39 lines
1.3 KiB
Python
Executable file
39 lines
1.3 KiB
Python
Executable file
#!/usr/bin/env python3
|
|
|
|
from bundlewrap.repo import Repository
|
|
from os.path import realpath, dirname
|
|
from sys import argv
|
|
from ipaddress import ip_network, ip_interface
|
|
|
|
repo = Repository(dirname(dirname(realpath(__file__))))
|
|
|
|
server_node = repo.get_node('htz.mails')
|
|
data = server_node.metadata.get(f'wireguard/clients/{argv[1]}')
|
|
|
|
sortable_client_routes = [
|
|
ip_interface(server_node.metadata.get('network/internal/ipv4')).network,
|
|
]
|
|
for peer in server_node.metadata.get('wireguard/peers').values():
|
|
for network in peer.get('route'):
|
|
sortable_client_routes.append(ip_network(network))
|
|
|
|
client_routes = [
|
|
ip_interface(server_node.metadata.get('wireguard/my_ip')).ip,
|
|
ip_interface(server_node.metadata.get('wireguard/my_ip')).network,
|
|
*sorted(sortable_client_routes),
|
|
]
|
|
|
|
print(
|
|
f'''[Interface]
|
|
PrivateKey = {repo.libs.wireguard.privkey(data['id'])}
|
|
ListenPort = 51820
|
|
Address = {data['ip']}
|
|
DNS = 8.8.8.8
|
|
|
|
[Peer]
|
|
PublicKey = {repo.libs.wireguard.pubkey(server_node.metadata.get('id'))}
|
|
PresharedKey = {repo.libs.wireguard.psk(data['id'], server_node.metadata.get('id'))}
|
|
AllowedIPs = {', '.join(str(client_route) for client_route in client_routes)}
|
|
Endpoint = {ip_interface(server_node.metadata.get('network/external/ipv4')).ip}:51820
|
|
PersistentKeepalive = 10'''
|
|
)
|