#!/bin/bash

INTERFACE=$1
NAME=$2
ADDRESS=$3
MASK=$4
SERVERADDRESS=$5
SERVERPORT=$6
NETWORKS=$7
APPLY=$8

function help {
	echo "Usage: $0 <interface> <connection name> <address> <mask> <serveraddress> <serverport> <allowed networks> [ <apply changes> ]"
	echo "Example: $0 tun0 asmith 10.0.0.3 24 1.2.3.4 51820 192.168.2.0/24,192.168.3.0/24"
	echo "Example: $0 tun0 jdoe 10.0.0.4 24 1.2.3.4 51820 192.168.2.0/24,192.168.3.0/24 dontapply"
	exit 1
}

if [ -z "$7" ] || [ -n "$9" ]
then
	help
fi

PRIVKEY=$(wg genkey)
PUBKEY=$(echo ${PRIVKEY} | wg pubkey)

SERVERPRIVKEY=$(cat /etc/wireguard/${INTERFACE}.conf | grep "PrivateKey" | awk '{print $3}')
SERVERPUBKEY=$(echo "${SERVERPRIVKEY}" | wg pubkey)

if ! [ "${APPLY}" == "dontapply" ]
then
	wg-quick down ${INTERFACE}
fi

# Server Configuration
echo -e "" >> /etc/wireguard/${INTERFACE}.conf
echo "# ${NAME}" >> /etc/wireguard/${INTERFACE}.conf
echo "[Peer]" >> /etc/wireguard/${INTERFACE}.conf
echo "PublicKey = ${PUBKEY}" >> /etc/wireguard/${INTERFACE}.conf
echo "AllowedIPs = ${ADDRESS}/32" >> /etc/wireguard/${INTERFACE}.conf
echo "PersistentKeepalive = 10" >> /etc/wireguard/${INTERFACE}.conf

# Client configuration
mkdir -p /etc/wireguard/clients
cat > /etc/wireguard/clients/${NAME}.conf <<EOF
[Interface]
Address = ${ADDRESS}/${MASK}
PrivateKey = ${PRIVKEY}

[Peer]
PublicKey = ${SERVERPUBKEY}
AllowedIPs = ${NETWORKS}
Endpoint = ${SERVERADDRESS}:${SERVERPORT}
PersistentKeepalive = 10
EOF

if ! [ "${APPLY}" == "dontapply" ]
then
	wg-quick up ${INTERFACE}
fi
