Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
OpenWRT script to setup wireguard public and private keys for a mobile device client. Outputs a QR code for easy setup with the WireGuard app.
#update and install dependencies
echo "Updating package list and installing:"
echo "kmod-wireguard luci-app-wireguard luci-proto-wireguard wireguard wireguard-tools qrencode"
echo
#opkg update
opkg install kmod-wireguard luci-app-wireguard luci-proto-wireguard wireguard wireguard-tools qrencode
#generate keys
wg genkey | tee server-privatekey | wg pubkey > server-publickey
wg genkey | tee client-privatekey | wg pubkey > client-publickey
#assign variables - massively unsafe????
srvpub=$(cat server-publickey)
srvprv=$(cat server-privatekey)
peerpub=$(cat client-publickey)
peerprv=$(cat client-privatekey)
#Ask for some data
echo
echo "What will be the IP Address of the mobile client?"
read peerip
echo
echo "What is the DNS server on the server network"
read dnssrv
#echo "What is the Public Key of the Host?"
#read srvpub_input
echo
echo "What is the Host IP address or FQDN including port?"
read hostendpoint
echo
#create config file for mobile client
echo "[Interface]
Address = $peerip
PrivateKey = $peerprv
DNS = $dnssrv
[Peer]
Endpoint = $hostendpoint
PublicKey = $srvpub
AllowedIPs = 0.0.0.0/0
PersistentKeepalive = 25" > mobile_client.conf
#remove all the keys
rm -v server-privatekey
rm -v server-publickey
rm -v client-privatekey
rm -v client-publickey
echo
echo "Client config saved to mobile_client.conf"
echo
#show the qr code using the config file
qrencode -t ansiutf8 < mobile_client.conf
echo "Scan with WireGuard App. You might have to increase or decrease the text size of the terminal"
read -n 1 -s -r -p "Press any key to continue"
echo
echo
#Display key data used for creating wireguard interface
echo "Use this for the public key on OpenWRT:"
echo "$srvpub"
echo
echo "Use this for the private key on OpenWRT:"
echo "$srvprv"
echo
echo "Use this for the public key of the peer on OpenWRT:"
echo "$peerpub"
echo
echo "Done"
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.