45 lines
1.4 KiB
Python
Executable file
45 lines
1.4 KiB
Python
Executable file
#!/usr/bin/env python3
|
|
|
|
from bundlewrap.repo import Repository
|
|
from os.path import realpath, dirname
|
|
from sys import argv
|
|
from ipaddress import ip_network, ip_interface
|
|
|
|
repo = Repository(dirname(dirname(realpath(__file__))))
|
|
|
|
server_node = repo.get_node(argv[1])
|
|
data = server_node.metadata.get(f'wireguard/clients/{argv[2]}')
|
|
|
|
vpn_network = ip_interface(server_node.metadata.get('wireguard/my_ip')).network
|
|
allowed_ips = [
|
|
vpn_network,
|
|
ip_interface(server_node.metadata.get('network/internal/ipv4')).network,
|
|
]
|
|
for peer in server_node.metadata.get('wireguard/s2s').values():
|
|
for network in peer['allowed_ips']:
|
|
if not ip_network(network).subnet_of(vpn_network):
|
|
allowed_ips.append(ip_network(network))
|
|
|
|
conf = \
|
|
f'''>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
|
|
|
|
[Interface]
|
|
PrivateKey = {repo.libs.wireguard.privkey(data['peer_id'])}
|
|
ListenPort = 51820
|
|
Address = {data['peer_ip']}
|
|
DNS = 172.30.0.1
|
|
|
|
[Peer]
|
|
PublicKey = {repo.libs.wireguard.pubkey(server_node.metadata.get('id'))}
|
|
PresharedKey = {repo.libs.wireguard.psk(data['peer_id'], server_node.metadata.get('id'))}
|
|
AllowedIPs = {', '.join(str(client_route) for client_route in sorted(allowed_ips))}
|
|
Endpoint = {ip_interface(server_node.metadata.get('network/external/ipv4')).ip}:51820
|
|
PersistentKeepalive = 10
|
|
|
|
<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<'''
|
|
|
|
print(conf)
|
|
|
|
if input("print qrcode? [yN]: ").upper() == 'Y':
|
|
import pyqrcode
|
|
print(pyqrcode.create(conf).terminal(quiet_zone=1))
|