chore: init repo

createwg.sh

@@ -0,0 +1,55 @@
+#!/bin/bash
+
+# enable ip forward
+echo "net.ipv4.ip_forward=1" >> /etc/sysctl.conf
+sysctl -p
+
+# install wireguard, wireguard-tools and curl
+sudo apt-get update && sudo apt-get install -y wireguard wireguard-tools curl
+
+conf="/root/conf"
+server="$conf/server"
+user="$conf/user"
+
+# create dir for configs && set umask
+mkdir -p $server && mkdir $user && umask 077 $conf
+
+# create server keys
+wg genkey | tee $server/privatekey | wg pubkey > $server/publickey
+priv=`cat $server/privatekey`
+pub=`cat $server/publickey`
+
+# create user keys
+wg genkey | tee $user/privatekey | wg pubkey > $user/publickey
+upriv=`cat $user/privatekey`
+upub=`cat $user/publickey`
+
+# get server ip
+ip=`curl ifconfig.me`
+
+# generate server config
+cat > $server/wg0.conf <<EOF
+[Interface]
+PrivateKey = $priv
+Address = 10.1.1.1/24
+ListenPort = 51820
+PostUp = iptables -A FORWARD -i wg0 -j ACCEPT; iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
+PostDown = iptables -D FORWARD -i wg0 -j ACCEPT; iptables -t nat -D POSTROUTING -o eth0 -j MASQUERADE
+[Peer]
+PublicKey = $upub
+AllowedIPs = 10.1.1.2/32
+EOF
+
+# generate user config
+cat > $user/user.conf <<EOF
+[Interface]
+PrivateKey = $upriv
+Address = 10.1.1.2/24
+[Peer]
+PublicKey = $pub
+Endpoint = $ip:51820
+AllowedIPs = 0.0.0.0/1, 128.0.0.0/1
+EOF
+
+# copy config to /etc/wireguard and start interface
+cp $server/wg0.conf /etc/wireguard && wg-quick up wg0