Skip to content
/ wireguard-setup Public

Bash scripts to take Ubuntu Server LTS 24.04 from clean install to fully-configured WireGuard server peer

5 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

jawj/wireguard-setup

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

28 Commits
README.md
README.md
 
 
addclient.sh
addclient.sh
 
 
setup.sh
setup.sh
 
 

Repository files navigation

wireguard-setup

Bash scripts to take Ubuntu Server LTS 24.04 from clean install to fully-configured WireGuard server peer, forwarding DNS queries to Cloudflare over TLS.

  • setup.sh sets up the server (run once)
  • addclient.sh creates a peer, printing the config as text and a QR code (run for each new client)

The server is configured for unattended security upgrades and firewalled with iptables to allow only SSH, WireGuard and some ICMP types.

Clients are visible to each other, and can be found via DNS as my-client-name.wg.internal.

Usage

One-time only:

wget https://raw.githubusercontent.com/jawj/wireguard-setup/refs/heads/main/setup.sh
chmod +x setup.sh
sudo ./setup.sh

To add a client:

wget https://raw.githubusercontent.com/jawj/wireguard-setup/refs/heads/main/addclient.sh
chmod +x addclient.sh
sudo ./addclient.sh

Note that IP addresses are currently allocated simply by counting how many clients are already configured. Manually deleting users from /etc/wireguard/wg0.conf may therefore cause new users to duplicate existing users' IP addresses.

To show status:

sudo wg show

See also

https://github.com/jawj/IKEv2-setup

License

MIT

About

Bash scripts to take Ubuntu Server LTS 24.04 from clean install to fully-configured WireGuard server peer

Topics

ubuntu vpn ubuntu-server wireguard wireguard-vpn wireguard-vpn-setup ubuntu2404

Resources

Readme
Activity

Stars

5 stars

Watchers

0 watching

Forks

0 forks
Report repository

Languages