před 6 roky · 7411d9a748
--- a/Wireguard/wg5clients.sh
+++ b/Wireguard/wg5clients.sh
@@ -12,15 +12,14 @@
 
				 #    一键安装wireguard 脚本 debian 9
			
 
				 #    wget -qO- git.io/fptwc | bash
			
 
				 
			
 
				-#   vultr 服务商的主机默认网卡是 ens3，脚本执行完成，还要替换网卡名
			
 
				-#   sed -i "s/eth0/ens3/g"  /etc/wireguard/wg0.conf
			
 
				-
			
 
				 #############################################################
			
 
				 
			
 
				 # 定义修改端口号，适合已经安装WireGuard而不想改端口
			
 
				 port=9009
			
 
				+mtu=1200
			
 
				+host=$(hostname -s)
			
 
				 
			
 
				-
			
 
				+ip_list=(2 8 18 88 188 118 158 198 168 186)
			
 
				 
			
 
				 # 获得服务器ip，自动获取
			
 
				 serverip=$(curl -4 icanhazip.com)
			
@@ -32,14 +31,9 @@ cd /etc/wireguard
 
				 
			
 
				 # 然后开始生成 密匙对(公匙+私匙)。
			
 
				 wg genkey | tee sprivatekey | wg pubkey > spublickey
			
 
				-wg genkey | tee cprivatekey1 | wg pubkey > cpublickey1
			
 
				-wg genkey | tee cprivatekey2 | wg pubkey > cpublickey2
			
 
				-wg genkey | tee cprivatekey3 | wg pubkey > cpublickey3
			
 
				-wg genkey | tee cprivatekey4 | wg pubkey > cpublickey4
			
 
				-wg genkey | tee cprivatekey5 | wg pubkey > cpublickey5
			
 
				-
			
 
				+wg genkey | tee cprivatekey | wg pubkey > cpublickey
			
 
				 
			
 
				-# 生成服务端 多用户配置文件
			
 
				+# 生成服务端配置文件
			
 
				 cat <<EOF >wg0.conf
			
 
				 [Interface]
			
 
				 PrivateKey = $(cat sprivatekey)
			
@@ -48,40 +42,24 @@ PostUp   = iptables -A FORWARD -i wg0 -j ACCEPT; iptables -A FORWARD -o wg0 -j A
 
				 PostDown = iptables -D FORWARD -i wg0 -j ACCEPT; iptables -D FORWARD -o wg0 -j ACCEPT; iptables -t nat -D POSTROUTING -o eth0 -j MASQUERADE
			
 
				 ListenPort = $port
			
 
				 DNS = 8.8.8.8
			
 
				-MTU = 1200
			
 
				+MTU = $mtu
			
 
				 
			
 
				 [Peer]
			
 
				-PublicKey = $(cat cpublickey1)
			
 
				+PublicKey = $(cat cpublickey)
			
 
				 AllowedIPs = 10.0.0.2/32
			
 
				 
			
 
				-[Peer]
			
 
				-PublicKey = $(cat cpublickey2)
			
 
				-AllowedIPs = 10.0.0.8/32
			
 
				-
			
 
				-[Peer]
			
 
				-PublicKey = $(cat cpublickey3)
			
 
				-AllowedIPs = 10.0.0.18/32
			
 
				-
			
 
				-[Peer]
			
 
				-PublicKey = $(cat cpublickey4)
			
 
				-AllowedIPs = 10.0.0.88/32
			
 
				-
			
 
				-[Peer]
			
 
				-PublicKey = $(cat cpublickey5)
			
 
				-AllowedIPs = 10.0.0.188/32
			
 
				-
			
 
				 EOF
			
 
				 
			
 
				 
			
 
				 # 生成简洁的客户端配置
			
 
				 cat <<EOF >client.conf
			
 
				 [Interface]
			
 
				-PrivateKey = $(cat cprivatekey1)
			
 
				+PrivateKey = $(cat cprivatekey)
			
