ebc32cae86
Installer now expects Debian 12 and requires base-stack repo installed first New systemd files New wg-client-zip-email.sh script Moved bash scripts into sbin dir Install & configure firewalld instead of ufw wg.sh now has configurable options - DNS nameserver settings - endpoint (FQDN or IP) - AllowedIPs (defaults to 0.0.0.0/0) Change the client network from 10.96.0.0/12 (1,048,574 max clients / IPs) to 10.96.0.0/16 (65,025 max clients / IPs)
39 lines
1.1 KiB
Bash
Executable File
39 lines
1.1 KiB
Bash
Executable File
#!/bin/bash
|
|
#
|
|
# vpn-stack
|
|
# A set of bash scripts for installing and managing a WireGuard VPN server.
|
|
# https://git.stack-source.com/msb/vpn-stack
|
|
# Copyright (c) 2022 Matthew Saunders Brown <matthewsaundersbrown@gmail.com>
|
|
# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
|
|
#
|
|
# wg-cron.sh
|
|
# check for peers (clients) with connections older that two minutes
|
|
# remove them then add them back to wireguard
|
|
# this removes the endpoint (last connected IP) and transfer stats
|
|
|
|
# load include file
|
|
source $(dirname $0)/wg.sh
|
|
|
|
# get peer of clients with "minutes" in their last handshake
|
|
clients=($(wg|grep -B 4 minutes|grep peer|cut -d ' ' -f 2))
|
|
|
|
# get number of peers found above
|
|
clientCount=${#clients[@]}
|
|
|
|
# if any peers found cycle through them
|
|
if [ $clientCount -gt 0 ]; then
|
|
|
|
for (( i=0; i<${clientCount}; i++ ));
|
|
do
|
|
# remove peer from wireguard
|
|
wg set wg0 peer ${clients[$i]} remove
|
|
config=$(grep -l "PublicKey = ${clients[$i]}" /etc/wireguard/peers/*.conf)
|
|
# add peer back to wireguard
|
|
wg addconf wg0 $config
|
|
done
|
|
|
|
# save to config so that changes survive wireguard restart
|
|
wg-quick save wg0
|
|
|
|
fi
|