Add peer scripts
This commit is contained in:
parent
229bd2efa6
commit
7fe3a64ad5
51
addinternal.sh
Normal file
51
addinternal.sh
Normal file
|
@ -0,0 +1,51 @@
|
||||||
|
#!/bin/bash
|
||||||
|
asn="4242422341"
|
||||||
|
nick="zotan"
|
||||||
|
ip4="172.20.177.33"
|
||||||
|
ip6="fdff:b02d:2ef7::2"
|
||||||
|
|
||||||
|
read -p "Interface > " iface
|
||||||
|
read -p "Local WG ListenPort > " port
|
||||||
|
read -p "Peer WG Pubkey > " pubkey
|
||||||
|
read -p "Peer WG Endpoint > " endpoint
|
||||||
|
read -p "Peer DN42 IPv4 > " tun4
|
||||||
|
read -p "Peer DN42 IPv6 > " tun6
|
||||||
|
read -p "Peer node hostname > " host
|
||||||
|
|
||||||
|
node="AS${asn}_${nick}_${host}"
|
||||||
|
|
||||||
|
sudo tee -a /etc/systemd/network/$iface.netdev << END
|
||||||
|
[NetDev]
|
||||||
|
Name = $iface
|
||||||
|
Kind = wireguard
|
||||||
|
Description = WireGuard
|
||||||
|
|
||||||
|
[WireGuard]
|
||||||
|
ListenPort = $port
|
||||||
|
PrivateKeyFile = /etc/wireguard/private.key
|
||||||
|
|
||||||
|
[WireGuardPeer]
|
||||||
|
PublicKey = $pubkey
|
||||||
|
Endpoint = $endpoint
|
||||||
|
AllowedIPs = 172.16.0.0/12,10.0.0.0/8,fd00::/8,fe80::/10
|
||||||
|
END
|
||||||
|
|
||||||
|
sudo tee -a /etc/systemd/network/$iface.network << END
|
||||||
|
[Match]
|
||||||
|
Name = $iface
|
||||||
|
|
||||||
|
[Address]
|
||||||
|
Address = $ip6/128
|
||||||
|
Peer = $tun6/128
|
||||||
|
|
||||||
|
[Address]
|
||||||
|
Address = $ip4/32
|
||||||
|
Peer = $tun4/32
|
||||||
|
END
|
||||||
|
|
||||||
|
sudo tee -a /etc/bird/peers/$node.conf << END
|
||||||
|
protocol bgp ${node} from ipeers {
|
||||||
|
neighbor $tun6%$iface;
|
||||||
|
}
|
||||||
|
END
|
||||||
|
|
64
addpeer.sh
Normal file
64
addpeer.sh
Normal file
|
@ -0,0 +1,64 @@
|
||||||
|
#!/bin/bash
|
||||||
|
ip4="172.20.177.33"
|
||||||
|
ip6="fe80::2342"
|
||||||
|
|
||||||
|
read -p "Interface > " iface
|
||||||
|
read -p "Local WG ListenPort > " port
|
||||||
|
read -p "Peer WG Pubkey > " pubkey
|
||||||
|
read -p "Peer WG Endpoint > " endpoint
|
||||||
|
read -p "Peer WG Tunnel IPv4 > " tun4
|
||||||
|
read -p "Peer WG Tunnel IPv6 > " tun6
|
||||||
|
read -p "Peer AS > " asn
|
||||||
|
read -p "Peer nick > " nick
|
||||||
|
|
||||||
|
node="AS${asn}_$nick"
|
||||||
|
|
||||||
|
sudo tee -a /etc/systemd/network/$iface.netdev << END
|
||||||
|
[NetDev]
|
||||||
|
Name = $iface
|
||||||
|
Kind = wireguard
|
||||||
|
Description = WireGuard
|
||||||
|
|
||||||
|
[WireGuard]
|
||||||
|
ListenPort = $port
|
||||||
|
PrivateKeyFile = /etc/wireguard/private.key
|
||||||
|
|
||||||
|
[WireGuardPeer]
|
||||||
|
PublicKey = $pubkey
|
||||||
|
Endpoint = $endpoint
|
||||||
|
AllowedIPs = 172.16.0.0/12,10.0.0.0/8,fd00::/8,fe80::/10
|
||||||
|
END
|
||||||
|
|
||||||
|
sudo tee -a /etc/systemd/network/$iface.network << END
|
||||||
|
[Match]
|
||||||
|
Name = $iface
|
||||||
|
END
|
||||||
|
|
||||||
|
if [ ! -z "$tun6" ]; then
|
||||||
|
sudo tee -a /etc/systemd/network/$iface.network << END
|
||||||
|
|
||||||
|
[Address]
|
||||||
|
Address = $ip6/128
|
||||||
|
Peer = $tun6/128
|
||||||
|
END
|
||||||
|
fi
|
||||||
|
|
||||||
|
if [ ! -z "$tun4" ]; then
|
||||||
|
sudo tee -a /etc/systemd/network/$iface.network << END
|
||||||
|
|
||||||
|
[Address]
|
||||||
|
Address = $ip4/32
|
||||||
|
Peer = $tun4/32
|
||||||
|
END
|
||||||
|
fi
|
||||||
|
|
||||||
|
sudo tee -a /etc/bird/peers/$node.conf << END
|
||||||
|
protocol bgp $node from dnpeers {
|
||||||
|
neighbor $tun4 as $asn;
|
||||||
|
}
|
||||||
|
|
||||||
|
protocol bgp ${node}_v6 from dnpeers {
|
||||||
|
neighbor $tun6%$iface as $asn;
|
||||||
|
}
|
||||||
|
END
|
||||||
|
|
Loading…
Reference in a new issue