2021-01-25 15:37:53 -08:00
|
|
|
#!/bin/bash
|
|
|
|
#
|
2021-03-15 11:03:49 -07:00
|
|
|
# vpn-stack
|
2021-01-25 15:37:53 -08:00
|
|
|
# A set of bash scripts for installing and managing a WireGuard VPN server.
|
2021-03-15 11:03:49 -07:00
|
|
|
# https://git.stack-source.com/msb/vpn-stack
|
2022-07-14 12:32:41 -07:00
|
|
|
# Copyright (c) 2022 Matthew Saunders Brown <matthewsaundersbrown@gmail.com>
|
|
|
|
# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
|
2021-01-25 15:37:53 -08:00
|
|
|
#
|
|
|
|
# wg-peer-audit.sh
|
|
|
|
# check that peer config file exists for all currently active peers
|
|
|
|
# this is basis of a "cleanup" script to remove configs for invalid
|
|
|
|
# old or deleted clients
|
|
|
|
|
|
|
|
# require root
|
|
|
|
if [ "${EUID}" -ne 0 ]; then
|
|
|
|
echo "This script must be run as root"
|
|
|
|
exit 1
|
|
|
|
fi
|
|
|
|
|
|
|
|
# get all peers in running wireguard server
|
|
|
|
peers=($(wg|grep peer|cut -d ' ' -f 2))
|
|
|
|
|
|
|
|
# get number of peers found above
|
|
|
|
peersCount=${#peers[@]}
|
|
|
|
|
|
|
|
# if any peers found cycle through them
|
|
|
|
if [ $peersCount -gt 0 ]; then
|
|
|
|
|
|
|
|
for (( i=0; i<${peersCount}; i++ ));
|
|
|
|
do
|
|
|
|
grep -q ${peers[$i]} /etc/wireguard/peers/*.conf
|
|
|
|
match=$?
|
|
|
|
if [[ $match != 0 ]]; then
|
|
|
|
echo "did not find peer config for: ${peers[$i]}"
|
|
|
|
echo "consider removing peer now"
|
|
|
|
#wg set wg0 peer ${peers[$i]} remove
|
|
|
|
#wg-quick save wg0
|
|
|
|
fi
|
|
|
|
done
|
|
|
|
|
|
|
|
fi
|