sdis29-1/ansible/wireguard/mkwgconf-p2p.sh

#!/bin/bash
set -u
set -e

AddressAwg=10.0.0.1/32  # Adresse VPN Wireguard MON
EndpointA=172.16.0.102  # Adresse extremite MON
PortA=51820             # Port ecoute extremite MON
AddressBwg=10.0.0.2/32  # Adresse VPN Wireguard PROD
EndpointB=172.16.0.100  # Adresse extremite PROD
PortB=51820             # Port ecoute extremite PROD
AddressCwg=10.0.0.3/32	# Adresse VPN Wireguard TEST
EndpointC=172.16.0.101	# Adresse extremite TEST
PortC=51820		# Port ecoute extremite TEST

umask 077 ;  
wg genkey > endpoint-a.key
wg pubkey < endpoint-a.key > endpoint-a.pub

wg genkey > endpoint-b.key
wg pubkey < endpoint-b.key > endpoint-b.pub

wg genkey > endpoint-c.key
wg pubkey < endpoint-c.key > endpoint-c.pub

PKA=$(cat endpoint-a.key)
pKA=$(cat endpoint-a.pub)
PKB=$(cat endpoint-b.key)
pKB=$(cat endpoint-b.pub)
PKC=$(cat endpoint-c.key)
pKC=$(cat endpoint-c.pub)

cat <<FINI > wg0-mon.conf
# local settings for ap31-mon
[Interface]
PrivateKey = $PKA
Address = $AddressAwg
ListenPort = $PortA

# remote settings for ap31-prod
[Peer]
PublicKey = $pKB
Endpoint = ${EndpointB}:$PortB
AllowedIPs = $AddressBwg

# remote settings for ap31-test
[Peer]
PublicKey= $pKC
Endpoint = ${EndpointC}:$PortC
AllowedIPs = $AddressCwg
FINI


cat <<FINI > wg0-prod.conf
# local settings for ap31-prod
[Interface]
PrivateKey = $PKB
Address = $AddressBwg
ListenPort = $PortB

# remote settings for ap31-mon
[Peer]
PublicKey = $pKA
Endpoint = ${EndpointA}:$PortA
AllowedIPs = $AddressAwg
FINI


cat <<FINI > wg0-test.conf
# local settings for ap31-test
[Interface]
PrivateKey = $PKC
Address = $AddressCwg
ListenPort = $PortC

# remote settings for ap31-mon
[Peer]
PublicKey = $pKA
Endpoint = ${EndpointA}:$PortA
AllowedIPs = $AddressAwg
FINI