This repository contains scripts that make it easy to configure WireGuard on VPS.
Medium article: How to deploy WireGuard node on a DigitalOcean's droplet
wget https://raw.githubusercontent.com/mr-kenikh/wireguard/master/wg-ubuntu-server-up.sh
chmod +x ./wg-ubuntu-server-up.sh
sudo ./wg-ubuntu-server-up.shwget https://raw.githubusercontent.com/mr-kenikh/wireguard/master/wg-debian-server-up.sh
chmod +x ./wg-debian-server-up.sh
./wg-debian-server-up.shTo get a full instruction, please follow to the article above.
- Ubuntu 18.04
- Ubuntu 20.04
- Debian 9
- Debian 10
This script:
- Installs all necessary software on an empty Ubuntu DigitalOcean droplet (it should also work with most modern Ubuntu images)
- Configures IPv4 forwarding and iptables rules
- Sets up unbound DNS resolver
- Creates a server and clients configurations
- Installs qrencode
- Runs WireGuard
wg-ubuntu-server-up.sh [--clients=<clients_count>] [--listen-port=<listen_port>] [--no-reboot] [--no-unbound]Options:
--clients=<clients_count>how many client's configs will be created--listen-port=<listen_port>wireguard listen port (51820 will be used as a default port)--no-isolationdisables client isolation--no-unbounddisables Unbound server installation (1.1.1.1 will be used as a default DNS for client's configs)--no-rebootdisables rebooting at the end of the script execution
./wg-ubuntu-server-up.sh./wg-ubuntu-server-up.sh --clients=10./wg-ubuntu-server-up.sh --clients=10 --listen-port=1234This script works the same way and with the same options, that wg-ubuntu-server-up.sh do.
This script generate server and clients configs for WireGuard.
If the public IP is not defined, then the public IP of the machine from which the script is run is used. If the number of clients is not defined, then used 10 clients. If the listen port is not defined, then used 51820 as default.
Install WireGuard if it's not installed.
./wg-genconf.sh [--clients=<clients_count>] [--listen-port=<listen_port>] [--dns-ip=<dns_ip>] [--server-public-ip=<server_public_ip>] [--no-isolation]Options:
--clients=<clients_count>how many client's configs will be generated--listen-port=<listen_port>wireguard listen port (51820 will be used as a default port)--dns-ip=<dns_ip>the script should use this IP as a DNS address--server-public-ip=<server_public_ip>the script should use this IP as a server address--no-isolationdisables client isolation
./wg-genconf.sh./wg-genconf.sh --clients=10./wg-genconf.sh --clients=10 --listen-port=1234./wg-genconf.sh --clients=10 --listen-port=1234 --dns-ip=1.1.1.1./wg-genconf.sh --clients=10 --listen-port=1234 --dns-ip=1.1.1.1 --server-public-ip=157.245.73.253./wg-genconf.sh --clients=10 --listen-port=1234 --dns-ip=1.1.1.1 --server-public-ip=157.245.73.253 --no-isolation