From 7fe3a64ad5b932b55d4343fb50db5cce8c283bff Mon Sep 17 00:00:00 2001 From: Laura Hausmann Date: Fri, 3 Apr 2020 23:00:45 +0200 Subject: [PATCH] Add peer scripts --- addinternal.sh | 51 ++++++++++++++++++++++++++++++++++++++++ addpeer.sh | 64 ++++++++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 115 insertions(+) create mode 100644 addinternal.sh create mode 100644 addpeer.sh diff --git a/addinternal.sh b/addinternal.sh new file mode 100644 index 0000000..c7c8657 --- /dev/null +++ b/addinternal.sh @@ -0,0 +1,51 @@ +#!/bin/bash +asn="4242422341" +nick="zotan" +ip4="172.20.177.33" +ip6="fdff:b02d:2ef7::2" + +read -p "Interface > " iface +read -p "Local WG ListenPort > " port +read -p "Peer WG Pubkey > " pubkey +read -p "Peer WG Endpoint > " endpoint +read -p "Peer DN42 IPv4 > " tun4 +read -p "Peer DN42 IPv6 > " tun6 +read -p "Peer node hostname > " host + +node="AS${asn}_${nick}_${host}" + +sudo tee -a /etc/systemd/network/$iface.netdev << END +[NetDev] +Name = $iface +Kind = wireguard +Description = WireGuard + +[WireGuard] +ListenPort = $port +PrivateKeyFile = /etc/wireguard/private.key + +[WireGuardPeer] +PublicKey = $pubkey +Endpoint = $endpoint +AllowedIPs = 172.16.0.0/12,10.0.0.0/8,fd00::/8,fe80::/10 +END + +sudo tee -a /etc/systemd/network/$iface.network << END +[Match] +Name = $iface + +[Address] +Address = $ip6/128 +Peer = $tun6/128 + +[Address] +Address = $ip4/32 +Peer = $tun4/32 +END + +sudo tee -a /etc/bird/peers/$node.conf << END +protocol bgp ${node} from ipeers { + neighbor $tun6%$iface; +} +END + diff --git a/addpeer.sh b/addpeer.sh new file mode 100644 index 0000000..3bbc046 --- /dev/null +++ b/addpeer.sh @@ -0,0 +1,64 @@ +#!/bin/bash +ip4="172.20.177.33" +ip6="fe80::2342" + +read -p "Interface > " iface +read -p "Local WG ListenPort > " port +read -p "Peer WG Pubkey > " pubkey +read -p "Peer WG Endpoint > " endpoint +read -p "Peer WG Tunnel IPv4 > " tun4 +read -p "Peer WG Tunnel IPv6 > " tun6 +read -p "Peer AS > " asn +read -p "Peer nick > " nick + +node="AS${asn}_$nick" + +sudo tee -a /etc/systemd/network/$iface.netdev << END +[NetDev] +Name = $iface +Kind = wireguard +Description = WireGuard + +[WireGuard] +ListenPort = $port +PrivateKeyFile = /etc/wireguard/private.key + +[WireGuardPeer] +PublicKey = $pubkey +Endpoint = $endpoint +AllowedIPs = 172.16.0.0/12,10.0.0.0/8,fd00::/8,fe80::/10 +END + +sudo tee -a /etc/systemd/network/$iface.network << END +[Match] +Name = $iface +END + +if [ ! -z "$tun6" ]; then +sudo tee -a /etc/systemd/network/$iface.network << END + +[Address] +Address = $ip6/128 +Peer = $tun6/128 +END +fi + +if [ ! -z "$tun4" ]; then +sudo tee -a /etc/systemd/network/$iface.network << END + +[Address] +Address = $ip4/32 +Peer = $tun4/32 +END +fi + +sudo tee -a /etc/bird/peers/$node.conf << END +protocol bgp $node from dnpeers { + neighbor $tun4 as $asn; +} + +protocol bgp ${node}_v6 from dnpeers { + neighbor $tun6%$iface as $asn; +} +END +