|
|
@@ -0,0 +1,55 @@
|
|
|
+#!/usr/bin/env python
|
|
|
+
|
|
|
+import os
|
|
|
+
|
|
|
+# TODO: récupérer email et id depuis STDIN.
|
|
|
+keyDir = "/etc/wireguard/keys"
|
|
|
+configDir = "/etc/wireguard"
|
|
|
+
|
|
|
+# IO:
|
|
|
+# (mail)
|
|
|
+# (dossier clés)
|
|
|
+# (dossier config)
|
|
|
+# 1- Créer clé pv pb
|
|
|
+pvKeyDest = "/etc/wireguard/keys/ohian.key"
|
|
|
+pubKeyDest = "/etc/wireguard/keys/ohian.public"
|
|
|
+
|
|
|
+
|
|
|
+genKeyCommand = "wg genkey | tee {0} | wg pubkey > {1}".format(pvKeyDest, pubKeyDest)
|
|
|
+genKeyCommand = "wg genkey | tee /etc/wireguard/keys/ohian.key | wg pubkey > /etc/wireguard/keys/ohian.public"
|
|
|
+os.system(genKeyCommand)
|
|
|
+
|
|
|
+# 2- Créer fichier interface
|
|
|
+ifaceName = "wg10"
|
|
|
+ifaceAddrv4 = "10.0.0.10"
|
|
|
+ifaceFileName = configDir + "/" + ifaceName + ".conf"
|
|
|
+ifaceConfig = '''
|
|
|
+auto {0}
|
|
|
+iface {1} inet static
|
|
|
+ address {2}
|
|
|
+ netmask 255.255.255.0
|
|
|
+ pre-up ip link add $IFACE type wireguard
|
|
|
+ pre-up wg setconf $IFACE /etc/wireguard/$IFACE.conf
|
|
|
+ post-down ip link del $IFACE
|
|
|
+'''.format(ifaceName, ifaceName, ifaceAddrv4)
|
|
|
+ifaceFile = os.open(ifaceFileName, "w")
|
|
|
+ifaceFile.write(ifaceStr)
|
|
|
+ifaceFile.close()
|
|
|
+# 3- Créer config wg
|
|
|
+#
|
|
|
+wgFileName = ""
|
|
|
+wgPeerPubKey = ""
|
|
|
+wgPrivKey = ""
|
|
|
+wgConfig = '''
|
|
|
+[Interface]
|
|
|
+PrivateKey = {0}
|
|
|
+ListenPort = 51820
|
|
|
+
|
|
|
+[Peer]
|
|
|
+PublicKey = {1}
|
|
|
+AllowedIPs = 0.0.0.0/24
|
|
|
+'''.format(wgPrivPubKey, wgPeerPubKey)
|
|
|
+wgFile = os.open(wgFileName, "w")
|
|
|
+wgFile.write(wgConfig)
|
|
|
+wgFile.close()
|
|
|
+# 4- Envoyer mail/afficher instructions
|
