A simple script to quickly create and add a wireguard client using the OPNsense wireguard API.
- I wanted something simple quick and with no hassle.
- A way to quickly deploy wireguard clients without the need to manually create them in the webgui.
- And to experiment further with the wireguard API.
- Keep in mind that you can edit this however you want and make your own version out of it, infact this is meant to also be a baseline for using the wireguard API for OPNsense.
jq to be installed.
You can check if you have it installed by running:
jq --version
If you don't have it installed :
For debian based distros:
Run sudo apt install jq
For fedora:
sudo dnf install jq
For OpenSUSE:
sudo zypper install jq
For anything else please refer to your distributions package manager on how to install it.
In your web gui go into System > Access > Users.
Under API keys, generate one and save the key and secret somewhere safe.
You will need it to interact with the opnsense API.
git clone https://github.com/kocey131/opnsense_wireguard
cd opnsense_wireguard
Paste in your API key and secret.
Next up edit the wg client configuration by adding the ip:port of your wireguard server in the "endpoint" section, (Default port should be 51820).
Everything else can be left as default.
chmod +x wg.sh
./wg.sh
The script will then prompt you for information regarding the client/server.
That's it.