Script for creating wireguard client from configuration file

Hi guys, here script I wrote to read a wireguard configuration file (created using wireguard ui) and create wireguard client on Teltonika:

#!/bin/ash
# this script will setup wireguard client from wireguard configuration file (created from wireguard-ui)
# successfully testet on RUT955 fw ver. RUT9_R_00.07.02.7



# Wireguard parameters are read from wireguard configuration files, then similar parameters are added to /etc/config/netowrk

#config interface 'wg0'
#        option proto 'wireguard'
#        option listen_port '51820'
#        option private_key 'gMMzSc5555YIAbaWv/hyHRGB96C1kCVOjqRmm6xAi3Y='
#        list addresses '192.168.1.2/32'
#        option disabled '0'
#
#config wireguard_wg0 'wg'
#        option public_key '3zb4f5k9IH/GgISE2X5MbetUxnHd5OUFi7tdq2hO5G8='
#        option preshared_key 'w5V7hZKKsC9C/bB+ktvjF9Qfkm5rWUtA6lDQJCHGCWw='
#        list allowed_ips '192.168.1.0/24'
#        option persistent_keepalive '15'
#        option endpoint_host '2.7.14.9'
#        option route_allowed_ips '1'



# first of all, let's check to supply configuration file
if [ "$#" -ne 1 ]; then
    echo "Usage: wireguard_conf.sh wireguard_configuration_file.conf"
	exit 0
fi



# supplied configuration file will be something similar "client1.conf" or "client1", so we'll create new wireguard interface named "client1" 
ConfigFile="$1"
Interface=${ConfigFile%.*}
#echo "interfaccia: $Interface"


# let's check for interface name length: interface name must be up to 8 chars
if [ ${#Interface} -gt 8 ]
then 
   echo "error, interface name '$Interface' too long, exiting" 
   exit 0
fi


# now let's check if such interface already exists



# force interface name to "wg0"
#Interface=wg0


res=$(cat /etc/config/network | grep "config interface" | grep "$Interface")

#echo "res = <$res>"
if [ -z "$res" ]
then
#      echo "<a>"
	  i=0
else
#	echo "<b>"
      echo "interface '$Interface' already defined, exiting"
	  exit 0
fi


# Let's get parameters from configuration file



Address=$(cat $ConfigFile | grep Address | awk   '{print $3}')
PrivateKey=$(cat $ConfigFile | grep PrivateKey | awk   '{print $3}' )
PublicKey=$(cat $ConfigFile | grep PublicKey | awk   '{print $3}' )
PresharedKey=$(cat $ConfigFile | grep PresharedKey | awk   '{print $3}' )
Server=$(cat $ConfigFile | grep Endpoint | awk   '{print $3}' )
Endpoint=${Server%:*}
Port=${Server##*:}
Keepalive=$(cat $ConfigFile | grep PersistentKeepalive | awk   '{print $3}' )
AllowedIPs=$(cat $ConfigFile | grep AllowedIPs | awk   '{print $3}' )
MTU=$(cat $ConfigFile | grep MTU | awk   '{print $3}' )






if [ -z "$Address" ]
then
      echo "Missing address, exiting."
      exit 0
fi

if [ -z "$PrivateKey" ]
then
      echo "Missing PrivateKey, exiting."
      exit 0
fi

if [ -z "$PublicKey" ]
then
      echo "Missing PublicKey, exiting."
      exit 0
fi

if [ -z "$PresharedKey" ]
then
      echo "Missing PresharedKey, exiting."
      exit 0
fi

if [ -z "$AllowedIPs" ]
then
      echo "Allowed IPs field empty, exiting."
      exit 0
fi

if [ -z "$Endpoint" ]
then
      echo "Missing Endpoint, exiting."
      exit 0
fi



# Parameter Expansion
# https://www.unix.com/shell-programming-and-scripting/75409-sub-string-after-last-occurence.html
#echo "server <$Endpoint>"
#echo "porta <$Port>"
#echo "PrivateKey <$PrivateKey>"
#echo ${Server##*:}
#echo ${Server%:*}



#echo $PrivateKey
code=""
#code="config interface 'wg0'"


nl=$'\n\nconfig interface \'wg0\''
code="$code $nl"

# defo fare tutta sta manfrina per combinare caratteri di escape e variabili in bash!!!!
nl=$'\n\toption proto \'wireguard\''
code="$code $nl"

# listen_port
nl=$'\n\toption listen_port '
code="$code $nl"
code="$code'$Port'"

# private_key
nl=$'\n\toption private_key '
code="$code $nl"
code="$code'$PrivateKey'"
 
# address
nl=$'\n\tlist addresses '
code="$code $nl"
code="$code'$Address'"

# MTU
nl=$'\n\toption mtu '
code="$code $nl"
code="$code'$MTU'"

nl=$'\n\toption disabled \'1\''
code="$code $nl"

# =============================================================
nl=$'\n\nconfig wireguard_wg0 \'wg\''
code="$code $nl"

# public_key
nl=$'\n\toption public_key '
code="$code $nl"
code="$code'$PublicKey'"

# preshared_key
nl=$'\n\toption preshared_key '
code="$code $nl"
code="$code'$PresharedKey'"

# allowed_ips
nl=$'\n\tlist allowed_ips '
code="$code $nl"
code="$code'$AllowedIPs'"

# persistent_keepalive
nl=$'\n\toption persistent_keepalive '
code="$code $nl"
code="$code'$Keepalive'"

# endpoint_host
nl=$'\n\toption endpoint_host '
code="$code $nl"
code="$code'$Endpoint'"

nl=$'\n\toption route_allowed_ips \'1\''
code="$code $nl"

#echo "$code" > /root/myscripts/pippo.txt
cp /etc/config/network /etc/config/network.bak
echo "$code" >> /etc/config/network

Then you only need to enable client under Services → VPN → Wireguard
Running and tested on RUT955 fw.ver RUT9_R_00.07.02.7.

Working also on RUT9_R_00.07.06.13

This topic was automatically closed after 15 days. New replies are no longer allowed.