This is a simple helper script for monitoring WireGuard peers on Ubiquiti EdgeRouter devices.
I wrote the script to solve the small yet annoying problem that WireGuard by itself has no concept of named peers and displays only their public keys. On an EdgeRouter, however, peer names can be added to the router's configuration:
# set interfaces wireguard wg0 peer <public_key_here> description <peer_name>
Except those names aren't actually visible to WireGuard itself.
What this script does, in a nutshell, is:
- grab the names of each peer from EdgeOS configuration
- run
wg showand capture the output (colours and everything) - replace each peer's public key with its name
- finally echo the modified output
So not a lot, sure, but then the output of wg show is already pretty informative.
- An EdgeRouter, obviously.1 The script has been tested on an ER-4 and ER-Lite with v2 firmware.
- WireGuard installed and configured. If not, go here to get started.
1) The script might also work on VyOS (since it and EdgeOS are related), but it won't run on just any Linux system; for that, try wgg.sh.
Download the script to your router and make it executable:
$ curl -OL https://raw.githubusercontent.com/IndrekHaav/wgmon-edgeos/main/wgmon.sh
$ chmod +x wgmon.shThen just run ./wgmon.sh to see the output from wg show except with peer names instead of public keys:
Note: The script by default shows all configured WireGuard interfaces and their peers. To show a single interface, add its name as a command line argument, e.g.
./wgmon.sh wg0.
You can keep the script running with watch:
$ watch -n 1 -t -c ~/wgmon.shEven better, add a bash alias to ~/.bashrc:
alias wgmon="watch -n 1 -t -c ~/wgmon.sh"
Then source .bashrc (or log out and back in) to make it available, and you can simply run wgmon to see a constantly updating overview of your WireGuard peers with friendly names!
Note: These steps have to be repeated after upgrading your EdgeRouter's firmware.