Open ragman1976 opened 11 months ago
I wrote converter from *.conf
files to wireguard-ui db/*.json
files, which Wireguard UI detects and using for work. But it not working. I suppose that all pivate keys from users should be loaded in wg
directly, because wg-quick
use info from something else, not only main /etc/wireguard/wg0.conf
. Need to investigate futher...
Usage:
wg0.conf
and all clients *.conf
files - all in one folder.db
folder with files).jq
and wg
toolsconverter
in backup conf folderdb
folder and change owner (chown -R
) for the files.#!/bin/bash
#Require bash, jq, wireguard-tools
wg_conf_file="wg0.conf"
([ -x "$(command -v jq)" ] && [ -x "$(command -v wg)" ]) || { echo "Please install jq and wireguard-tools"; exit 1; }
[ -f $wg_conf_file ] || { echo "$wg_conf_file not found!"; exit 1; }
#Making folders
mkdir -p db/{clients,server}
updated_at=$(date --utc +%FT%T.%NZ)
interfaces(){
addresses="$(grep -Po '(?<=^Address = )(\S+)' $wg_conf_file | sed 's/,/\",\"/g')"
listen_port="$(grep -Po '(?<=^ListenPort = )(\S+)' $wg_conf_file)"
post_up="$(grep -Po '(?<=^PostUp = )(.*)' $wg_conf_file)"
post_down="$(grep -Po '(?<=^PostDown = )(.*)' $wg_conf_file)"
file_format='{"addresses": ["%s"], "listen_port": "%s", "updated_at": "%s", "post_up": "%s", "post_down": "%s"}'
printf "$file_format" "$addresses" "$listen_port" "$updated_at" "$post_up" "$post_down"
}
keypair(){
private_key="$(grep -Po '(?<=^PrivateKey = )(\S+)' $wg_conf_file)"
public_key="$(echo $private_key | wg pubkey)"
file_format='{"private_key": "%s", "public_key": "%s", "updated_at": "%s"}'
printf "$file_format" "$private_key" "$public_key" "$updated_at"
}
client(){
clid="$1"
private_key="$2"
public_key="$3"
preshared_key="$4"
name="$1"
email=""
allocated_ips="$(echo $5 | sed 's/,/\",\"/g')"
allowed_ips="0.0.0.0/0\",\"::/0"
extra_allowed_ips=''
use_server_dns="true"
enabled="true"
created_at=$updated_at
updated_at=$updated_at
file_format='{"id": "%s", "private_key": "%s", "public_key": "%s", "preshared_key": "%s", "name": "%s", "email": "%s", "allocated_ips": ["%s"], "allowed_ips": ["%s"], "extra_allowed_ips": [], "use_server_dns": %s, "enabled": %s, "created_at": "%s", "updated_at": "%s"}'
printf "$file_format" "$clid" "$private_key" "$public_key" "$preshared_key" "$name" "$email" "$allocated_ips" "$allowed_ips" "$use_server_dns" "$enabled" "$created_at" "$updated_at"
}
interfaces | jq > "db/server/interfaces.json"
keypair | jq > "db/server/keypair.json"
#Converting clients conf files, if any
for conf in $(/usr/bin/ls -1 *.conf | grep -v $wg_conf_file)
do
clid="cl"$(tr -dc 'a-z0-9' < /dev/urandom | dd bs=1 count=18 2>/dev/null && echo)
private_key="$(cat $conf | grep -Po '(?<=PrivateKey = )(\S+)')"
public_key="$(cat $conf | grep -Po '(?<=PublicKey = )(\S+)')"
preshared_key="$(cat $conf | grep -Po '(?<=PresharedKey = )(\S+)')"
allowed_ips="$(cat $conf | grep -Po '(?<=Address = )(\S+)')"
client "$clid" "$private_key" "$public_key" "$preshared_key" "$allowed_ips" | jq > "db/clients/$clid.json"
done
@nebulosa2007, following these directions I don’t see it creating a json file for my three users. I’m confused at the last section for conf in /usr/bin/ls … it doesn’t look like it’s doing anything. Can you provide some guidance?
As I wrote above:
For example: Backup_for_convert └─ wg0.conf └─ client1.conf └─ client2.conf └─ client3.conf └─ converter.sh
This generates files as I would expect, and the contents look good, however it seems that the server is not able to parse the client configs that are generated. When I log into the UI I do see tiles for all of the clients...but if I try to edit any of the "imported" clients, I get a red "please provide a valid Client ID" toast, and the edit modal contains blank values for all of the parameters.
I also compared a Client ID generated by this script vs one generated fresh using the New Client button in the UI, and they seem to follow the same pattern - random 20 characters. The only difference I see is that the imported client IDs start with cl
and the UI-generated ones start with cq
...but I even tried manually switching that in the .json of imported clients to no avail.
@chaoticdude I've also got this problem. Looks like it is due to PublicKey duplication, because in conf file there is server's public key and not a key of a peer.
yep, looks like it works now:
mkdir ~/wg-ui-import
find ~/wireguard-conf-backup/ -name 'peer*.conf' -exec cp "{}" ~/wg-ui-import/ \;
find ~/wireguard-conf-backup/ -name 'publickey-peer*' -exec cp "{}" ~/wg-ui-import/ \;
<YOUR_ENDPOINT_HERE>
in script to your actual endpointchmod +x converter.sh
./converter.sh
Strange, only some of them opens, other one gives me the red "please provide a valid Client ID" toast. Probably id is not random, because in code dev is trying to parse it Looks like this is the library: github.com/rs/xid
xid is compatible with mongodb object id, so I've found a way to generate such id in bash
Now it works as expected, every config can be downloaded.
#!/bin/bash
#Require bash, jq, wireguard-tools
wg_conf_file="wg0.conf"
([ -x "$(command -v jq)" ] && [ -x "$(command -v wg)" ]) || { echo "Please install jq and wireguard-tools"; exit 1; }
[ -f $wg_conf_file ] || { echo "$wg_conf_file not found!"; exit 1; }
#Making folders
mkdir -p db/{clients,server}
updated_at=$(date --utc +%FT%T.%NZ)
interfaces(){
addresses="$(grep -Po '(?<=^Address = )(\S+)' $wg_conf_file | sed 's/,/\",\"/g')"
listen_port="$(grep -Po '(?<=^ListenPort = )(\S+)' $wg_conf_file)"
post_up="$(grep -Po '(?<=^PostUp = )(.*)' $wg_conf_file)"
post_down="$(grep -Po '(?<=^PostDown = )(.*)' $wg_conf_file)"
file_format='{"addresses": ["%s"], "listen_port": "%s", "updated_at": "%s", "post_up": "%s", "post_down": "%s"}'
printf "$file_format" "$addresses" "$listen_port" "$updated_at" "$post_up" "$post_down"
}
keypair(){
private_key="$(grep -Po '(?<=^PrivateKey = )(\S+)' $wg_conf_file)"
public_key="$(echo $private_key | wg pubkey)"
file_format='{"private_key": "%s", "public_key": "%s", "updated_at": "%s"}'
printf "$file_format" "$private_key" "$public_key" "$updated_at"
}
client(){
clid="$1"
private_key="$2"
public_key="$3"
preshared_key="$4"
name="$7"
email=""
allocated_ips="$(echo $5 | sed 's/,/\",\"/g')/32"
allowed_ips="0.0.0.0/0"
extra_allowed_ips=''
use_server_dns="true"
enabled="true"
created_at=$updated_at
updated_at=$updated_at
file_format='{"id": "%s", "private_key": "%s", "public_key": "%s", "preshared_key": "%s", "name": "%s", "email": "%s", "allocated_ips": ["%s"], "allowed_ips": ["%s"], "extra_allowed_ips": [], "use_server_dns": %s, "enabled": %s, "created_at": "%s", "updated_at": "%s", "telegram_userid": "", "additional_notes": "", "endpoint": "<YOUR_ENDPOINT_HERE>"}'
printf "$file_format" "$clid" "$private_key" "$public_key" "$preshared_key" "$name" "$email" "$allocated_ips" "$allowed_ips" "$use_server_dns" "$enabled" "$created_at" "$updated_at"
}
interfaces | jq --stream-errors '.' > "db/server/interfaces.json"
keypair | jq --stream-errors '.' > "db/server/keypair.json"
#Converting clients conf files, if any
for conf in $(/bin/ls -1 *.conf | grep -v $wg_conf_file)
do
random_sec=$(tr -dc '0-9' < /dev/urandom | dd bs=1 count=6 2>/dev/null && echo)
date=$(date --date="${random_sec} seconds ago" +%s)
# clid="cq"$(tr -dc '0-9' < /dev/urandom | dd bs=1 count=18 2>/dev/null && echo)
clid="$(printf "%x" ${date})000000000000"
conf_wo_ext="$(echo $conf | cut -d'.' -f1)"
private_key="$(cat $conf | grep -Po '(?<=PrivateKey = )(\S+)')"
public_key="$(cat publickey-$conf_wo_ext)"
preshared_key="$(cat $conf | grep -Po '(?<=PresharedKey = )(\S+)')"
allowed_ips="$(cat $conf | grep -Po '(?<=Address = )(\S+)')"
client "$clid" "$private_key" "$public_key" "$preshared_key" "$allowed_ips" "$username" "$conf_wo_ext" | jq --stream-errors '.' > "db/clients/$clid.json"
done
Hi,
I want to migrate my wireguard server. For the new wireguard server I use this docker image, but I`m not able to "import" my existing wg0.conf Is there a way to do that?
Greets