add scripts/generate-wireguard-client-certificate
All checks were successful
bundlewrap/pipeline/head This commit looks good
All checks were successful
bundlewrap/pipeline/head This commit looks good
This commit is contained in:
parent
6ae0d31840
commit
6f80303782
GPG key ID:
12E3D2136B818350
1 changed files with 36 additions and 0 deletions
36
scripts/generate-wireguard-client-certificate
Executable file
36
scripts/generate-wireguard-client-certificate
Executable file
|
|
@ -0,0 +1,36 @@
|
||||||
|
#!/usr/bin/env python3
|
||||||
|
|
||||||
|
from os import environ
|
||||||
|
from sys import argv, exit
|
||||||
|
from uuid import uuid4
|
||||||
|
|
||||||
|
from bundlewrap.repo import Repository
|
||||||
|
|
||||||
|
try:
|
||||||
|
username = argv[1]
|
||||||
|
except IndexError:
|
||||||
|
print('Usage: {} <username>'.format(argv[0]))
|
||||||
|
exit(1)
|
||||||
|
|
||||||
|
repo = Repository(environ.get('BW_REPO_PATH', '.'))
|
||||||
|
|
||||||
|
privkey = repo.libs.keys.gen_privkey(repo, f'wireguard {username} key {uuid4()}')
|
||||||
|
psk = repo.libs.keys.gen_privkey(repo, f'wireguard {username} psk {uuid4()}')
|
||||||
|
pubkey = repo.libs.keys.get_pubkey_from_privkey(repo, f'wireguard {username}', privkey)
|
||||||
|
|
||||||
|
enc_psk = repo.vault.encrypt(str(psk))
|
||||||
|
enc_pubkey = repo.vault.encrypt(str(pubkey))
|
||||||
|
|
||||||
|
# editorconfig-checker-disable
|
||||||
|
print(f"""Keys have been generated. Please take note of them:
|
||||||
|
|
||||||
|
Private Key: {privkey}
|
||||||
|
PSK: {psk}
|
||||||
|
Public Key: {pubkey}
|
||||||
|
|
||||||
|
Put the following config into your desired wireguard server config:
|
||||||
|
|
||||||
|
'{username}': {{
|
||||||
|
'psk': vault.decrypt('{enc_psk}'),
|
||||||
|
'pubkey': vault.decrypt('{enc_pubkey}'),
|
||||||
|
}},""")
|
||||||
Loading…
Reference in a new issue