Last active
January 31, 2021 15:57
-
-
Save packerdl/81fc463670e631469bf9cc9e5278036f to your computer and use it in GitHub Desktop.
Painlessly setup a new peer on your wireguard server
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#! /usr/bin/env sh | |
# Painlessly setup a new peer on your wireguard server | |
# | |
# Peer config will be rendered as a QR code that can be | |
# scanned by a mobile device. The peer public key and | |
# IP will be appended to the server's wireguard interface | |
# config. | |
# | |
# Requires qrencode to be installed on the system. | |
set -e | |
# Server-related Variables | |
WG_INTERFACE_FILE=/etc/wireguard/wg0.conf | |
# Replace with server's public IP or domain and wireguard port | |
SERVER_ENDPOINT=example.com:51820 | |
SERVER_PUBLIC_KEY=$(cat /etc/wireguard/publickey) | |
# Peer-related Variables | |
PEER_PRIVATE_KEY=$(wg genkey) | |
PEER_PUBLIC_KEY=$(echo -n $PEER_PRIVATE_KEY | wg pubkey) | |
# Replace with desired wireguard subnet and available address range | |
PEER_ADDRESS="10.0.0.$(shuf -i 3-253 -n 1)/32" | |
# --- | |
PEER_CONFIG="\ | |
[Interface] | |
PrivateKey = $PEER_PRIVATE_KEY | |
Address = $PEER_ADDRESS | |
DNS = 192.168.1.53 | |
[Peer] | |
PublicKey = $SERVER_PUBLIC_KEY | |
AllowedIPs = 0.0.0.0/0, ::/0 | |
Endpoint = $SERVER_ENDPOINT | |
" | |
# Output peer configuration as scannable QR code | |
echo -n "$PEER_CONFIG" | qrencode -t ansiutf8 | |
SERVER_PEER_CONFIG=" | |
[Peer] | |
PublicKey=$PEER_PUBLIC_KEY | |
AllowedIPs=$PEER_ADDRESS | |
" | |
echo "$SERVER_PEER_CONFIG" >> $WG_INTERFACE_FILE | |
echo " | |
The following peer config has been appended to $WG_INTERFACE_FILE | |
--- | |
$SERVER_PEER_CONFIG | |
--- | |
" |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment