summaryrefslogtreecommitdiff
path: root/src/op_mode/wireguard_key.py
diff options
context:
space:
mode:
Diffstat (limited to 'src/op_mode/wireguard_key.py')
-rwxr-xr-xsrc/op_mode/wireguard_key.py123
1 files changed, 0 insertions, 123 deletions
diff --git a/src/op_mode/wireguard_key.py b/src/op_mode/wireguard_key.py
deleted file mode 100755
index c7208843d..000000000
--- a/src/op_mode/wireguard_key.py
+++ /dev/null
@@ -1,123 +0,0 @@
-#!/usr/bin/env python3
-#
-# Copyright (C) 2018 VyOS maintainers and contributors
-#
-# This program is free software; you can redistribute it and/or modify
-# it under the terms of the GNU General Public License version 2 or later as
-# published by the Free Software Foundation.
-#
-# This program is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-# GNU General Public License for more details.
-#
-# You should have received a copy of the GNU General Public License
-# along with this program. If not, see <http://www.gnu.org/licenses/>.
-#
-#
-
-import argparse
-import os
-import sys
-import subprocess
-import syslog as sl
-
-from vyos import ConfigError
-
-dir = r'/config/auth/wireguard'
-pk = dir + '/private.key'
-pub = dir + '/public.key'
-psk = dir + '/preshared.key'
-
-def check_kmod():
- if not os.path.exists('/sys/module/wireguard'):
- sl.syslog(sl.LOG_NOTICE, "loading wirguard kmod")
- if os.system('sudo modprobe wireguard') != 0:
- sl.syslog(sl.LOG_ERR, "modprobe wireguard failed")
- raise ConfigError("modprobe wireguard failed")
-
-def generate_keypair():
- ret = subprocess.call(['wg genkey | tee ' + pk + '|wg pubkey > ' + pub], shell=True)
- if ret != 0:
- raise ConfigError("wireguard key-pair generation failed")
- else:
- sl.syslog(sl.LOG_NOTICE, "new keypair wireguard key generated in " + dir)
-
-def generate_psk():
- ret = subprocess.call(['wg genpsk >' + psk ], shell=True)
- if ret != 0:
- raise ConfigError("wireguard preshared-key generation failed")
- else:
- sl.syslog(sl.LOG_NOTICE, "wireguard preshared-key sucessfully generated in " + dir)
-
-def genkey():
- ### if umask 077 makes trouble, 027 will work
- old_umask = os.umask(0o077)
- if os.path.exists(pk) and os.path.exists(pub):
- choice = input("You already have a wireguard key-pair already, do you want to re-generate? [y/n] ")
- if choice == 'y' or choice == 'Y':
- generate_keypair()
- else:
- if not os.path.exists(dir):
- os.mkdir(dir)
- generate_keypair()
- os.umask(old_umask)
-
-def showkey(key):
- if key == "pub":
- if os.path.exists(pub):
- print ( open(pub).read().strip() )
- else:
- print("no public key found")
-
- if key == "pk":
- if os.path.exists(pk):
- print ( open(pk).read().strip() )
- else:
- print("no private key found")
-
-def genpsk():
- old_umask = os.umask(0o077)
- if os.path.exists(psk):
- choice = input("You already have a preshared-key, do you want to re-generate? [y/n] ")
- if choice == 'y' or choice == 'Y':
- generate_psk()
- else:
- if not os.path.exists(dir):
- os.mkdir(dir)
- generate_psk()
- os.umask(old_umask)
-
-def showpsk():
- if os.path.exists(psk):
- print (open(psk).read().strip())
- else:
- print("no preshared key found")
-
-if __name__ == '__main__':
- check_kmod()
-
- parser = argparse.ArgumentParser(description='wireguard key management')
- parser.add_argument('--genkey', action="store_true", help='generate key-pair')
- parser.add_argument('--showpub', action="store_true", help='shows public key')
- parser.add_argument('--showpriv', action="store_true", help='shows private key')
- parser.add_argument('--genpsk', action="store_true", help='generates preshared-key')
- parser.add_argument('--showpsk', action="store_true", help='show preshared-key')
- args = parser.parse_args()
-
- try:
- if args.genkey:
- genkey()
- if args.showpub:
- showkey("pub")
- if args.showpriv:
- showkey("pk")
- if args.genpsk:
- genpsk()
- if args.showpsk:
- showpsk()
-
- except ConfigError as e:
- print(e)
- sys.exit(1)
-