random- collection of un-sorted bollocks |
git clone git://git.acid.vegas/random.git |
Log | Files | Refs | Archive |
mkvpn (1600B)
1 #!/bin/sh 2 if [ $(id -u) -ne 0 ]; then 3 echo "error: must be ran as root" && exit 1 4 fi 5 6 apt-get update 7 apt-get install wireguard-tools -y 8 9 sysctl -w net.ipv4.ip_forward=1 && sudo sysctl -p # add to conf 10 11 gen_server() { 12 umask 077 13 wg genkey | tee /etc/wireguard/privatekey | wg pubkey > /etc/wireguard/publickey 14 15 { 16 printf "[Interface]\n" 17 printf "Address = 10.0.0.1/24, fd00:db8:0:0::1/64\n" # IPv4 and IPv6 addresses 18 printf "SaveConfig = true\n" 19 printf "ListenPort = CHANGEME\n" 20 printf "PrivateKey = $(cat /etc/wireguard/privatekey)\n\n" 21 printf "[Peer]\n" 22 printf "PublicKey = $(cat /etc/wireguard/client1_publickey)\n" # Client 1 public key 23 printf "AllowedIPs = 10.0.0.2/32, fd00:db8:0:0::2/128\n" # IPv4 and IPv6 for Client 1 24 printf "MaxConnections = 5\n" 25 } > /etc/wireguard/wg0.conf 26 27 systemctl enable wg-quick@wg0 && systemctl start wg-quick@wg0 28 } 29 30 gen_client() { 31 wg genkey | tee privatekey | wg pubkey > publickey 32 { 33 printf "[Interface]\n" 34 printf "Address = 10.0.0.2/32\n" # NEED V6 35 printf "PrivateKey = $(cat /path/to/client/privatekey)\n" # Client's private key 36 printf "DNS = 8.8.8.8\n\n" # DNS server (can we exclude to allow machine) 37 38 printf "[Peer]\n" 39 printf "PublicKey = $(cat /path/to/server/publickey)\n" # Server's public key 40 printf "AllowedIPs = 0.0.0.0/0, ::/0\n" # Route all traffic through VPN 41 printf "Endpoint = [Server's IP Address]:[Server's ListenPort]\n" # Server endpoint 42 } > /path/to/client/wg0.conf 43 }