git init

.gitignore

@@ -0,0 +1,6 @@
+serv-conf/*
+cli-confs/*
+config.ini
+profiles
+hosts
+tmp.sh

README.md

@@ -0,0 +1,48 @@
+# ZeNET
+
+A set of scripts to quickly build a Wireguard network for games like Touhou Hisoutensoku.
+
+## How to Use
+
+Clone this repo.
+
+    git clone https://github.com/mistivia/zenet.git
+
+Create config file and edit it:
+
+    cp config_example.ini config.ini
+    nano config.ini
+
+Create some new users:
+
+    ./new-user.sh alice
+    ./new-user.sh bob
+
+Deploy it:
+
+    ./deploy.sh
+
+Enable IP packet forwarding on server:
+
+    ssh user@www.yourserver.com
+
+Edit `/etc/sysctl.conf`:
+
+    sudo nano /etc/sysctl.conf
+
+Add this line:
+    
+    net.ipv4.ip_forward = 1
+
+Apply settings:
+
+    sudo bash -c 'echo 1 > /proc/sys/net/ipv4/ip_forward'
+    sudo sysctl -p
+
+To add new users, create user and rerun `deploy.sh`.
+    
+    ./new-user.sh carol
+    ./deploy.sh
+
+Now you can distribute Wireguard profiles in `./cli-confs` to your friends.
+

config_example.ini

@@ -0,0 +1,8 @@
+server = www.yourserver.com
+server-port = 12345
+ssh-target = user@www.yourserver.com
+server-pubkey = $(shell cat privkey | wg pubkey)
+server-privkey = $(shell wg genkey)
+network-prefix = 192.168.88.
+server-interface = wg0
+

deploy.sh

@@ -0,0 +1,6 @@
+#!/bin/bash
+
+scripts/gendeploy.py > tmp.sh && \
+bash tmp.sh
+rm tmp.sh
+

new-user.sh

@@ -0,0 +1,7 @@
+#!/bin/bash
+
+wg genkey > tmpsk
+cat tmpsk | wg pubkey > tmppk
+echo "$1 $(cat tmppk) $(cat tmpsk)" >> profiles
+rm tmpsk
+rm tmppk

scripts/gencliconf.py

@@ -0,0 +1,56 @@
+#!/usr/bin/env python3
+
+import os
+
+def readIniConf():
+    conf = dict()
+    with open('config.ini') as fp:
+        for line in fp:
+            if len(line.strip()) == 0: continue
+            s = line.split('=', 1)
+            key = s[0].strip()
+            value = s[1].strip()
+            conf[key] = value
+    return conf
+
+iniConf = readIniConf()
+
+server = iniConf['server']
+port = iniConf['server-port']
+sshTarget = iniConf['ssh-target']
+serverPk = iniConf['server-pubkey']
+serverSk = iniConf['server-privkey']
+network = iniConf['network-prefix']
+interface = iniConf['server-interface']
+
+def parseProfiles():
+    names = list()
+    pks = list()
+    sks = list()
+    with open("profiles") as fp:
+        for line in fp:
+            fields = line.strip().split(" ")
+            names.append(fields[0])
+            pks.append(fields[1])
+            sks.append(fields[2])
+    return names, pks, sks
+
+def cliConf(sk, i):
+    config = "[Interface]\n"
+    config = config + 'PrivateKey = ' + sk + '\n'
+    config = config + 'Address = ' + network + str(i+10) + '/32\n\n'
+    config = config + '[Peer]\n' + \
+        'PublicKey = ' + serverPk + '\n' + \
+        'AllowedIPs = ' + network + '0/24' + '\n' + \
+        'Endpoint = ' + server + ':' + port + '\n' + \
+        'PersistentKeepalive = 20\n'
+    return config
+
+
+names, pks, sks = parseProfiles()
+
+for i in range(len(names)):
+    os.system("mkdir -p " + './cli-confs/' + names[i])
+    with open("./cli-confs/" + names[i] + '/wg123.conf', "w") as fp:
+        fp.write(cliConf(sks[i], i))
+

scripts/gendeploy.py

@@ -0,0 +1,24 @@
+#!/usr/bin/env python3
+
+def readIniConf():
+    conf = dict()
+    with open('config.ini') as fp:
+        for line in fp:
+            if len(line.strip()) == 0: continue
+            s = line.split('=', 1)
+            key = s[0].strip()
+            value = s[1].strip()
+            conf[key] = value
+    return conf
+
+iniConf = readIniConf()
+
+src = """./scripts/genservconf.py
+./scripts/gencliconf.py
+scp ./serv-conf/""" + iniConf['server-interface'] + '.conf ' + \
+iniConf['ssh-target'] + ':./' + '\n' + \
+'ssh -t ' + iniConf['ssh-target'] + ' \'sudo wg-quick down ' + iniConf['server-interface'] + '\'' + '\n' \
+'ssh -t ' + iniConf['ssh-target'] + ' \'sudo mv ' + iniConf['server-interface'] + '.conf /etc/wireguard/\'' + '\n' \
+'ssh -t ' + iniConf['ssh-target'] + ' \'sudo wg-quick up ' + iniConf['server-interface'] + '\'' + '\n'
+
+print(src)

scripts/genservconf.py

@@ -0,0 +1,65 @@
+#!/usr/bin/env python3
+
+import os
+
+os.system("mkdir -p ./serv-conf/")
+
+def readIniConf():
+    conf = dict()
+    with open('config.ini') as fp:
+        for line in fp:
+            if len(line.strip()) == 0: continue
+            s = line.split('=', 1)
+            key = s[0].strip()
+            value = s[1].strip()
+            conf[key] = value
+    return conf
+
+iniConf = readIniConf()
+
+server = iniConf['server']
+port = iniConf['server-port']
+sshTarget = iniConf['ssh-target']
+serverPk = iniConf['server-pubkey']
+serverSk = iniConf['server-privkey']
+network = iniConf['network-prefix']
+interface = iniConf['server-interface']
+
+
+
+
+def parseProfiles():
+    names = list()
+    pks = list()
+    sks = list()
+    with open("profiles") as fp:
+        for line in fp:
+            fields = line.strip().split(" ")
+            names.append(fields[0])
+            pks.append(fields[1])
+            sks.append(fields[2])
+    return names, pks, sks
+
+names, pks, sks = parseProfiles()
+
+config = '[Interface]\n' + \
+    'Address = ' + network + '1/24' + '\n' + \
+    'SaveConfig = true\n' + \
+    'ListenPort = ' + port + '\n' + \
+    'PrivateKey = ' + serverSk + '\n\n'
+
+for i in range(len(names)):
+    config = config + '#' + names[i] + '\n'
+    config = config + '[Peer]' + '\n'
+    config = config + 'PublicKey = ' + pks[i] + '\n'
+    config = config + 'AllowedIPs = ' + network + str(i+10) + '\n\n' 
+
+with open('serv-conf/' + interface + '.conf', "w") as fp:
+    fp.write(config)
+
+hosts = ""
+for i in range(len(names)):
+    hosts = hosts + network + str(i+10) + ' ' + names[i] + '\n'
+with open("hosts", "w") as fp:
+    fp.write(hosts)
+