#!/bin/bash
basewgfolder="/etc/wireguard"

if [ $UID -ne 0 ]; then
	echo "Keine Rootrechte"
	exit 1
fi
umask 0077
mkdir -p "${basewgfolder}/wg0"
cd "${basewgfolder}/wg0"


if [[ -f "${basewgfolder}/wg0/privkey" ]]; then
	read -p "Address: " ADDRESS
	read -p "PublicKey: " PUBKEY_SERVER
	read -p "Endpoint: " ENDPOINT
	read -p "Port: " PORT
	{ echo "[Interface]";
	echo "Address = ${ADDRESS}";
	echo "PostUp = wg set %i private-key /etc/wireguard/wg0/wg0.key <(cat /etc/wireguard/wg0/privkey)";
	echo "[Peer]";
	echo "PublicKey = ${PUBKEY_SERVER}";
	echo "Endpoint = ${ENDPOINT}:${PORT}";
	echo "AllowedIPs = fd23::23:0:0/96";
	echo "PresharedKey = $(cat psk)";
	echo "PersistentKeepalive = 25"; } > "${basewgfolder}/wg0.conf"
else
	test -f privkey || wg genkey > privkey
	test -f pubkey || wg pubkey < privkey > pubkey
	test -f psk || wg genpsk > psk
	echo "Frage O nach den den folgenden Daten und wenn du sie hast, starte das hier nochmal"
	echo "Address"
	echo "PublicKey"
	echo "Endpoint"
	echo "Port"
	echo ""
	echo "Schicke ihm verschlüsselt (Jabber oder Email) folgende Daten:"
	echo "PublicKey = $(cat pubkey)"
	echo "PresharedKey = $(cat psk)"
	echo "Hostname = ${HOSTNAME}"
fi