ebc32cae86
Installer now expects Debian 12 and requires base-stack repo installed first New systemd files New wg-client-zip-email.sh script Moved bash scripts into sbin dir Install & configure firewalld instead of ufw wg.sh now has configurable options - DNS nameserver settings - endpoint (FQDN or IP) - AllowedIPs (defaults to 0.0.0.0/0) Change the client network from 10.96.0.0/12 (1,048,574 max clients / IPs) to 10.96.0.0/16 (65,025 max clients / IPs)
39 lines
1.1 KiB
Bash
Executable File
39 lines
1.1 KiB
Bash
Executable File
#!/bin/bash
|
|
#
|
|
# vpn-stack
|
|
# A set of bash scripts for installing and managing a WireGuard VPN server.
|
|
# https://git.stack-source.com/msb/vpn-stack
|
|
# Copyright (c) 2022 Matthew Saunders Brown <matthewsaundersbrown@gmail.com>
|
|
# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
|
|
#
|
|
# wg-peer-audit.sh
|
|
# check that peer config file exists for all currently active peers
|
|
# this is basis of a "cleanup" script to remove configs for invalid
|
|
# old or deleted clients
|
|
|
|
# load include file
|
|
source $(dirname $0)/wg.sh
|
|
|
|
# get all peers in running wireguard server
|
|
peers=($(wg|grep peer|cut -d ' ' -f 2))
|
|
|
|
# get number of peers found above
|
|
peersCount=${#peers[@]}
|
|
|
|
# if any peers found cycle through them
|
|
if [ $peersCount -gt 0 ]; then
|
|
|
|
for (( i=0; i<${peersCount}; i++ ));
|
|
do
|
|
grep -q ${peers[$i]} /etc/wireguard/peers/*.conf
|
|
match=$?
|
|
if [[ $match != 0 ]]; then
|
|
echo "did not find peer config for: ${peers[$i]}"
|
|
echo "consider removing peer now"
|
|
#wg set wg0 peer ${peers[$i]} remove
|
|
#wg-quick save wg0
|
|
fi
|
|
done
|
|
|
|
fi
|