#!/bin/bash ### Constants setupVars="/etc/pivpn/wireguard/setupVars.conf" # shellcheck disable=SC1090 source "${setupVars}" ### Funcions err() { echo "[$(date +'%Y-%m-%dT%H:%M:%S%z')]: $*" >&2 } helpFunc() { echo "::: Disable client conf profiles" echo ":::" echo -n "::: Usage: pivpn <-off|off> [-h|--help] [-v] " echo "[ ... [] ...]" echo ":::" echo "::: Commands:" echo "::: [none] Interactive mode" echo "::: Client" echo "::: -y,--yes Disable client(s) without confirmation" echo "::: -v Show disabled clients only" echo "::: -h,--help Show this help dialog" } ### Script if [[ ! -f "${setupVars}" ]]; then err "::: Missing setup vars file!" exit 1 fi # Parse input arguments while [[ "$#" -gt 0 ]]; do _key="${1}" case "${_key}" in -h | --help) helpFunc exit 0 ;; -y | --yes) CONFIRM=true ;; -v) DISPLAY_DISABLED=true ;; *) CLIENTS_TO_CHANGE+=("${1}") ;; esac shift done cd /etc/wireguard || exit if [[ ! -s configs/clients.txt ]]; then err "::: There are no clients to change" exit 1 fi if [[ "${DISPLAY_DISABLED}" ]]; then grep '\[disabled\] ### begin' wg0.conf | sed 's/#//g; s/begin//' exit 1 fi mapfile -t LIST < <(awk '{print $1}' configs/clients.txt) if [[ "${#CLIENTS_TO_CHANGE[@]}" -eq 0 ]]; then echo -e "::\e[4m Client list \e[0m::" len="${#LIST[@]}" COUNTER=1 while [[ "${COUNTER}" -le "${len}" ]]; do printf "%0${#len}s) %s\r\n" "${COUNTER}" "${LIST[(($COUNTER - 1))]}" ((COUNTER++)) done echo -n "Please enter the Index/Name of the Client to be removed " echo -n "from the list above: " read -r CLIENTS_TO_CHANGE if [[ -z "${CLIENTS_TO_CHANGE}" ]]; then err "::: You can not leave this blank!" exit 1 fi fi CHANGED_COUNT=0 for CLIENT_NAME in "${CLIENTS_TO_CHANGE[@]}"; do re='^[0-9]+$' if [[ "${CLIENT_NAME}" =~ $re ]]; then CLIENT_NAME="${LIST[$((CLIENT_NAME - 1))]}" fi if ! grep -q "^${CLIENT_NAME} " configs/clients.txt; then echo -e "::: \e[1m${CLIENT_NAME}\e[0m does not exist" elif grep -q "#\[disabled\] ### begin ${CLIENT_NAME}" wg0.conf; then echo -e "::: \e[1m${CLIENT_NAME}\e[0m is already disabled" else if [[ -n "${CONFIRM}" ]]; then REPLY="y" else read -r -p "Confirm you want to disable ${CLIENT_NAME}? [Y/n] " fi if [[ "${REPLY}" =~ ^[Yy]$ ]] || [[ -z "${REPLY}" ]]; then # Disable the peer section from the server config echo "${CLIENT_NAME}" sed_pattern="/### begin ${CLIENT_NAME} ###/," sed_pattern="${sed_pattern}/end ${CLIENT_NAME} ###/ s/^/#\[disabled\] /" sed -e "${sed_pattern}" -i wg0.conf unset sed_pattern echo "::: Updated server config" ((CHANGED_COUNT++)) echo "::: Successfully disabled ${CLIENT_NAME}" fi fi done # Restart WireGuard only if some clients were actually deleted if [[ "${CHANGED_COUNT}" -gt 0 ]]; then if [[ "${PLAT}" == 'Alpine' ]]; then if rc-service wg-quick restart; then echo "::: WireGuard reloaded" else err "::: Failed to reload WireGuard" fi else if systemctl reload wg-quick@wg0; then echo "::: WireGuard reloaded" else err "::: Failed to reload WireGuard" fi fi fi