pcvolkmer/docker-wireguard-boringtun
1
0
Fork 0
mirror of https://github.com/pcvolkmer/docker-wireguard-boringtun.git synced 2025-07-01 15:22:55 +00:00
Code Issues Packages Releases Activity

Add ipv6 unique local addresses

Browse Source
This commit is contained in:
Paul-Christian Volkmer
2023-01-20 21:47:20 +01:00
parent 1e5d1088c3
commit 9bacc0cc4c
4 changed files with 23 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
scripts/add-client.sh
View File

@ -1,7 +1,8 @@
#!/bin/bash
SERVER_PUB_KEY=$(cat $DEVICE.conf | grep PrivateKey | sed 's/PrivateKey = //g' | wg pubkey)
NETWORK=$(cat $DEVICE.conf | grep Address | sed 's/Address = //g; s/\.[0-9\/]*$//g')
NETWORK=$(cat $DEVICE.conf | grep Address | sed 's/Address = //g; s/\.[0-9\/]*,.*$//g')
NETWORK6=$(cat $DEVICE.conf | grep Address | sed 's/Address = //g; s/^.*, //g; s/\:[0-9a-f\/]*$//g')
for i in {1..240}; do
if [ ! -f "$DEVICE-client_$i.conf" ]; then
@ -37,7 +38,7 @@ cat << EOF >> $DEVICE.conf
# Client $CLIENT_ID
[Peer]
PublicKey = ${CLIENT_PUB_KEY}
AllowedIPs = $NETWORK.$(($CLIENT_ID+10))/32
AllowedIPs = $NETWORK.$(($CLIENT_ID+10))/32, $NETWORK6:$(printf "%x" $(($CLIENT_ID+10)))/128
# <- $(date)
EOF
@ -50,7 +51,7 @@ cat <<EOF > $DEVICE-client_$CLIENT_ID.conf
##############
[Interface]
Address = $NETWORK.$(($CLIENT_ID+10))/24
Address = $NETWORK.$(($CLIENT_ID+10))/24, $NETWORK6:$(printf "%x" $(($CLIENT_ID+10)))/64
ListenPort = $SERVER_PORT
PrivateKey = ${CLIENT_SEC_KEY}
EOF

19
scripts/create-config.sh
View File

@ -28,7 +28,18 @@ if [[ -z $NETWORK ]]; then
else
NETWORK=$(echo -n $NETWORK | sed -r "s/\.[0-9]+$//")
fi
echo " - Using network $NETWORK.0/24"
echo " - Using v4 network $NETWORK.0/24"
if [[ -z $NETWORK6 ]]; then
NETWORK6="fd42:$(hexdump -n 6 -e '2/1 "%02x" 1 ":"' /dev/random)"
else
NETWORK6=$(echo -n $NETWORK6 | sed -r "s/\:[0-9a-f]*$//")
if [[ "$(echo $NETWORK6 | sed -e 's/.*\(\:\:\).*/\1/')" == "::" ]]; then
echo " ERROR: invalid v6 network $NETWORK6. Network must not contain '::'."
exit 1
fi
fi
echo " - Using v6 network $NETWORK6:/64"
if [[ -z $MTU ]]; then
echo " - Using default MTU"
@ -67,7 +78,7 @@ cat <<EOF >> $DEVICE.conf
# SERVER
##############
[Interface]
Address = $NETWORK.1/24
Address = $NETWORK.1/24, $NETWORK6:1/64
ListenPort = $SERVER_PORT
PrivateKey = $SERVER_SEC_KEY
EOF
@ -94,7 +105,7 @@ cat << EOF >> $DEVICE.conf
# Client $i
[Peer]
PublicKey = ${CLIENT_PUB_KEYS[$i]}
AllowedIPs = $NETWORK.$(($i+10))/32
AllowedIPs = $NETWORK.$(($i+10))/32, $NETWORK6:$(printf "%x" $(($i+10)))/128
# <- $(date)
EOF
done
@ -109,7 +120,7 @@ cat <<EOF >> $DEVICE-client_$i.conf
# <- $(date)
##############
[Interface]
Address = $NETWORK.$(($i+10))/24
Address = $NETWORK.$(($i+10))/24, $NETWORK6:$(printf "%x" $(($i+10)))/64
ListenPort = $SERVER_PORT
PrivateKey = ${CLIENT_SEC_KEYS[$i]}
EOF