wg-ops/tool_generate.py

169 lines
5.8 KiB
Python
Raw Normal View History

2021-07-13 13:59:59 +08:00
# -*- coding: utf-8 -*-
2021-07-16 11:56:50 +08:00
import os
2021-07-31 02:32:08 +08:00
import uuid
from tool_common import load_config, SimpleLogger
2021-07-13 13:59:59 +08:00
logger = SimpleLogger()
2021-07-31 02:32:08 +08:00
def write_tunnel_config(mode, listen_addr, remote_addr, password):
filename = "{}.conf".format(uuid.uuid4())
with open("local/tunnel/{}".format(filename), "w", encoding='utf-8') as f:
f.write('''
-{}
-l {}
-r {}
-k {}
--raw-mode faketcp
2021-08-15 17:07:03 +08:00
--fix-gro
2021-07-31 02:32:08 +08:00
-a
'''.format(mode, listen_addr, remote_addr, password))
return filename
2021-07-31 16:30:32 +08:00
tmux_path = os.getenv("TMUX_PATH")
config = load_config()
if not config:
logger.error("No valid config found.")
exit(1)
2021-07-13 13:59:59 +08:00
2021-07-16 15:19:56 +08:00
if "version" not in config or int(config["version"]) < 1:
logger.warn("[WARN] Legacy version of config found. This may cause issues.")
2021-07-16 15:19:56 +08:00
2021-07-13 15:16:10 +08:00
op_mode = config["mode"]
2021-07-13 13:59:59 +08:00
udp_clients = config["udp2raw"]["client"]
udp_servers = config["udp2raw"]["server"]
2021-08-04 21:11:43 +08:00
udp_demuxer = config["udp2raw"]["demuxer"]
2021-07-13 13:59:59 +08:00
2021-07-16 15:19:56 +08:00
2021-07-31 03:06:58 +08:00
logger.info("Generating WireGuard config...")
2021-07-17 19:51:29 +08:00
with open("local/{}.conf".format(config["interface"]), "w", encoding='utf-8') as f:
2021-07-13 13:59:59 +08:00
f.write('''[Interface]
Address = {}
PrivateKey = {}
ListenPort = {}
MTU = {}
'''.format(config["ip"], config["prikey"], config["listen"], config["mtu"]))
2021-07-31 02:32:08 +08:00
# Generate PostUp
2021-07-31 16:30:32 +08:00
f.write('''PostUp={} new-session -s tunnel -d 'watch -n 1 --color WG_COLOR_MODE=always wg'
2021-07-31 02:32:08 +08:00
PostUp=sysctl net.core.default_qdisc=fq
PostUp=sysctl net.ipv4.tcp_congestion_control=bbr
2021-07-31 16:30:32 +08:00
'''.format(tmux_path))
2021-07-31 02:32:08 +08:00
if op_mode in ("s", "m"):
f.write("PostUp=sysctl net.ipv4.ip_forward=1\n")
current_dir = os.getcwd()
path_tunnel = os.path.join(current_dir, "bin", "udp2raw_amd64")
path_speeder = os.path.join(current_dir, "bin", "speederv2_amd64")
2021-08-04 21:11:43 +08:00
path_demuxer = os.path.join(current_dir, "bin", "w2u")
2021-07-31 02:32:08 +08:00
2021-08-19 04:05:41 +08:00
cache_config = []
2021-07-31 02:32:08 +08:00
for info in udp_clients:
if info["speeder"]["enable"]:
# WG --> Speeder --> RawTunnel
speeder = info["speeder"]
2021-08-19 04:05:41 +08:00
cache_config.append("PostUp={} new-window -t tunnel -d '{} -c -l127.0.0.1:{} -r 127.0.0.1:{} -f{} --mode 0'".format(tmux_path, path_speeder, speeder["port"], info["port"], speeder["ratio"]))
2021-07-31 02:32:08 +08:00
filename = write_tunnel_config("c", "127.0.0.1:{}".format(info["port"]), info["remote"], info["password"])
filepath = os.path.join(current_dir, "local", "tunnel", filename)
2021-08-19 04:05:41 +08:00
cache_config.append("PostUp={} new-window -t tunnel -d '{} --conf-file {}'".format(tmux_path, path_tunnel, filepath))
2021-08-04 21:11:43 +08:00
for info in udp_demuxer:
2021-08-19 04:05:41 +08:00
cache_config.append("PostUp={} new-window -t tunnel -d '{} -f {} -l {} -t {} -s {}'".format(tmux_path, path_demuxer, config["listen"], info["port"], info["forward"], info["size"]))
2021-07-31 02:32:08 +08:00
for info in udp_servers:
if info["speeder"]["enable"]:
# RawTunnel --> Speeder --> WG
speeder = info["speeder"]
2021-08-19 04:05:41 +08:00
