43 lines
1.4 KiB
Bash
43 lines
1.4 KiB
Bash
#!/bin/sh
|
|
# Local utility for forwarding traffic through wireguard VPN
|
|
#
|
|
# Some code was borrowed from:
|
|
# https://github.com/mochman/Bypass_CGNAT
|
|
# and
|
|
# https://www.youtube.com/watch?v=9tDeh9mutmI
|
|
perms=$(umask)
|
|
|
|
print() {
|
|
printf '\033[1m %b\033[0m%s\n\n' "$1"
|
|
}
|
|
|
|
# Install wireguard
|
|
printf "\nContinue ONLY is wireguard is installed [y/N] " && read -r check
|
|
[ "$check" != "y" ] && exit
|
|
|
|
# Generate wireguard keys
|
|
print "Generating wireguard configs..."
|
|
sudo mkdir -p /etc/wireguard/
|
|
umask 077 # perms for /etc/wireguard/* files
|
|
printf "[Interface]\nPrivateKey = " | sudo tee /etc/wireguard/wg0.conf > /dev/null
|
|
printf "\nCopy this key to server's setup (Press ENTER when done):\n> "
|
|
sudo wg genkey | sudo tee -a /etc/wireguard/wg0.conf | wg pubkey | sudo tee /etc/wireguard/publickey
|
|
read -r NULL
|
|
|
|
# Make wireguard configuration with keys and write to /etc/wireguard/wg0.conf
|
|
printf "\nEnter the generated Publickey from server:\n> " && read -r PUBKEY
|
|
printf "\nEnter the VPS's public IP:\n> " && read -r VPSIP
|
|
printf "Address = 10.0.0.2
|
|
|
|
[Peer]
|
|
PublicKey = $PUBKEY
|
|
AllowedIPs = 10.0.0.1/32
|
|
Endpoint = $VPSIP:55107
|
|
PersistentKeepalive = 25
|
|
" | sudo tee -a /etc/wireguard/wg0.conf
|
|
umask $perms # restore perms
|
|
|
|
# Start service
|
|
#sudo systemctl start wg-quick@wg0
|
|
printf "\nRun 'systemctl enable wg-quick@wg0' so the service starts automatically on boot.\n"
|
|
printf "\nDone!\n"
|