Giter Club home page Giter Club logo

wg-adduser's Introduction

Wireguard account creation script

Now that everyone is doing home office, a no nonesense VPN system is super helpful. Wireguard fits the bill perfectly for many of our customers.

To simplify account creation I have created a little perlscript. Here some instructions to get everything going on an ubuntu system

Setup Wireguard

  1. install the wireguard module
$ sudo add-apt-repository ppa:wireguard/wireguard
$ sudo apt update
$ sudo apt install wireguard qrencode perl curl mutt firehol
  1. setup a configuration file for your wireguard interface wg0
# cd /etc/wireguard
# chmod 700 .
# wget https://github.com/oetiker/wg-adduser/archive/master.zip
# unzip master.zip
# mv wg-adduser/* .
# rmdir wg-adduser
# cat <<CONFIG_END
[Interface]
# the address of your new VPN subnet
Address = 10.x.y.0/24
# this is the 'standard' wireguard port
ListenPort = 51819
# create a private key running `wg genkey`
PrivateKey = xxxx
CONFIG_END

  1. edit the wg-adduser.conf to match your requirements

  2. make wireguard start automatically

$ sudo systemctl enable [email protected] 
$ sudo systemctl start [email protected]
  1. make the firewall work

enable firehol in /etc/default/firehol

# To enable firehol at startup set START_FIREHOL=YES (init script variable)
START_FIREHOL=YES
# If you want to have firehol wait for an iface to be up add it here
WAIT_FOR_IFACE="wg0"

configure firehol in /etc/firehol/firehol.conf

LOCALIF=eno1
VPNNET=10.x.y.0/24
LOCALNET=192.168.42.0/24
GWIP=192.168.42.2

version 6

### nat all trafic not going to our local network since our
### router would not route the vpn trafic to the outside world
### otherwhise
ipv4 snat to $GWIP outface $LOCALIF src $VPNNET dst not $LOCALNET

### Accept all client traffic on any interface
interface wg0 wg-if
        policy accept

interface $LOCALIF ${LOCALIF}-if
        policy accept

router4 wg2lan inface wg0 outface eno1
        policy accept

obviously your firewall requirements may be more complex, so be sure to read up on www.firehol.org

  1. start the firewall
# firehol try

Create VPN Accounts

This command creates an account and sends an invitation email. Make sure email works on the system.

# cd /etc/wireguard
# ./wg-adduser.pl some@email-adderss "comment"

wg-adduser's People

Contributors

oetiker avatar

Stargazers

avatar avatar avatar avatar

Watchers

avatar avatar avatar avatar avatar

Forkers

strategist922

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.