Homemade WireGuard VPN on a VPS server

Discuss Tutorials
,
74

Ajout de l’installation de qrencode
Ajout de la génération et sauvegarde de qrcode
il manquait la partie peer dans la création du fichier user_peer.conf

Qrcode testé dans l’importation de wireguard et ça passe.
Le script relance à la fin WG0 pour que la création soit prise en compte

Rajout des variables server_port et server_adress

#!/bin/bash
#Pour https://forum.yunohost.org/t/homemade-wireguard-vpn-on-a-vps-server/15662
# check if root
#https://github.com/Tontonjo/proxmox_toolbox/blob/main/proxmox_toolbox.sh line73
if [[ $(id -u) -ne 0 ]] ; then echo "- Please run as root / sudo" ; exit 1 ; fi

# Installation de qrendcode pour le generer les QRCODEssss
if [ $(dpkg-query -W -f='${Status}' qrencode 2>/dev/null | grep -c "ok installed") -eq 0 ]; then
    apt-get install qrencode -y
echo "Merci de relancer le script"
exit
fi



#quelques variables
RANGE_IPV6="fd42:42:42::"
RANGE_IP="10.6.0."
DNS_IP="80.67.169.12, 2001:910:800::12"
PATH_CLIENT_DIR="peer/"
SERVER_ADRESS="mon_domaine.fr" #IP ou DOMAINE
SERVER_PORT="51820"


echo '::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::'
echo '                   Ajouter un PEER                                '
echo '::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::'
echo 'Nom du peer'
read 'peer_name'
echo 'IP ( les derniers chiffres) il faut être sur du chiffre et que celui-ci ne soit pas encore attribué'
read 'peer_ip'

#On créé un dossier client
if [ -d "/etc/wireguard/peer/" ]; then
 echo "Dossier peer inconnu"
else
echo "Création du dossier peer"
mkdir -m 700 "/etc/wireguard/${PATH_CLIENT_DIR}"
fi

#Basé sur https://docs.pi-hole.net/guides/vpn/wireguard/client/

echo '::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::'
echo '                   Ajout du peer (wg0.conf)                   '
echo '::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::'
umask 077

#Création d'un dossier pour le nouveau client
if [ -d "/etc/wireguard/peer/${peer_name}" ]; then
 echo "Dossier  "${peer_name}" inconnu"
else
echo "Création du dossier ${peer_name}"
mkdir -m 700 /etc/wireguard/"${PATH_CLIENT_DIR}${peer_name}"
fi

PATH_CLIENT_DIR_DIR="/etc/wireguard/${PATH_CLIENT_DIR}${peer_name}/"

wg genkey | tee "${PATH_CLIENT_DIR_DIR}${peer_name}.key" | wg pubkey > "${PATH_CLIENT_DIR_DIR}${peer_name}.pub"
wg genpsk > "${PATH_CLIENT_DIR_DIR}${peer_name}.psk"

echo "Mise à jour du fichier WG0.................... OK"
#echo "#############################################" >> /etc/wireguard/wg0.conf
echo "" >> /etc/wireguard/wg0.conf
echo "#"${peer_name}" " >> /etc/wireguard/wg0.conf
echo "[Peer]" >> /etc/wireguard/wg0.conf
echo "PublicKey = $(cat "${PATH_CLIENT_DIR_DIR}${peer_name}".pub)" >> /etc/wireguard/wg0.conf
echo "PresharedKey = $(cat "${PATH_CLIENT_DIR_DIR}${peer_name}".psk)" >> /etc/wireguard/wg0.conf
echo "AllowedIPs = "${RANGE_IP}${peer_ip}"/32, "${RANGE_IPV6}${peer_ip}"/128" >> /etc/wireguard/wg0.conf
echo "" >> /etc/wireguard/wg0.conf
#echo "#############################################" >> /etc/wireguard/wg0.conf

sleep 2

echo "Création du fichier peer.................... OK"
#Interface section
echo "[Interface]" >> "${PATH_CLIENT_DIR_DIR}${peer_name}.conf"
echo "Address = "${RANGE_IP}${peer_ip}"/32, "${RANGE_IPV6}${peer_ip}"/128" >> "${PATH_CLIENT_DIR_DIR}${peer_name}.conf"
echo "DNS = $DNS_IP" >> "${PATH_CLIENT_DIR_DIR}${peer_name}.conf"
echo "PrivateKey = $(cat "${PATH_CLIENT_DIR_DIR}${peer_name}.key")" >> "${PATH_CLIENT_DIR_DIR}${peer_name}.conf"



#Peer section
echo "[Peer]" >> "${PATH_CLIENT_DIR_DIR}${peer_name}.conf"
echo "AllowedIPs = 0.0.0.0/0, ::0/0" >> "${PATH_CLIENT_DIR_DIR}${peer_name}.conf"
echo "Endpoint = "${SERVER_ADRESS}":"${SERVER_PORT} >> "${PATH_CLIENT_DIR_DIR}${peer_name}.conf"
echo "PersistentKeepalive = 25" >> "${PATH_CLIENT_DIR_DIR}${peer_name}.conf"
echo "PublicKey = $(cat publickey.pub)" >> "${PATH_CLIENT_DIR_DIR}${peer_name}.conf"
echo "PresharedKey = $(cat "${PATH_CLIENT_DIR_DIR}${peer_name}.psk")" >> "${PATH_CLIENT_DIR_DIR}${peer_name}.conf"



echo "Sauvegarde du QRCode.................... OK"
qrencode -m 10 -o "${PATH_CLIENT_DIR_DIR}${peer_name}.png" "${PATH_CLIENT_DIR_DIR}${peer_name}.conf"

sleep 2

qrencode -t ansiutf8 -r "${PATH_CLIENT_DIR_DIR}${peer_name}.conf"

sleep 2

echo "Interface WG0 relancé"
wg-quick down wg0 && wg-quick up wg0

echo '::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::'
echo "                   "${peer_name} Ajouté "                          "
echo '::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::'
2 Likes