WireGuard VPN installer for Linux servers
Go to file
2024-03-16 16:50:27 +01:00
.github Update issue template 2023-01-21 23:19:13 +01:00
LICENSE Update LICENSE 2022-05-20 18:37:49 +02:00
README.md feat: Enable headless installation without interaction 2024-03-16 16:37:20 +01:00
wireguard-install.sh style: Adjust formatting to shfmt 2024-03-16 16:50:27 +01:00

WireGuard installer

Lint Say Thanks!

This project is a bash script that aims to setup a WireGuard VPN on a Linux server, as easily as possible!

WireGuard is a point-to-point VPN that can be used in different ways. Here, we mean a VPN as in: the client will forward all its traffic through an encrypted tunnel to the server. The server will apply NAT to the client's traffic so it will appear as if the client is browsing the web with the server's IP.

The script supports both IPv4 and IPv6. Please check the issues for ongoing development, bugs and planned features! You might also want to check the discussions for help.

WireGuard does not fit your environment? Check out openvpn-install.

Requirements

Supported distributions:

  • AlmaLinux >= 8
  • Arch Linux
  • CentOS Stream >= 8
  • Debian >= 10
  • Fedora >= 32
  • Oracle Linux
  • Rocky Linux >= 8
  • Ubuntu >= 18.04

Usage

Download and execute the script. Answer the questions asked by the script and it will take care of the rest.

curl -O https://raw.githubusercontent.com/angristan/wireguard-install/master/wireguard-install.sh
chmod +x wireguard-install.sh
./wireguard-install.sh

It will install WireGuard (kernel module and tools) on the server, configure it, create a systemd service and a client configuration file.

Run the script again to add or remove clients!

Headless installation

It's also possible to run the script headless, e.g. without waiting for user input, in an automated way.

Example usage:

APPROVE_INSTALL=y ./wireguard-install.sh

# or

export APPROVE_INSTALL=y
./wireguard-install.sh

This will set a default set of variables, bypassing any user input.

If you want to customise your installation, you can use variables, as shown below:

export APPROVE_INSTALL=y
export SERVER_PUB_IP="54.14.1.48"
export SERVER_PORT=64567
export CLIENT_NAME=client

If the server is behind NAT, you can specify its endpoint with the SERVER_PUB_IP variable. If the endpoint is the public IP address which it is behind, you can use SERVER_PUB_IP=$(curl -s https://api.ipify.org) (the script defaults to this). The endpoint can be an IP or a domain.

The headless installation involves adding a new user. Adding CLIENT_NAME=foo will change the name of the new user to foo instead of the default.

Other variables can be set as required on your choice (SERVER_NIC). You can find them in the installQuestions() function of the script.

Providers

I recommend these cheap cloud providers for your VPN server:

  • Vultr: Worldwide locations, IPv6 support, starting at $5/month
  • Hetzner: Germany, Finland and USA. IPv6, 20 TB of traffic, starting at 4.5€/month
  • Digital Ocean: Worldwide locations, IPv6 support, starting at $4/month

Contributing

Discuss changes

Please open an issue before submitting a PR if you want to discuss a change, especially if it's a big one.

Code formatting

We use shellcheck and shfmt to enforce bash styling guidelines and good practices. They are executed for each commit / PR with GitHub Actions, so you can check the configuration here.

Say thanks

You can say thanks if you want!

Credits & Licence

This project is under the MIT Licence

Star History

Star History Chart