cache_config.append("PostUp={} new-window -t tunnel -d '{} -s -l127.0.0.1:{} -r 127.0.0.1:{} -f{} --mode 0'".format(tmux_path, path_speeder, speeder["port"], config["listen"], speeder["ratio"]))
2021-07-31 02:32:08 +08:00
filename = write_tunnel_config("s", "0.0.0.0:{}".format(info["port"]), "127.0.0.1:{}".format(speeder["port"]), info["password"])
filepath = os.path.join(current_dir, "local", "tunnel", filename)
2021-08-19 04:05:41 +08:00
cache_config.append("PostUp={} new-window -t tunnel -d '{} --conf-file {}'".format(tmux_path, path_tunnel, filepath))
2021-07-31 02:32:08 +08:00
else:
# RawTunnel --> WG
filename = write_tunnel_config("s", "0.0.0.0:{}".format(info["port"]), "127.0.0.1:{}".format(config["listen"]), info["password"])
filepath = os.path.join(current_dir, "local", "tunnel", filename)
2021-08-19 04:05:41 +08:00
cache_config.append("PostUp={} new-window -t tunnel -d '{} --conf-file {}'".format(tmux_path, path_tunnel, filepath))
# Remove last sleep
if cache_config:
for i in range(len(cache_config) - 1):
cache_config[i] = "{}; sleep 2".format(cache_config[i])
cache_config.append("")
f.write('\n'.join(cache_config))
2021-07-31 02:32:08 +08:00
# Generate PostDown
2021-07-31 16:30:32 +08:00
f.write("PostDown={} kill-session -t tunnel\n".format(tmux_path))
2021-07-31 02:32:08 +08:00
2021-07-13 13:59:59 +08:00
for info in config["peers"]:
2021-07-31 02:32:08 +08:00
f.write('''
[Peer]
2021-07-13 13:59:59 +08:00
PublicKey = {}
AllowedIPs = {}
'''.format(info["pubkey"], info["allowed"]))
if info["endpoint"]:
2021-07-16 15:19:56 +08:00
udp_info = udp_clients[int(info["endpoint"]) - 1]
if udp_info["speeder"]["enable"]:
# WG --> Speeder
f.write("Endpoint = 127.0.0.1:{}\n".format(udp_info["speeder"]["port"]))
else:
# WG --> Tunnel
f.write("Endpoint = 127.0.0.1:{}\n".format(udp_info["port"]))
2021-07-13 13:59:59 +08:00
if info["keepalive"]:
2021-07-16 16:23:04 +08:00
f.write("PersistentKeepalive = {}\n".format(info["keepalive"]))
2021-07-13 13:59:59 +08:00
os.system("chmod 600 local/{}.conf".format(config["interface"]))
2021-07-13 14:06:48 +08:00
logger.info("Generating start script...")
2021-07-13 13:59:59 +08:00
with open("start.sh", "w", encoding='utf-8') as f:
f.write('''#!/bin/bash
2021-07-13 14:06:48 +08:00
set -e
2021-07-13 14:03:49 +08:00
2021-07-31 02:51:31 +08:00
sudo cp local/{}.conf /etc/wireguard/
sudo wg-quick up {}
sudo tmux attach-session -t tunnel
2021-07-31 02:32:08 +08:00
'''.format(config["interface"], config["interface"]))
2021-07-13 15:16:10 +08:00
2021-07-17 19:51:29 +08:00
logger.info("Generating stop script...")
2021-07-17 19:51:29 +08:00
with open("stop.sh", "w", encoding='utf-8') as f:
f.write('''#!/bin/bash
set -x
2021-07-31 02:51:31 +08:00
sudo wg-quick down {}
2021-07-17 19:51:29 +08:00
'''.format(config["interface"]))
logger.info("Generating restart script...")
with open("restart.sh", "w", encoding='utf-8') as f:
f.write('''#!/bin/bash
set -x
./stop.sh
./start.sh
''')
2021-07-31 16:30:32 +08:00
logger.info("Generate reload script...")
with open("reload.sh", "w", encoding='utf-8') as f:
f.write('''#!/bin/bash
set -x
sudo cp local/{}.conf /etc/wireguard/
2021-08-19 04:05:41 +08:00
sudo -- bash -c "wg syncconf {} <(wg-quick strip {})"
2021-07-31 16:30:32 +08:00
'''.format(config["interface"], config["interface"], config["interface"]))
for info in config["peers"]:
f.write("sudo ip -4 route add {} dev {}\n".format(info["allowed"]), config["interface"])
2021-07-17 19:51:29 +08:00
logger.info('''[Done] Config generated. Before you run start.sh, besure to:
2021-07-16 11:56:50 +08:00
1. Disable SSH Server password login.
2. Enable UFW (or any other firewall)
Safety First.
''')