-
-
Save lildeadprince/92e2c40e83de1fbb7df8dc9273731fc2 to your computer and use it in GitHub Desktop.
WireGuard VPN server
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # assuming it's some Debian, install the dependencies | |
| sudo apt install -y wget wireguard-dkms wireguard-tools linux-headers-$(uname -r) mawk grep iproute2 qrencode | |
| # download easy-wg-quick script | |
| wget https://raw.githubusercontent.com/burghardt/easy-wg-quick/master/easy-wg-quick | |
| chmod +x easy-wg-quick | |
| # define params for easy-wg-quick script | |
| ## Static (preferrably static) External IP of the server deployment VM | |
| echo "***.***.***.***" > extnetip.txt | |
| ## UDP port to use in WG | |
| echo "1312" > portno.txt | |
| ## in Europe Google DNS is better than Cloudflare`s 1.1.1.1 (which is default in easy-wg-script) | |
| echo "8.8.8.8" > intnetdns.txt | |
| # Add named Peers for my devices, follow output | |
| ./easy-wg-quick peer-1-peka | |
| ./easy-wg-quick peer-2-lopata | |
| ./easy-wg-quick peer-3-pixel | |
| # Export peer configs | |
| cat wgclient_peer-1-peka.conf | |
| cat wgclient_peer-2-lopata.conf | |
| cat wgclient_peer-3-pixel.conf | |
| # Import configs into end client application | |
| # Windows https://download.wireguard.com/windows-client/wireguard-installer.exe | |
| # Android https://play.google.com/store/apps/details?id=com.wireguard.android | |
| # MacOS https://itunes.apple.com/us/app/wireguard/id1451685025 | |
| # iOS https://itunes.apple.com/us/app/wireguard/id1441195209 | |
| # Debian `sudo apt install wireguard` | |
| # Fedora `sudo dnf install wireguard-tools` | |
| # CentOS `sudo yum install elrepo-release epel-release | |
| # sudo yum install kmod-wireguard wireguard-tools` | |
| # cat wgclient_peer-1-peka.qrcode.txt | |
| # cat wgclient_peer-2-lopata.qrcode.txt | |
| # cat wgclient_peer-3-pixel.qrcode.txt | |
| # Launch the WireGuard server | |
| sudo wg-quick up ./wghub.conf |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Create GCP Firewall rule to Allow GCP traffic | |
| GCP_PROJECT_ID = "project-id" | |
| # Arbitrary rule name | |
| GCP_FIREWALL_RULE_ALLOW_WG_NAME = "wg0" | |
| # Port used in WG Server config | |
| GCP_FIREWALL_RULE_ALLOW_WG_PORT = 1313 | |
| # Tag to assign to VMs that should follow this rule | |
| GCP_FIREWALL_RULE_ALLOW_WG_PORT = wg | |
| gcloud compute --project=$GCP_PROJECT_ID \ | |
| firewall-rules \ | |
| create $GCP_FIREWALL_ALLOW_RULE_WG_NAME \ | |
| --description="Allow WireGuard VPN traffic" \ | |
| --direction=INGRESS \ | |
| --priority=1000 \ | |
| --network=default \ | |
| --action=ALLOW \ | |
| --rules=udp:$GCP_FIREWALL_ALLOW_RULE_WG_PORT \ | |
| --source-ranges=0.0.0.0/0 \ | |
| --target-tags=$GCP_FIREWALL_ALLOW_RULE_WG_TAG |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment