Wireguard Setup scripts writin in bash.
Main lines: Because this script is intended to be run as root, every call will invite you to enter the correct command with a shell redirection to fill the corresponding configuration files.
However, a file named allKeys.txt will be the only automatically created file; This file will contain a text database of all generated private keys. So if you create a user key twice, the key will be the same. allKeys.txt default permission will be 0600.
cd /etc/wireguard
git init
git remote add origin https://github.com/UrielCh/wireguard.git
git fetch
git checkout main
- Init your environement VPN with
./randconfig.sh > .env
- customize it
source .env
./init.sh > wg${WGID}.conf
./add-key.sh 1 user01 >> wg${WGID}.conf
./add-key.sh 2 user02 >> wg${WGID}.conf
systemctl restart wg-quick@wg${WGID}.service
systemctl enable wg-quick@wg${WGID}.service
You only choose an IP offset; the script will compute a valid IP address within your range.
Ensure that kernel headers are installed
- debian 10 and older (ex: buster)
echo 'deb http://deb.debian.org/debian buster-backports main contrib non-free' > /etc/apt/sources.list.d/buster-backports.list"
- for proxmox:
apt install pve-headers-$(uname -r) wireguard
- for debian:
apt install -y linux-headers-$(uname -r) wireguard
apt-get install qrencode
cd /etc/wireguard/
git clone git@github.com:UrielCh/wireguard.git .
Generate a random configuration environement, then customise it as you want.
./randconfig.sh > .env
nano .env
./init.sh
Use ./add-key.sh
./add-key.sh client_id_fron_0_to_1021 client_name >> wg1.conf
example:
./add-key.sh 1 user01 >> wg1.conf
./add-key.sh 2 user02 >> wg1.conf
Read output for guide
./printKey.sh user-1
or
./printKey.sh user-1 QR
to view it as a QR code
./list.sh
modprobe wireguard
echo 'module wireguard +p' > /sys/kernel/debug/dynamic_debug/control
# tail -F /var/log/messages /var/log/kern.log
journalctl -f
# or
dmesg -wH
Diasble:
echo 'module wireguard -p' > /sys/kernel/debug/dynamic_debug/control
Create a serie of access key:
Sample generate bulk of keys in wg1.conf with IPs offset by 256 (only valid if with a MASK of 23 or more)
for X in {001..010};
do ID=$(echo $X|sed -E s/^0+//);
./add-key.sh $((ID+256)) client-$X >> wg1.conf;
done
if your first IP os 10.0.0.0, this script will generate Acces with IPs 10.0.1.1, 10.0.1.2, 10.0.1.3 ...