Add two different wg

wireguard/chained_peer_setup.sh

@@ -0,0 +1,47 @@
+#!/bin/bash
+
+WG_NUM=$1
+WG_CONF="/etc/wireguard"
+PRIV_KEY_FILE="wg${WG_NUM}_privatekey"
+PUB_KEY_FILE="wg${WG_NUM}_publickey"
+CONF_FILE="wg${WG_NUM}.conf"
+
+if [ -z "$1" ]; then
+    echo "Wireguard interface number not provided."
+    exit 1
+fi
+
+if ! [[ "$1" =~ ^-?[0-9]+([.][0-9]+)?$ ]]; then
+    echo "Wireguard interface number has to be a number."
+    exit 2
+fi
+
+wg genkey | tee wg"$WG_NUM"_privatekey | wg pubkey > wg"$WG_NUM"_publickey
+
+PRIVATE_KEY=$(cat $PRIV_KEY_FILE)
+
+sudo mkdir -p $WG_CONF
+sudo mv ./$PRIV_KEY_FILE $WG_CONF
+sudo mv ./$PUB_KEY_FILE $WG_CONF
+
+read -p "Enter IP (as server) (e.g. 192.168.${WG_NUM}.1/24): " ADDRESS
+read -p "Enter wireguard subnet, should be the subnet of server IP: " WG_SUBNET
+read -p "Enter physical interface for nat out: " PHY
+read -p "Enter port to listern (e.g. 51820): " LISTEN_PORT
+
+HOME_SUBNET="10.238.75.0/24"
+
+
+CONF_CONTENT="[Interface]
+PrivateKey = $PRIVATE_KEY
+SaveConfig = false
+Address = $ADDRESS
+ListenPort = $LISTEN_PORT
+PostUp = iptables -A FORWARD -i wg$WG_NUM -j ACCEPT; iptables -t nat -A POSTROUTING -s $WG_SUBNET -d $HOME_SUBNET -o wg$WG_NUM -j MASQUERADE; iptables -t nat -A POSTROUTING -s $WG_SUBNET -o $PHY -j MASQUERADE
+PostDown = iptables -D FORWARD -i wg$WG_NUM -j ACCEPT; iptables -t nat -D POSTROUTING -s $WG_SUBNET -d $HOME_SUBNET -o wg$WG_NUM -j MASQUERADE; iptables -t nat -D POSTROUTING -s $WG_SUBNET -o $PHY -j MASQUERADE
+"
+
+echo "$CONF_CONTENT" > "$CONF_FILE"
+sudo mv "$CONF_FILE" "$WG_CONF"
+
+echo "Config saved to: $WG_CONF/$CONF_FILE"