darcyliu/setup-wireguard.sh

## setup-wireguard.sh
pkg install -y wireguard wireguard-tools

cd /usr/local/etc/wireguard/
umask 077

wg genkey > freebsd.private
wg pubkey < freebsd.private > freebsd.public

wg genkey > client.private
wg pubkey < client.private > client.public

SERVER_PRIVATE_KEY=$(cat freebsd.private)
CLIENT_PUBLIC_KEY=$(cat client.public)
cat > wg0.conf <<EOF
[Interface]
Address = 10.10.10.1/32
ListenPort = 12345
PrivateKey = $SERVER_PRIVATE_KEY

[Peer]
AllowedIPs = 10.10.20.2/32
PublicKey = $CLIENT_PUBLIC_KEY
EOF


CLIENT_PRIVATE_KEY=$(cat client.private)
SERVER_PUBLIC_KEY=$(cat freebsd.public)
cat > client.conf <<EOF
[Interface]
PrivateKey = $CLIENT_PRIVATE_KEY
Address = 10.10.20.2/32
DNS = 8.8.8.8

[Peer]
PublicKey = $SERVER_PUBLIC_KEY
AllowedIPs = 0.0.0.0/0
Endpoint = 1.2.3.4:12345

PersistentKeepalive = 30
EOF

service wireguard enable
sysrc wireguard_interfaces="wg0"
service wireguard start

pkg install -y libqrencode
qrencode -t ansi < client.conf
	pkg install -y wireguard wireguard-tools

	cd /usr/local/etc/wireguard/
	umask 077

	wg genkey > freebsd.private
	wg pubkey < freebsd.private > freebsd.public

	wg genkey > client.private
	wg pubkey < client.private > client.public

	SERVER_PRIVATE_KEY=$(cat freebsd.private)
	CLIENT_PUBLIC_KEY=$(cat client.public)
	cat > wg0.conf <<EOF
	[Interface]
	Address = 10.10.10.1/32
	ListenPort = 12345
	PrivateKey = $SERVER_PRIVATE_KEY

	[Peer]
	AllowedIPs = 10.10.20.2/32
	PublicKey = $CLIENT_PUBLIC_KEY
	EOF


	CLIENT_PRIVATE_KEY=$(cat client.private)
	SERVER_PUBLIC_KEY=$(cat freebsd.public)
	cat > client.conf <<EOF
	[Interface]
	PrivateKey = $CLIENT_PRIVATE_KEY
	Address = 10.10.20.2/32
	DNS = 8.8.8.8

	[Peer]
	PublicKey = $SERVER_PUBLIC_KEY
	AllowedIPs = 0.0.0.0/0
	Endpoint = 1.2.3.4:12345

	PersistentKeepalive = 30
	EOF

	service wireguard enable
	sysrc wireguard_interfaces="wg0"
	service wireguard start

	pkg install -y libqrencode
	qrencode -t ansi < client.conf