msb/vpn-stack
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
ebc32cae86
vpn-stack/README.md
Matthew Saunders Brown ebc32cae86 Switch from Ubuntu to Debian compatibility with signifant reworking of code and installer. 
Installer now expects Debian 12 and requires base-stack repo installed first
New systemd files
New wg-client-zip-email.sh script
Moved bash scripts into sbin dir
Install & configure firewalld instead of ufw
wg.sh now has configurable options
- DNS nameserver settings
- endpoint (FQDN or IP)
- AllowedIPs (defaults to 0.0.0.0/0)
Change the client network from 10.96.0.0/12 (1,048,574 max clients / IPs) to 10.96.0.0/16 (65,025 max clients / IPs)
2024-07-24 14:00:18 -07:00

1.3 KiB
Raw Blame History

vpn-stack

A set of bash scripts for installing and managing a WireGuard VPN server.

Requirements

A minimal Debian 12 server install with no extra services or packages installed. It is recommended to first install base-stack which will configure a basic server set up including firewald & fail2ban to secure the server: https://git.stack-source.com/msb/base-stack

Install

cd /usr/local/src/
git clone https://git.stack-source.com/msb/vpn-stack.git
cd vpn-stack
bash install.sh

Configure Clients

Download and install client software from wireguard.com.

Add a client configuration to the server, display a qr code that can be scanned by a client, and email a zipped copy of the config.

wg-client-add.sh -c <client>
wg-client-qr-display.sh -c <client>
wg-client-zip-email.sh -c <client> -e <email>

For example, to add a client config for a user named joe, display the qr code on the console screen, and then email a zipped copy of the config run:

wg-client-add.sh -c joe
wg-client-qr-display.sh -c joe
wg-client-zip-email.sh -c joe -e joe@example.com

License

Copyright (c) 2024 Matthew Saunders Brown matthewsaundersbrown@gmail.com
GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)