dotfiles/bin/setupWireguard

#!/bin/bash
keepassdb="$HOME/Nextcloud/passwords/Passwords.kdbx"

type wg >/dev/null 2>&1 || { printf "wireguard is not installed\n" >&2;  exit 1; }
type keepassxc-cli >/dev/null 2>&1 || { printf "KeepassXC is not installed\n" >&2;  exit 1; }

[[ "$EUID" != 0 ]] && printf "needs to be run as root\n" >&2 && exit 1

printf "Enter password for $keepassdb: "
read -s password
printf "\n"

networks=$(echo "$password" | keepassxc-cli ls "$keepassdb" /Wireguard/$HOSTNAME)
umask 077
for network in $networks;do
    echo "configuring /etc/wireguard/${network}.conf"
    echo "$password" | keepassxc-cli show -q --attributes Notes "$keepassdb" /Wireguard/$HOSTNAME/$network > /etc/wireguard/${network}.conf
done
unset password