Hi guys, here script I wrote to read a wireguard configuration file (created using wireguard ui) and create wireguard client on Teltonika:
#!/bin/ash
# this script will setup wireguard client from wireguard configuration file (created from wireguard-ui)
# successfully testet on RUT955 fw ver. RUT9_R_00.07.02.7
# Wireguard parameters are read from wireguard configuration files, then similar parameters are added to /etc/config/netowrk
#config interface 'wg0'
# option proto 'wireguard'
# option listen_port '51820'
# option private_key 'gMMzSc5555YIAbaWv/hyHRGB96C1kCVOjqRmm6xAi3Y='
# list addresses '192.168.1.2/32'
# option disabled '0'
#
#config wireguard_wg0 'wg'
# option public_key '3zb4f5k9IH/GgISE2X5MbetUxnHd5OUFi7tdq2hO5G8='
# option preshared_key 'w5V7hZKKsC9C/bB+ktvjF9Qfkm5rWUtA6lDQJCHGCWw='
# list allowed_ips '192.168.1.0/24'
# option persistent_keepalive '15'
# option endpoint_host '2.7.14.9'
# option route_allowed_ips '1'
# first of all, let's check to supply configuration file
if [ "$#" -ne 1 ]; then
echo "Usage: wireguard_conf.sh wireguard_configuration_file.conf"
exit 0
fi
# supplied configuration file will be something similar "client1.conf" or "client1", so we'll create new wireguard interface named "client1"
ConfigFile="$1"
Interface=${ConfigFile%.*}
#echo "interfaccia: $Interface"
# let's check for interface name length: interface name must be up to 8 chars
if [ ${#Interface} -gt 8 ]
then
echo "error, interface name '$Interface' too long, exiting"
exit 0
fi
# now let's check if such interface already exists
# force interface name to "wg0"
#Interface=wg0
res=$(cat /etc/config/network | grep "config interface" | grep "$Interface")
#echo "res = <$res>"
if [ -z "$res" ]
then
# echo "<a>"
i=0
else
# echo "<b>"
echo "interface '$Interface' already defined, exiting"
exit 0
fi
# Let's get parameters from configuration file
Address=$(cat $ConfigFile | grep Address | awk '{print $3}')
PrivateKey=$(cat $ConfigFile | grep PrivateKey | awk '{print $3}' )
PublicKey=$(cat $ConfigFile | grep PublicKey | awk '{print $3}' )
PresharedKey=$(cat $ConfigFile | grep PresharedKey | awk '{print $3}' )
Server=$(cat $ConfigFile | grep Endpoint | awk '{print $3}' )
Endpoint=${Server%:*}
Port=${Server##*:}
Keepalive=$(cat $ConfigFile | grep PersistentKeepalive | awk '{print $3}' )
AllowedIPs=$(cat $ConfigFile | grep AllowedIPs | awk '{print $3}' )
MTU=$(cat $ConfigFile | grep MTU | awk '{print $3}' )
if [ -z "$Address" ]
then
echo "Missing address, exiting."
exit 0
fi
if [ -z "$PrivateKey" ]
then
echo "Missing PrivateKey, exiting."
exit 0
fi
if [ -z "$PublicKey" ]
then
echo "Missing PublicKey, exiting."
exit 0
fi
if [ -z "$PresharedKey" ]
then
echo "Missing PresharedKey, exiting."
exit 0
fi
if [ -z "$AllowedIPs" ]
then
echo "Allowed IPs field empty, exiting."
exit 0
fi
if [ -z "$Endpoint" ]
then
echo "Missing Endpoint, exiting."
exit 0
fi
# Parameter Expansion
# https://www.unix.com/shell-programming-and-scripting/75409-sub-string-after-last-occurence.html
#echo "server <$Endpoint>"
#echo "porta <$Port>"
#echo "PrivateKey <$PrivateKey>"
#echo ${Server##*:}
#echo ${Server%:*}
#echo $PrivateKey
code=""
#code="config interface 'wg0'"
nl=$'\n\nconfig interface \'wg0\''
code="$code $nl"
# defo fare tutta sta manfrina per combinare caratteri di escape e variabili in bash!!!!
nl=$'\n\toption proto \'wireguard\''
code="$code $nl"
# listen_port
nl=$'\n\toption listen_port '
code="$code $nl"
code="$code'$Port'"
# private_key
nl=$'\n\toption private_key '
code="$code $nl"
code="$code'$PrivateKey'"
# address
nl=$'\n\tlist addresses '
code="$code $nl"
code="$code'$Address'"
# MTU
nl=$'\n\toption mtu '
code="$code $nl"
code="$code'$MTU'"
nl=$'\n\toption disabled \'1\''
code="$code $nl"
# =============================================================
nl=$'\n\nconfig wireguard_wg0 \'wg\''
code="$code $nl"
# public_key
nl=$'\n\toption public_key '
code="$code $nl"
code="$code'$PublicKey'"
# preshared_key
nl=$'\n\toption preshared_key '
code="$code $nl"
code="$code'$PresharedKey'"
# allowed_ips
nl=$'\n\tlist allowed_ips '
code="$code $nl"
code="$code'$AllowedIPs'"
# persistent_keepalive
nl=$'\n\toption persistent_keepalive '
code="$code $nl"
code="$code'$Keepalive'"
# endpoint_host
nl=$'\n\toption endpoint_host '
code="$code $nl"
code="$code'$Endpoint'"
nl=$'\n\toption route_allowed_ips \'1\''
code="$code $nl"
#echo "$code" > /root/myscripts/pippo.txt
cp /etc/config/network /etc/config/network.bak
echo "$code" >> /etc/config/network
Then you only need to enable client under Services → VPN → Wireguard
Running and tested on RUT955 fw.ver RUT9_R_00.07.02.7.