pcvolkmer/docker-wireguard-boringtun
1
0
Fork 0
mirror of https://github.com/pcvolkmer/docker-wireguard-boringtun.git synced 2025-04-19 21:36:49 +00:00
Code Issues Packages Releases Activity

Added script to add new clients

Browse Source
This commit is contained in:
Paul-Christian Volkmer 2022-11-27 18:00:49 +01:00
parent bc567c478a
commit 4cda7ee593
4 changed files with 63 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
Dockerfile
View File

@ -16,5 +16,6 @@ ENV WG_SUDO 1
RUN apk --update add iproute2 wireguard-tools-wg-quick libqrencode RUN apk --update add iproute2 wireguard-tools-wg-quick libqrencode
COPY --from=build /usr/local/cargo/bin/boringtun-cli /usr/local/bin/boringtun COPY --from=build /usr/local/cargo/bin/boringtun-cli /usr/local/bin/boringtun
COPY create-config.sh entrypoint.sh ./ COPY create-config.sh entrypoint.sh ./
COPY add-client.sh entrypoint.sh ./
ENTRYPOINT ["./entrypoint.sh"] ENTRYPOINT ["./entrypoint.sh"]

18
README.md
View File

@ -48,10 +48,6 @@ wg_1 | - Generating 5 client configs and client QR codes
wireguard_wg_1 exited with code 0 wireguard_wg_1 exited with code 0
``` ```
### Remove old and create new config files
Remove existing config files or rename device in `docker-compose.yml`. Run command `docker-compose up` again.
### Run the service ### Run the service
Start the service in detached mode. Start the service in detached mode.
@ -60,6 +56,20 @@ Start the service in detached mode.
$ docker-compose up -d $ docker-compose up -d
``` ```
### Add new client
Stop the service and run
```
$ docker-compose run wg add-client
```
This will create new client configuration and adds peer configuration to server config file.
### Remove configuration and create new one from scratch
Remove existing config files or rename device in `docker-compose.yml`. Run command `docker-compose up` again.
## Client configurations ## Client configurations
You will find client configuration files for each client as config file and PNG file containing a QR code with You will find client configuration files for each client as config file and PNG file containing a QR code with

42
add-client.sh Executable file
View File

@ -0,0 +1,42 @@
#!/bin/bash
SERVER_PUB_KEY=$(cat $DEVICE.conf | grep PrivateKey | sed 's/PrivateKey = //g' | wg pubkey)
NETWORK=$(cat $DEVICE.conf | grep Address | sed 's/Address = //g; s/\.[0-9\/]*$//g')
CLIENT_ID=$(($(ls $DEVICE-client_*.conf | grep ".conf" | tail -1 | sed "s/$DEVICE-client_//g; s/\.conf$//g")+1))
CLIENT_SEC_KEY=$(wg genkey)
CLIENT_PUB_KEY=$(echo $CLIENT_SEC_KEY | wg pubkey)
# Add peer config
cat << EOF >> $DEVICE.conf
# Client $CLIENT_ID
[Peer]
PublicKey = ${CLIENT_PUB_KEY}
AllowedIPs = $NETWORK.$(($CLIENT_ID+10))/32
EOF
# Print out client configs
cat <<EOF > $DEVICE-client_$CLIENT_ID.conf
##############
# CLIENT $CLIENT_ID
##############
[Interface]
Address = $NETWORK.$(($CLIENT_ID+10))/24
ListenPort = $SERVER_PORT
PrivateKey = ${CLIENT_SEC_KEY}
[Peer]
PublicKey = $SERVER_PUB_KEY
AllowedIPs = 0.0.0.0/0, ::/0
Endpoint = $SERVER_HOST:$SERVER_PORT
EOF
# Create QR-codes for clients
if [ ! -z "$(which qrencode 2>/dev/null)" ]; then
qrencode -t png -o "$DEVICE-client_$CLIENT_ID.png" < $DEVICE-client_$CLIENT_ID.conf
fi
echo "Added Client # $CLIENT_ID"

6
entrypoint.sh
View File

@ -12,6 +12,12 @@ if [ ! -f "/etc/wireguard/$DEVICE.conf" ]; then
exit 0 exit 0
fi fi
if [ "add-client" == "$1" ]; then
cd /etc/wireguard
/add-client.sh
exit 0
fi
echo "Starting wg-quick on $DEVICE" echo "Starting wg-quick on $DEVICE"
touch "${WG_LOG_FILE}" touch "${WG_LOG_FILE}"
wg-quick up $DEVICE wg-quick up $DEVICE