dnk: refactoring add LOCK and UNLOCK
This commit is contained in:
Daniil Firsov
parent
a671ad7b41
commit
68cc1ce227
@ -15,6 +15,8 @@ function usage {
|
|||||||
echo " -i : Init (Create server keys and configs)"
|
echo " -i : Init (Create server keys and configs)"
|
||||||
echo " -c : Create new user"
|
echo " -c : Create new user"
|
||||||
echo " -d : Delete user"
|
echo " -d : Delete user"
|
||||||
|
echo " -L : Lock user"
|
||||||
|
echo " -U : Unlock user"
|
||||||
echo " -p : Print user config"
|
echo " -p : Print user config"
|
||||||
echo " -q : Print user QR code"
|
echo " -q : Print user QR code"
|
||||||
echo " -u <user> : User identifier (uniq field for vpn account)"
|
echo " -u <user> : User identifier (uniq field for vpn account)"
|
||||||
@ -26,11 +28,13 @@ function usage {
|
|||||||
unset USER
|
unset USER
|
||||||
umask 0077
|
umask 0077
|
||||||
|
|
||||||
while getopts ":icdpqhu:s:" opt; do
|
while getopts ":icdpqhLUu:s:" opt; do
|
||||||
case $opt in
|
case $opt in
|
||||||
i) INIT=1 ;;
|
i) INIT=1 ;;
|
||||||
c) CREATE=1 ;;
|
c) CREATE=1 ;;
|
||||||
d) DELETE=1 ;;
|
d) DELETE=1 ;;
|
||||||
|
L) LOCK=1 ;;
|
||||||
|
U) UNLOCK=1 ;;
|
||||||
p) PRINT_USER_CONFIG=1 ;;
|
p) PRINT_USER_CONFIG=1 ;;
|
||||||
q) PRINT_QR_CODE=1 ;;
|
q) PRINT_QR_CODE=1 ;;
|
||||||
u) USER="$OPTARG" ;;
|
u) USER="$OPTARG" ;;
|
||||||
@ -53,6 +57,47 @@ function reload_server {
|
|||||||
wg syncconf ${SERVER_NAME} <(wg-quick strip ${SERVER_NAME})
|
wg syncconf ${SERVER_NAME} <(wg-quick strip ${SERVER_NAME})
|
||||||
}
|
}
|
||||||
|
|
||||||
|
function get_new_ip {
|
||||||
|
LAST_IP=$[$(cat "keys/.last_ip") + 1]
|
||||||
|
if [ $LAST_IP -gt 255 ]; then
|
||||||
|
echo "ERROR: can't determine new address"
|
||||||
|
exit 3
|
||||||
|
fi
|
||||||
|
|
||||||
|
echo -n "${LAST_IP}" > "keys/.last_ip"
|
||||||
|
echo "${SERVER_IP_PREFIX}.${LAST_IP}/32"
|
||||||
|
}
|
||||||
|
|
||||||
|
function add_user_to_server {
|
||||||
|
local USER=$1
|
||||||
|
|
||||||
|
if [ ! -f "keys/${USER}/public.key" ]; then
|
||||||
|
echo "ERROR: User not exists"
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
|
||||||
|
local USER_PUB_KEY=$(cat "keys/${USER}/public.key")
|
||||||
|
local USER_IP=$( get_new_ip )
|
||||||
|
|
||||||
|
if grep "# BEGIN ${USER}$" "$HOME_DIR/$SERVER_NAME.conf" >/dev/null ; then
|
||||||
|
echo "User already exists"
|
||||||
|
exit 0
|
||||||
|
fi
|
||||||
|
|
||||||
|
cat <<EOF >> "$HOME_DIR/$SERVER_NAME.conf"
|
||||||
|
# BEGIN ${USER}
|
||||||
|
[Peer]
|
||||||
|
PublicKey = ${USER_PUB_KEY}
|
||||||
|
AllowedIPs = ${USER_IP}
|
||||||
|
# END ${USER}
|
||||||
|
EOF
|
||||||
|
}
|
||||||
|
|
||||||
|
function remove_user_from_server {
|
||||||
|
local USER=$1
|
||||||
|
