add scripts/generate-wireguard-client-certificate
All checks were successful
bundlewrap/pipeline/head This commit looks good

This commit is contained in:
Franzi 2021-03-14 14:32:39 +01:00
parent 6ae0d31840
commit 6f80303782
Signed by: kunsi
GPG key ID: 12E3D2136B818350

View file

@ -0,0 +1,36 @@
#!/usr/bin/env python3
from os import environ
from sys import argv, exit
from uuid import uuid4
from bundlewrap.repo import Repository
try:
username = argv[1]
except IndexError:
print('Usage: {} <username>'.format(argv[0]))
exit(1)
repo = Repository(environ.get('BW_REPO_PATH', '.'))
privkey = repo.libs.keys.gen_privkey(repo, f'wireguard {username} key {uuid4()}')
psk = repo.libs.keys.gen_privkey(repo, f'wireguard {username} psk {uuid4()}')
pubkey = repo.libs.keys.get_pubkey_from_privkey(repo, f'wireguard {username}', privkey)
enc_psk = repo.vault.encrypt(str(psk))
enc_pubkey = repo.vault.encrypt(str(pubkey))
# editorconfig-checker-disable
print(f"""Keys have been generated. Please take note of them:
Private Key: {privkey}
PSK: {psk}
Public Key: {pubkey}
Put the following config into your desired wireguard server config:
'{username}': {{
'psk': vault.decrypt('{enc_psk}'),
'pubkey': vault.decrypt('{enc_pubkey}'),
}},""")