wireguard add users via script?

Have some feedback, questions, suggestions, or just fancy a chat? Pop it in here.
Post Reply
naddel81
Posts: 31
Joined: Sun Jul 21, 2019 12:54 pm

wireguard add users via script?

Post by naddel81 »

hi micha and team,

can I use this to add more clients to my existing WG config?

https://github.com/adrianmihalko/raspbe ... ent-script

would be great to have such a script in dietpi.

best wishes!
User avatar
Joulinar
Posts: 2277
Joined: Sat Nov 16, 2019 12:49 am

Re: wireguard add users via script?

Post by Joulinar »

Hi,

as this is not really an issue, I'm going to move your topic into the General Discussion

I had a look to the script and it's not going to work with DietPi as it is now, because it's going to manipulate wg0.conf. Looks like the file will be generated each time a new user is created and it's missing the DietPi specific settings.

DietPi wg0.conf

Code: Select all

PreUp = /boot/dietpi/func/obtain_network_details
PostUp = sysctl net.ipv4.conf.%i.forwarding=1 net.ipv4.conf.$(mawk 'NR==3' /run/dietpi/.network).forwarding=1
PostUp = sysctl net.ipv6.conf.$(mawk 'NR==3' /run/dietpi/.network).accept_ra=2
PostUp = sysctl net.ipv6.conf.%i.forwarding=1 net.ipv6.conf.$(mawk 'NR==3' /run/dietpi/.network).forwarding=1
PostUp = iptables -A FORWARD -i %i -j ACCEPT; iptables -t nat -A POSTROUTING -o $(mawk 'NR==3' /run/dietpi/.network) -j MASQUERADE
PostUp = ip6tables -A FORWARD -i %i -j ACCEPT; ip6tables -t nat -A POSTROUTING -o $(mawk 'NR==3' /run/dietpi/.network) -j MASQUERADE
PostDown = iptables -D FORWARD -i %i -j ACCEPT; iptables -t nat -D POSTROUTING -o $(mawk 'NR==3' /run/dietpi/.network) -j MASQUERADE
PostDown = ip6tables -D FORWARD -i %i -j ACCEPT; ip6tables -t nat -D POSTROUTING -o $(mawk 'NR==3' /run/dietpi/.network) -j MASQUERADE
VS

User Management Script wg0.conf

Code: Select all

PostUp = iptables -A FORWARD -i %i -j ACCEPT; iptables -A FORWARD -o %i -j ACCEPT; iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
PostDown = iptables -D FORWARD -i %i -j ACCEPT; iptables -D FORWARD -o %i -j ACCEPT; iptables -t nat -D POSTROUTING -o eth0 -j MASQUERADE
Therefore some adjustments would be needed to fit into DietPi. Best to my knowledge @MichaIng already had some ideas to create a Gui around VPN but he is lacking time to get all this implemented. You know there are always other thinks to be done ;)
Pls let us know if a solution is working. This could help others if they hit by similar situation. Your DietPi Team
Post Reply