Wireguard Quick Generator

wireguard-generator.sh

#!/bin/bash
apt install wireguard qrencode wireguard-dkms
modprobe wireguard
lsmod | grep wireguard

mkdir -p /etc/wireguard
wg-quick down wg0
export wg_key=`wg genkey`
export wg_psk=`wg genkey`
export wg_pub=`echo -n $wg_key | wg pubkey`
[ -z "$wg_eth" ] && export wg_eth='ens3'
[ -z "$wg_endpoint" ] && export wg_endpoint='example.lo:1337'
[ -z "$wg_rng" ] && export wg_rng='10.13.37.'


cat <<EOD > /etc/wireguard/wg0.conf
[Interface]
Address = ${wg_rng}.1/24
ListenPort = `echo -n $wg_endpoint | cut -d : -f 2`
PrivateKey = $wg_key
#PublicKey = $wg_pub
PostUp = sysctl -w net.ipv4.ip_forward=1
PostUp = sysctl -w net.ipv4.conf.all.rp_filter=1
PostUp = sysctl -w net.ipv4.conf.default.rp_filter=1
PostUp = iptables -A FORWARD -i %i -j ACCEPT; iptables -t nat -A POSTROUTING -o $wg_eth -j MASQUERADE
PostDown = sysctl -w net.ipv4.ip_forward=0
PostDown = sysctl -w net.ipv4.conf.all.rp_filter=0
PostDown = sysctl -w net.ipv4.conf.default.rp_filter=0
PostDown = iptables -D FORWARD -i %i -j ACCEPT; iptables -t nat -D POSTROUTING -o $wg_eth -j MASQUERADE

EOD

for i in `seq 2 3`; do
	export wg_key_cli=`wg genkey`
	export wg_pub_cli=`echo -n $wg_key_cli | wg pubkey`
	cat <<EOD >> /etc/wireguard/wg0.conf
[Peer]
# Name = Client $i
PublicKey = $wg_pub_cli
PresharedKey = $wg_psk
AllowedIPs = ${wg_rng}.$i/32
PersistentKeepalive = 120
EOD
	cat <<EOD > /etc/wireguard/wg0-cli$i.conf
[Interface]
#PublicKey = $wg_pub_cli
PrivateKey = $wg_key_cli
Address = ${wg_rng}.$i/24

[Peer]
PublicKey = $wg_pub
PresharedKey = $wg_psk
AllowedIPs = 0.0.0.0/0
Endpoint = $wg_endpoint
EOD
	qrencode -t ansiutf8 < /etc/wireguard/wg0-cli$i.conf
done

chmod 600 /etc/wireguard/*

wg-quick up wg0
systemctl enable wg-quick@wg0