diff options
Diffstat (limited to 'wireguardmeshgenerator.rb')
| -rw-r--r-- | wireguardmeshgenerator.rb | 55 |
1 files changed, 21 insertions, 34 deletions
diff --git a/wireguardmeshgenerator.rb b/wireguardmeshgenerator.rb index 2a76e73..a83370e 100644 --- a/wireguardmeshgenerator.rb +++ b/wireguardmeshgenerator.rb @@ -1,26 +1,13 @@ #!/usr/bin/env ruby +require 'yaml' require 'fileutils' -WIREGUARD_TOOL = '/usr/bin/wg'.freeze -HOSTS = { - f0: { lan: { domain: 'lan.buetow.org', ip: '192.168.1.130' }, - wg0: { domain: 'wg0.buetow.org', ip: '192.168.2.130' } }, - f1: { lan: { domain: 'lan.buetow.org', ip: '192.168.1.131' }, - wg0: { domain: 'wg0.buetow.org', ip: '192.168.2.131' } }, - f2: { lan: { domain: 'lan.buetow.org', ip: '192.168.1.132' }, - wg0: { domain: 'wg0.buetow.org', ip: '192.168.2.132' } }, - r0: { lan: { domain: 'lan.buetow.org', ip: '192.168.1.120' }, - wg0: { domain: 'wg0.buetow.org', ip: '192.168.2.120' } }, - r1: { lan: { domain: 'lan.buetow.org', ip: '192.168.1.121' }, - wg0: { domain: 'wg0.buetow.org', ip: '192.168.2.121' } }, - r2: { lan: { domain: 'lan.buetow.org', ip: '192.168.1.122' }, - wg0: { domain: 'wg0.buetow.org', ip: '192.168.2.122' } } -}.freeze - # Generates Wireguard keys and config files for each host class KeyTool def initialize(myself) + raise 'Wireguard tool not found' unless system('which wg > /dev/null 2>&1') + keys_dir = "keys/#{myself}/" FileUtils.mkdir_p(keys_dir) unless Dir.exist?(keys_dir) @@ -40,11 +27,11 @@ class KeyTool private def generate! = gen_privpub! && genpsk! - def genpsk! = File.write(@preshared_path, `#{WIREGUARD_TOOL} genpsk`) + def genpsk! = File.write(@preshared_path, `wg genpsk`) def gen_privpub! - privkey = IO.popen("#{WIREGUARD_TOOL} genkey", 'r+', &:read) - IO.popen("#{WIREGUARD_TOOL} pubkey", 'r+') do |io| + privkey = IO.popen('wg genkey', 'r+', &:read) + IO.popen('wg pubkey', 'r+') do |io| io.puts(privkey) io.close_write File.write(@privkey_path, privkey) @@ -53,7 +40,7 @@ class KeyTool end end -PeerSnippet = Struct.new(:myself, :domain, :allowed_ips) do +PeerSnippet = Struct.new(:myself, :domain, :allowed_ips, :endpoint) do def to_s keys = KeyTool.new(myself) <<~PEER_CONFIG @@ -61,6 +48,7 @@ PeerSnippet = Struct.new(:myself, :domain, :allowed_ips) do # #{myself}.#{domain} PublicKey = #{keys.pub} PresharedKey = #{keys.preshared} + Endpoint = #{endpoint}:56709 AllowedIPs = #{allowed_ips}/32 PEER_CONFIG end @@ -69,31 +57,30 @@ end WireguardConfig = Struct.new(:myself, :hosts) do def to_s peers = hosts.reject { _1 == myself }.map do |hostname, data| - PeerSnippet.new(hostname, data[:wg0][:domain], data[:wg0][:ip]) + PeerSnippet.new(hostname, data['wg0']['domain'], data['wg0']['ip'], data['lan']['ip']) end keys = KeyTool.new(myself) <<~CONFIG [Interface] - # #{myself}.#{hosts[myself][:wg0][:domain]} - Address = #{hosts[myself][:wg0][:ip]} + # #{myself}.#{hosts[myself]['wg0']['domain']} + Address = #{hosts[myself]['wg0']['ip']} PrivateKey = #{keys.priv} PresharedKey = #{keys.preshared} + ListenPort = 56709 #{peers.map(&:to_s).join("\n")} CONFIG end -end -HOSTS.each_key do |hostname| - raise 'Wireguard tool not found' unless File.exist?(WIREGUARD_TOOL) - - config_dir = "dist/#{hostname}/etc/wireguard" - key_dir = "keys/#{hostname}/" - config_path = "#{config_dir}/wg0.conf" - [config_dir, key_dir].each { FileUtils.mkdir_p(_1) unless Dir.exist?(_1) } + def generate! + dist_dir = "dist/#{myself}/etc/wireguard" + FileUtils.mkdir_p(dist_dir) unless Dir.exist?(dist_dir) + File.write("#{dist_dir}/wg0.conf", to_s) + end +end - wg0 = WireguardConfig.new(hostname, HOSTS) - puts "Generating config for #{hostname} at #{config_path}" - File.write(config_path, wg0.to_s) +CONFIG = YAML.load_file('wireguardmeshgenerator.yaml').freeze +CONFIG['hosts'].each_key do |hostname| + WireguardConfig.new(hostname, CONFIG['hosts']).generate! end |