pivpn/scripts/wireguard/removeCONF.sh
2020-12-26 23:39:48 +00:00

147 lines
4.6 KiB
Bash
Executable file

#!/bin/bash
setupVars="/etc/pivpn/wireguard/setupVars.conf"
if [ ! -f "${setupVars}" ]; then
echo "::: Missing setup vars file!"
exit 1
fi
source "${setupVars}"
helpFunc(){
echo "::: Remove a client conf profile"
echo ":::"
echo "::: Usage: pivpn <-r|remove> [-y|--yes] [-h|--help] [<client-1>] ... [<client-n>] ..."
echo ":::"
echo "::: Commands:"
echo "::: [none] Interactive mode"
echo "::: <client> Client(s) to remove"
echo "::: -y,--yes Remove Client(s) without confirmation"
echo "::: -h,--help Show this help dialog"
}
# Parse input arguments
while test $# -gt 0
do
_key="$1"
case "$_key" in
-h|--help)
helpFunc
exit 0
;;
-y|--yes)
CONFIRM=true
;;
*)
CLIENTS_TO_REMOVE+=("$1")
;;
esac
shift
done
cd /etc/wireguard
if [ ! -s configs/clients.txt ]; then
echo "::: There are no clients to remove"
exit 1
fi
LIST=($(awk '{print $1}' configs/clients.txt))
if [ "${#CLIENTS_TO_REMOVE[@]}" -eq 0 ]; then
echo -e "::\e[4m Client list \e[0m::"
len=${#LIST[@]}
COUNTER=1
while [ $COUNTER -le ${len} ]; do
printf "%0${#len}s) %s\r\n" ${COUNTER} ${LIST[(($COUNTER-1))]}
((COUNTER++))
done
read -r -p "Please enter the Index/Name of the Client to be removed from the list above: " CLIENTS_TO_REMOVE
if [ -z "${CLIENTS_TO_REMOVE}" ]; then
echo "::: You can not leave this blank!"
exit 1
fi
fi
DELETED_COUNT=0
for CLIENT_NAME in "${CLIENTS_TO_REMOVE[@]}"; do
re='^[0-9]+$'
if [[ ${CLIENT_NAME} =~ $re ]] ; then
CLIENT_NAME=${LIST[$(($CLIENT_NAME -1))]}
fi
if ! grep -q "^${CLIENT_NAME} " configs/clients.txt; then
echo -e "::: \e[1m${CLIENT_NAME}\e[0m does not exist"
else
REQUESTED="$(sha256sum "configs/${CLIENT_NAME}.conf" | cut -c 1-64)"
if [ -n "$CONFIRM" ]; then
REPLY="y"
else
read -r -p "Do you really want to delete $CLIENT_NAME? [y/N] "
fi
if [[ $REPLY =~ ^[Yy]$ ]]; then
# Grab the least significant octed of the client IP address
COUNT=$(grep "^${CLIENT_NAME} " configs/clients.txt | awk '{print $4}')
# The creation date of the client
CREATION_DATE="$(grep "^${CLIENT_NAME} " configs/clients.txt | awk '{print $3}')"
# And its public key
PUBLIC_KEY="$(grep "^${CLIENT_NAME} " configs/clients.txt | awk '{print $2}')"
# Then remove the client matching the variables above
sed "\#${CLIENT_NAME} ${PUBLIC_KEY} ${CREATION_DATE} ${COUNT}#d" -i configs/clients.txt
# Remove the peer section from the server config
sed "/### begin ${CLIENT_NAME} ###/,/### end ${CLIENT_NAME} ###/d" -i wg0.conf
echo "::: Updated server config"
rm "configs/${CLIENT_NAME}.conf"
echo "::: Client config for ${CLIENT_NAME} removed"
rm "keys/${CLIENT_NAME}_priv"
rm "keys/${CLIENT_NAME}_pub"
rm "keys/${CLIENT_NAME}_psk"
echo "::: Client Keys for ${CLIENT_NAME} removed"
# Find all .conf files in the home folder of the user matching the checksum of the
# config and delete them. '-maxdepth 3' is used to avoid traversing too many folders.
find "${install_home}" -maxdepth 3 -type f -name '*.conf' -print0 | while IFS= read -r -d '' CONFIG; do
if sha256sum -c <<< "${REQUESTED} ${CONFIG}" &> /dev/null; then
rm "${CONFIG}"
fi
done
((DELETED_COUNT++))
echo "::: Successfully deleted ${CLIENT_NAME}"
# If using Pi-hole, remove the client from the hosts file
if [ -f /etc/pivpn/hosts.wireguard ]; then
NET_REDUCED="${pivpnNET::-2}"
sed "\#${NET_REDUCED}.${COUNT} ${CLIENT_NAME}.pivpn#d" -i /etc/pivpn/hosts.wireguard
if killall -SIGHUP pihole-FTL; then
echo "::: Updated hosts file for Pi-hole"
else
echo "::: Failed to reload pihole-FTL configuration"
fi
fi
else
echo "Aborting operation"
exit 1
fi
fi
done
# Restart WireGuard only if some clients were actually deleted
if [ "${DELETED_COUNT}" -gt 0 ]; then
if systemctl reload wg-quick@wg0; then
echo "::: WireGuard reloaded"
else
echo "::: Failed to reload WireGuard"
fi
fi