFDEFAULT=wg1 + local IF="${1:-${IFDEFAULT}}" + shift + case $1 in + -h|--help) + cat << EOF + usage: wg-genkeypair [name] + + if name is given, a keypair is generated with names + "name_key" and "name_pub". + If name is not given, the keypair is "${IFDEFAULT}_key" and "${IFDEFAULT}_pub" + +EOF + return + ;; + esac + + PRAEFIX="${IF}_" + + umask 077 + wg genkey | tee ${PRAEFIX}key | wg pubkey > ${PRAEFIX}pub + + cat <<- EOF >&2 + Generated keypair: + Private (${PRAEFIX}key): $(cat ${PRAEFIX}key) + Public (${PRAEFIX}pub): $(cat ${PRAEFIX}pub) +EOF + cat <<- EOF +${IF} ${PRAEFIX}pub $(cat ${PRAEFIX}pub) +EOF +} + +function wg-create-interface () { + + local IF="wg1" + local NET + local NETMASK + local LISTENPORT + local INTERFACEADDR + local DNS + local POSTUP + local PREDOWN + local POSTDOWN + local PSK + local TABLE + local GENERATE=false + local MTU + local PRAEFIX + + set -- $(getopt -u -o ha:d:gp:i:n:m:a: --long help,if-address:,listenport:,dns:,mtu:,table:,postup:,predown:,postdown:,generate-key,preshared-key: -- "$@" ) + + echo "@: $@" + while [ $# -gt 0 ] + do + case $1 in + -h|--help) + shift + cat <<- endofhelp + + usage: wg-create-interface [OPTIONS] + + OPTIONS: + -h|--help + -a|--if-address + -p|--listenport + -d|--dns (multiple times) + -n|--network + -m|--netmask /24, /32... + --mtu default: 1500 + -t|--table default: auto + --generate-key if set, generate key new. overwrite existing. default: false + --postup + --predown + --postdown + --preshared-key + + +endofhelp + return + ;; + -d|--dns) + shift + DNS=$1 + shift + ;; + -p|--listenport) + shift + LISTENPORT=$1 + shift + ;; + -a|if-address) + shift + INTERFACEADDR=$1 + shift + ;; + -n|network) + shift + NET=$1 + shift + ;; + -m|--netmask) + shift + NETMASK=$1 + shift + ;; + --mtu) + shift + MTU=$1 + shift + ;; + -t|--table) + shift + TABLE=$1 + shift + ;; + --postup) + shift + POSTUP="${1}" + shift + ;; + --predown) + shift + PREDOWN="${1}" + shift + ;; + --postdown) + shift + POSTDOWN="${1}" + shift + ;; + --generate-key) + shift + GENERATE=true + ;; + --preshared-key) + shift + PSK="${1}" + ;; + --) + shift + break + ;; + *) + ;; + esac + done + + [ $# -eq 0 ] && { echo "Too few arguments. Use »-h« or »--help« for instructions"; return; } + + # Set interface name to default if not given on commandline + local IF="${1:-${IF}}" + shift + # create file-prefix for key and pubkey from interface-name + PRAEFIX="${IF}_" + echo PRAEFIX: ${PRAEFIX} + + # Generate keypair when files do not exist or when they exist and generating is forced (--generate-key) + if [ -e "${PRAEFIX}key" ] + then + ${GENERATE:-false} && wg-genkeypair ${IF} + else + wg-genkeypair ${IF} + fi + + umask 077 + cat <<- EOF >> ${IF}.conf + [Interface] + Address = ${INTERFACEADDR} + ListenPort = ${LISTENPORT:-51280} + PrivateKey = $(cat ${PRAEFIX}key) + ${MTU:+MTU = ${MTU}} + ${TABLE:+Table = ${TABLE}} + ${POSTUP:+PostUp = ${POSTUP}} + ${PREDOWN:+PostUp = ${PREDOWN}} + ${POSTDOWN:+PostUp = ${POSTDOWN}} +EOF +} + #EOF - - -