def initialize_directory_structure(wg_base_path, wg_client_base_path):
"""
Checks for required directories and attempts to create them if they are missing
:return: True or False depending on if the creation of the directories was successful
"""
# check and create base config dir
if not os.path.isdir(wg_base_path):
print("WGGEN: WireGuard config directory is missing, creating: {}".
format(wg_base_path))
try:
os.makedirs(wg_base_path, exist_ok=True)
except OSError:
print("Failed to create WireGuard config directory: {}".format(
wg_base_path))
# check and create client config dir
if not os.path.isdir(wg_client_base_path):
print(
"WGGEN: WireGuard config client directory is missing, creating: {}"
.format(wg_client_base_path))
try:
os.makedirs(wg_client_base_path, exist_ok=True)
except OSError:
print("Failed to create WireGuard client config directory: {}".
format(wg_client_base_path))
# check if we were able to create the config directories
if os.path.isdir(wg_base_path) and os.path.isdir(wg_client_base_path):
return True
else:
Logger.fatal("Could not create directory structure")
def get_client_list(args):
target_clients = []
clients = []
ldap_clients = []
# get ldap clients
if args.enable_ldap:
ldap = LDAPTools(args)
ldap_clients = ldap.get_ldap_clients()
if not args.list and not ldap_clients:
Logger.fatal(
"Nothing to do, ldap disabled and no clients passed with -p")
if args.list:
for c in args.list:
if c not in ldap_clients:
target_clients.append(c)
if ldap_clients:
for c in ldap_clients:
target_clients.append(c)
# create counter for clients
for client in target_clients:
if client == "SERVER":
Logger.error(f"Cannot create client {client}: Invalid Name")
else:
for i in range(0, args.count):
clients.append(f"{client}-{i}")
return clients
def get_ldap_clients(self):
self.conn.search(self.base_dn, self.ldap_filter, attributes=['*'])
name_list = []
for entry in self.conn.entries:
name_list.append(entry[self.user_attr])
Logger.info(f"Fetched {len(name_list)} clients from ldap")
return name_list
def __init__(self, args):
self.server = Server(args.ldap_server, get_info=ALL)
self.conn = Connection(self.server,
args.bind_dn,
args.bind_pw,
auto_bind=True)
self.ldap_filter = args.filter
self.base_dn = args.base_dn
self.user_attr = args.user_attr
Logger.info(
f"Trying to connect to ldap server {args.ldap_server} with {args.bind_dn} and password: {args.bind_pw}"
)
def start(wg_base_path, wg_client_base_path):
if not Setup.initialize_directory_structure(wg_base_path,
wg_client_base_path):
Logger.fatal("Failed to generate base directory structure")
if not ServerTools.generate_server_keypair(wg_base_path):
Logger.fatal("Failed to generate server keypair")
def main():
"""
Main entrypoint of the program
"""
# get args passed by the command line
args = Tools.init_args()
# check for required binaries and root privileges and run server keypair generation and dir structure check
Setup.check_prerequisits()
Setup.start(WG_BASE_PATH, WG_CLIENT_BASE_PATH)
# get final list of clients (ldap and local), server keypair and base vpn, and negotiate a vpn_subnet
clients = ClientTools.get_client_list(args)
server_pubkey, server_privkey = ServerTools.read_server_keys(WG_BASE_PATH)
base, ip = Tools.get_base_ip(lastip_file)
vpn_subnet = Tools.get_vpn_subnet(subnet_file)
# build clients
n_clients = len(clients)
if n_clients > 65531: # we cannot manage more than this amount of clients, don't even try
Logger.fatal(
"You are trying to create more than 65531 peers. This exceeds the /16 VPN-Subnet and is "
"not supported by WGGEN.")
Logger.info(f"Will be creating {n_clients} peers")
actual_clients = []
for i, client in enumerate(clients):
# determine client path
client_path = f"{WG_CLIENT_BASE_PATH}/{client}"
try:
os.makedirs(client_path)
except OSError:
pass
# determine client vpn ip
ip += 1
if ip > 254:
base += 1
if base > 255:
Logger.fatal(
f"Ran out of VPN-Subnet Addresses at client {i} of {n_clients}"
)
ip = 1
client_vpn_ip = f"{vpn_subnet}.{base}.{ip}"
# generate client
generated_client = Client(client_path, client, args.endpoint, args.dns,
server_pubkey, args.access, client_vpn_ip)
actual_clients.append(generated_client)
if not generated_client.state:
Logger.warn(f"Failed to create client: {client}")
print(f"Creating clients: {int((i/(n_clients-1))*100)}%", end="\r")
# save last ip on last client
with open(lastip_file, 'w') as f:
f.write(f"{base}.{ip}")
print(f"\nCreated {n_clients} clients")
# write client config files and server config file
ClientTools.write_config_files(actual_clients)
ServerTools.write_server_config(actual_clients, args, vpn_subnet,
WG_BASE_PATH)