vpn-stack/README.md
Matthew Saunders Brown ebc32cae86 Switch from Ubuntu to Debian compatibility with signifant reworking of code and installer.
Installer now expects Debian 12 and requires base-stack repo installed first
New systemd files
New wg-client-zip-email.sh script
Moved bash scripts into sbin dir
Install & configure firewalld instead of ufw
wg.sh now has configurable options
- DNS nameserver settings
- endpoint (FQDN or IP)
- AllowedIPs (defaults to 0.0.0.0/0)
Change the client network from 10.96.0.0/12 (1,048,574 max clients / IPs) to 10.96.0.0/16 (65,025 max clients / IPs)
2024-07-24 14:00:18 -07:00

42 lines
1.3 KiB
Markdown

# vpn-stack
A set of bash scripts for installing and managing a WireGuard VPN server.
## Requirements
A minimal Debian 12 server install with no extra services or packages installed.
It is recommended to first install base-stack which will configure a basic server set up including firewald & fail2ban to secure the server:
https://git.stack-source.com/msb/base-stack
## Install
```bash
cd /usr/local/src/
git clone https://git.stack-source.com/msb/vpn-stack.git
cd vpn-stack
bash install.sh
```
## Configure Clients
Download and install client software from [wireguard.com](https://www.wireguard.com/install/).
Add a client configuration to the server, display a qr code that can be scanned by a client, and email a zipped copy of the config.
```bash
wg-client-add.sh -c <client>
wg-client-qr-display.sh -c <client>
wg-client-zip-email.sh -c <client> -e <email>
```
For example, to add a client config for a user named joe, display the qr code on the console screen, and then email a zipped copy of the config run:
```bash
wg-client-add.sh -c joe
wg-client-qr-display.sh -c joe
wg-client-zip-email.sh -c joe -e joe@example.com
```
## License
Copyright (c) 2024 Matthew Saunders Brown <matthewsaundersbrown@gmail.com>\
GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)