def initialize_directory_structure(wg_base_path, wg_client_base_path): """ Checks for required directories and attempts to create them if they are missing :return: True or False depending on if the creation of the directories was successful """ # check and create base config dir if not os.path.isdir(wg_base_path): print("WGGEN: WireGuard config directory is missing, creating: {}". format(wg_base_path)) try: os.makedirs(wg_base_path, exist_ok=True) except OSError: print("Failed to create WireGuard config directory: {}".format( wg_base_path)) # check and create client config dir if not os.path.isdir(wg_client_base_path): print( "WGGEN: WireGuard config client directory is missing, creating: {}" .format(wg_client_base_path)) try: os.makedirs(wg_client_base_path, exist_ok=True) except OSError: print("Failed to create WireGuard client config directory: {}". format(wg_client_base_path)) # check if we were able to create the config directories if os.path.isdir(wg_base_path) and os.path.isdir(wg_client_base_path): return True else: Logger.fatal("Could not create directory structure")
def get_client_list(args): target_clients = [] clients = [] ldap_clients = [] # get ldap clients if args.enable_ldap: ldap = LDAPTools(args) ldap_clients = ldap.get_ldap_clients() if not args.list and not ldap_clients: Logger.fatal( "Nothing to do, ldap disabled and no clients passed with -p") if args.list: for c in args.list: if c not in ldap_clients: target_clients.append(c) if ldap_clients: for c in ldap_clients: target_clients.append(c) # create counter for clients for client in target_clients: if client == "SERVER": Logger.error(f"Cannot create client {client}: Invalid Name") else: for i in range(0, args.count): clients.append(f"{client}-{i}") return clients
def get_ldap_clients(self): self.conn.search(self.base_dn, self.ldap_filter, attributes=['*']) name_list = [] for entry in self.conn.entries: name_list.append(entry[self.user_attr]) Logger.info(f"Fetched {len(name_list)} clients from ldap") return name_list
def __init__(self, args): self.server = Server(args.ldap_server, get_info=ALL) self.conn = Connection(self.server, args.bind_dn, args.bind_pw, auto_bind=True) self.ldap_filter = args.filter self.base_dn = args.base_dn self.user_attr = args.user_attr Logger.info( f"Trying to connect to ldap server {args.ldap_server} with {args.bind_dn} and password: {args.bind_pw}" )
def start(wg_base_path, wg_client_base_path): if not Setup.initialize_directory_structure(wg_base_path, wg_client_base_path): Logger.fatal("Failed to generate base directory structure") if not ServerTools.generate_server_keypair(wg_base_path): Logger.fatal("Failed to generate server keypair")
def main(): """ Main entrypoint of the program """ # get args passed by the command line args = Tools.init_args() # check for required binaries and root privileges and run server keypair generation and dir structure check Setup.check_prerequisits() Setup.start(WG_BASE_PATH, WG_CLIENT_BASE_PATH) # get final list of clients (ldap and local), server keypair and base vpn, and negotiate a vpn_subnet clients = ClientTools.get_client_list(args) server_pubkey, server_privkey = ServerTools.read_server_keys(WG_BASE_PATH) base, ip = Tools.get_base_ip(lastip_file) vpn_subnet = Tools.get_vpn_subnet(subnet_file) # build clients n_clients = len(clients) if n_clients > 65531: # we cannot manage more than this amount of clients, don't even try Logger.fatal( "You are trying to create more than 65531 peers. This exceeds the /16 VPN-Subnet and is " "not supported by WGGEN.") Logger.info(f"Will be creating {n_clients} peers") actual_clients = [] for i, client in enumerate(clients): # determine client path client_path = f"{WG_CLIENT_BASE_PATH}/{client}" try: os.makedirs(client_path) except OSError: pass # determine client vpn ip ip += 1 if ip > 254: base += 1 if base > 255: Logger.fatal( f"Ran out of VPN-Subnet Addresses at client {i} of {n_clients}" ) ip = 1 client_vpn_ip = f"{vpn_subnet}.{base}.{ip}" # generate client generated_client = Client(client_path, client, args.endpoint, args.dns, server_pubkey, args.access, client_vpn_ip) actual_clients.append(generated_client) if not generated_client.state: Logger.warn(f"Failed to create client: {client}") print(f"Creating clients: {int((i/(n_clients-1))*100)}%", end="\r") # save last ip on last client with open(lastip_file, 'w') as f: f.write(f"{base}.{ip}") print(f"\nCreated {n_clients} clients") # write client config files and server config file ClientTools.write_config_files(actual_clients) ServerTools.write_server_config(actual_clients, args, vpn_subnet, WG_BASE_PATH)