36 lines
1.0 KiB
Bash
Executable File
36 lines
1.0 KiB
Bash
Executable File
# TODO
|
|
# 1. Ask for listen port
|
|
# 2. Ask for name of eth interface
|
|
|
|
apt-get update
|
|
apt-get upgrade -y
|
|
apt-get install -y raspberrypi-kernel-headers
|
|
apt install -y wireguard qrencode iptables
|
|
|
|
cat > /etc/sysctl.conf <<EOF
|
|
net.ipv4.ip_forward=1
|
|
net.ipv6.conf.all.forwarding=1
|
|
EOF
|
|
|
|
reboot
|
|
|
|
cd /etc/wireguard
|
|
umask 077
|
|
export PRIVKEY=$(wg genkey)
|
|
echo $PRIVKEY | tee privatekey | wg pubkey | tee publickey
|
|
echo $PRIVKEY | tee --append /etc/wireguard/wg0.conf
|
|
cat > /etc/wireguard/wg0.conf <<EOF
|
|
[Interface]
|
|
Address = 10.10.0.1/24
|
|
Address = fd86:ea04:1111::1/64
|
|
SaveConfig = true
|
|
PostUp = iptables -A FORWARD -i wg0 -j ACCEPT; iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE; ip6tables -A FORWARD -i wg0 -j ACCEPT; ip6tables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
|
|
PostDown = iptables -D FORWARD -i wg0 -j ACCEPT; iptables -t nat -D POSTROUTING -o eth0 -j MASQUERADE; ip6tables -D FORWARD -i wg0 -j ACCEPT; ip6tables -t nat -D POSTROUTING -o eth0 -j MASQUERADE
|
|
ListenPort = 51820
|
|
PrivateKey = $PRIVKEY
|
|
EOF
|
|
|
|
sysctl -p
|
|
wg-quick up wg0
|
|
wg
|