sed -i "/# BEGIN ${USER}$/,/# END ${USER}$/d" "${HOME_DIR}/$SERVER_NAME.conf"
|
||||||
|
}
|
||||||
|
|
||||||
function init {
|
function init {
|
||||||
if [ -z "$SERVER_ENDPOINT" ]; then
|
if [ -z "$SERVER_ENDPOINT" ]; then
|
||||||
echo "ERROR: Server required"
|
echo "ERROR: Server required"
|
||||||
@ -100,15 +145,7 @@ function create {
|
|||||||
fi
|
fi
|
||||||
|
|
||||||
SERVER_ENDPOINT=$(cat "keys/.server")
|
SERVER_ENDPOINT=$(cat "keys/.server")
|
||||||
|
USER_IP=$( get_new_ip )
|
||||||
LAST_IP=$[$(cat "keys/.last_ip") + 1]
|
|
||||||
if [ $LAST_IP -gt 255 ]; then
|
|
||||||
echo "ERROR: can't determine new address"
|
|
||||||
exit 3
|
|
||||||
fi
|
|
||||||
|
|
||||||
echo -n "${LAST_IP}" > "keys/.last_ip"
|
|
||||||
USER_IP="${SERVER_IP_PREFIX}.${LAST_IP}/32"
|
|
||||||
|
|
||||||
mkdir "keys/${USER}"
|
mkdir "keys/${USER}"
|
||||||
wg genkey | tee "keys/${USER}/private.key" | wg pubkey > "keys/${USER}/public.key"
|
wg genkey | tee "keys/${USER}/private.key" | wg pubkey > "keys/${USER}/public.key"
|
||||||
@ -117,15 +154,6 @@ function create {
|
|||||||
USER_PUB_KEY=$(cat "keys/${USER}/public.key")
|
USER_PUB_KEY=$(cat "keys/${USER}/public.key")
|
||||||
SERVER_PUB_KEY=$(cat "keys/$SERVER_NAME/public.key")
|
SERVER_PUB_KEY=$(cat "keys/$SERVER_NAME/public.key")
|
||||||
|
|
||||||
cat <<EOF >> "$HOME_DIR/$SERVER_NAME.conf"
|
|
||||||
# BEGIN ${USER}
|
|
||||||
[Peer]
|
|
||||||
PublicKey = ${USER_PUB_KEY}
|
|
||||||
AllowedIPs = ${USER_IP}
|
|
||||||
# END ${USER}
|
|
||||||
|
|
||||||
EOF
|
|
||||||
|
|
||||||
cat <<EOF > "${HOME_DIR}/keys/${USER}/${USER}.conf"
|
cat <<EOF > "${HOME_DIR}/keys/${USER}/${USER}.conf"
|
||||||
[Interface]
|
[Interface]
|
||||||
Address = ${USER_IP}
|
Address = ${USER_IP}
|
||||||
@ -139,6 +167,7 @@ PersistentKeepalive = 20
|
|||||||
AllowedIPs = 0.0.0.0/0
|
AllowedIPs = 0.0.0.0/0
|
||||||
EOF
|
EOF
|
||||||
|
|
||||||
|
add_user_to_server $USER
|
||||||
reload_server
|
reload_server
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -164,8 +193,20 @@ if [ $CREATE ]; then
|
|||||||
fi
|
fi
|
||||||
|
|
||||||
if [ $DELETE ]; then
|
if [ $DELETE ]; then
|
||||||
sed -i "/# BEGIN ${USER}/,/# END ${USER}/d" "${HOME_DIR}/$SERVER_NAME.conf"
|
|
||||||
rm -rf "${HOME_DIR}/keys/${USER}"
|
rm -rf "${HOME_DIR}/keys/${USER}"
|
||||||
|
remove_user_from_server $USER
|
||||||
|
reload_server
|
||||||
|
exit 0
|
||||||
|
fi
|
||||||
|
|
||||||
|
if [ $LOCK ]; then
|
||||||
|
remove_user_from_server $USER
|
||||||
|
reload_server
|
||||||
|
exit 0
|
||||||
|
fi
|
||||||
|
|
||||||
|
if [ $UNLOCK ]; then
|
||||||
|
add_user_to_server $USER
|
||||||
reload_server
|
reload_server
|
||||||
exit 0
|
exit 0
|
||||||
fi
|
fi
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user