#!/bin/bash

clientdir=/etc/wireguard/clients
endpoint="vpn.example.net:5999"

echo "Name of new peer?"
read peername

echo "IP of new peer? (without CIDR)"
read peerip

if [ -f $clientdir/$peername.conf ]; then
    echo "peer $peername already exists. Exiting..."
    exit 1
fi

# generating the clients private key
client_privatekey=$(wg genkey)
echo "$client_privatekey" > $clientdir/$peername-private.key

# generating the clients public key from the private key
client_publickey=$(echo "$client_privatekey" | wg pubkey)
echo "$client_publickey" > $clientdir/$peername-public.key

# getting the PSK
psk=$(cat /etc/wireguard/psk.key)

# getting server public key
server_publickey=$(cat /etc/wireguard/server_public.key)

echo ""
echo ""
echo "########################################################"
echo "########## config for /etc/wireguard/wg0.conf ##########"

cat << EOF
# $peername
[Peer]
PublicKey = $client_publickey
PresharedKey = $psk
AllowedIPs = $peerip/32
EOF

echo ""
echo ""
echo "########################################################"
echo "################## Client-Config #######################"
cat | tee $clientdir/$peername.conf << EOF
[Interface]
PrivateKey = $client_privatekey
Address = $peerip/32
DNS = 192.168.21.2, 192.168.21.3

[Peer]
PublicKey = $server_publickey
PresharedKey = $psk
AllowedIPs = 0.0.0.0/0
Endpoint = $endpoint
PersistentKeepalive = 25
EOF