Script to install wireguard and generate config

setup-wireguard.sh

@@ -0,0 +1,72 @@
+#!/bin/bash
+
+SERVER_KEY='abcdefghijklmnopqrstuvwxyz0123456789abcdefg=';
+SERVER_IP='1.1.1.1';
+WG_BLOCK='10.10.0';
+
+if [[ $1 == '' ]]; then
+    echo "Need last octet as argument"
+    exit
+elif grep -Pq '^[0-9]*$' <<< $(echo $1); then
+    echo "Good"
+else
+    echo "Argument must be a number representing the last octet"
+    exit
+fi
+
+sudo apt update
+
+if grep -Pq '^arm' <<< $(uname -m); then
+    sudo apt install -y wireguard wireguard-dkms wireguard-tools raspberrypi-kernel raspberrypi-kernel-headers resolvconf
+else
+    sudo apt install -y wireguard wireguard-tools linux-headers-$(uname -r) resolvconf
+fi
+
+if [[ "`which wg 2> /dev/null`" == '' ]]; then
+    echo "Failed to install wireguard"
+    exit
+fi
+
+wg genkey | sudo tee /etc/wireguard/client_private.key | wg pubkey | sudo tee /etc/wireguard/client_public.key
+
+if [[ "`sudo cat /etc/wireguard/client_public.key 2> /dev/null`" == '' ]]; then
+    echo "Failed to create keys"
+    exit
+fi
+
+echo "[Interface]
+Address = 10.10.0.${1}/24
+DNS = 10.10.0.1
+PrivateKey = $(sudo cat /etc/wireguard/client_private.key)
+
+[Peer]
+PublicKey = $SERVER_KEY
+AllowedIPs = 0.0.0.0/0
+Endpoint = $SERVER_IP:51820
+PersistentKeepalive = 25" > wg0.conf
+
+sudo mv wg0.conf /etc/wireguard/
+sudo chown root:root /etc/wireguard/wg0.conf
+sudo chmod 600 /etc/wireguard/wg0.conf
+
+sudo systemctl enable wg-quick@wg0
+
+echo "On server run:
+
+sudo systemctl stop wg-quick@wg0
+
+Then append the following to /etc/wireguard/wg0.conf:
+
+[Peer]
+PublicKey = $(sudo cat /etc/wireguard/client_public.key)
+AllowedIPs = $WG_BLOCK.${1}/32
+
+Then start it again with
+
+sudo systemctl start wg-quick@wg0
+
+Then on this client, enable and start wireguard:
+
+sudo systemctl enable wg-quick@wg0
+sudo systemctl start wg-quick@wg0
+"