 
				 Address = 10.0.0.2/24
			
 
				 DNS = 8.8.8.8
			
 
				-MTU = 1200
			
 
				-PreUp =  start   .\route\routes-up.bat
			
 
				-PostDown = start  .\route\routes-down.bat
			
 
				+MTU = $mtu
			
 
				+#  PreUp =  start   .\route\routes-up.bat
			
 
				+#  PostDown = start  .\route\routes-down.bat
			
 
				 
			
 
				 [Peer]
			
 
				 PublicKey = $(cat spublickey)
			
@@ -91,43 +69,30 @@ PersistentKeepalive = 25
 
				 
			
 
				 EOF
			
 
				 
			
 
				-cat <<EOF >client_2.conf
			
 
				-[Interface]
			
 
				-PrivateKey = $(cat cprivatekey2)
			
 
				-Address = 10.0.0.8/24
			
 
				-DNS = 8.8.8.8
			
 
				-MTU = 1200
			
 
				-
			
 
				-[Peer]
			
 
				-PublicKey = $(cat spublickey)
			
 
				-Endpoint = $serverip:$port
			
 
				-AllowedIPs = 0.0.0.0/0, ::0/0
			
 
				-PersistentKeepalive = 25
			
 
				+# 安装二维码插件
			
 
				+apt -y install qrencode
			
 
				 
			
 
				-EOF
			
 
				 
			
 
				-cat <<EOF >client_3.conf
			
 
				-[Interface]
			
 
				-PrivateKey = $(cat cprivatekey3)
			
 
				-Address = 10.0.0.18/24
			
 
				-DNS = 8.8.8.8
			
 
				-MTU = 1200
			
 
				+# 添加 1-9 多用户配置子程序
			
 
				+for i in {1..9}
			
 
				+do
			
 
				+    ip=10.0.0.${ip_list[$i]}
			
 
				+    wg genkey | tee cprivatekey | wg pubkey > cpublickey
			
 
				+    
			
 
				+    cat <<EOF >>wg0.conf
			
 
				 
			
 
				 [Peer]
			
 
				-PublicKey = $(cat spublickey)
			
 
				-Endpoint = $serverip:$port
			
 
				-AllowedIPs = 0.0.0.0/0, ::0/0
			
 
				-PersistentKeepalive = 25
			
 
				+PublicKey = $(cat cpublickey)
			
 
				+AllowedIPs = $ip/32
			
 
				 
			
 
				 EOF
			
 
				 
			
 
				-
			
 
				-cat <<EOF >client_4.conf
			
 
				+    cat <<EOF >wg_$host_$i.conf
			
 
				 [Interface]
			
 
				-PrivateKey = $(cat cprivatekey4)
			
 
				-Address = 10.0.0.88/24
			
 
				+PrivateKey = $(cat cprivatekey)
			
 
				+Address = $ip/24
			
 
				 DNS = 8.8.8.8
			
 
				-MTU = 1200
			
 
				+MTU = $mtu
			
 
				 
			
 
				 [Peer]
			
 
				 PublicKey = $(cat spublickey)
			
@@ -137,36 +102,17 @@ PersistentKeepalive = 25
 
				 
			
 
				 EOF
			
 
				 
			
 
				+    cat /etc/wireguard/wg_$host_$i.conf | qrencode -o wg_$host_$i.png
			
 
				 
			
 
				-cat <<EOF >client_5.conf
			
 
				-[Interface]
			
 
				-PrivateKey = $(cat cprivatekey5)
			
 
				-Address = 10.0.0.188/24
			
 
				-DNS = 8.8.8.8
			
 
				-MTU = 1200
			
 
				+done
			
 
				 
			
 
				-[Peer]
			
 
				-PublicKey = $(cat spublickey)
			
 
				-Endpoint = $serverip:$port
			
 
				-AllowedIPs = 0.0.0.0/0, ::0/0
			
 
				-PersistentKeepalive = 25
			
 
				-
			
 
				-EOF
			
 
				-
			
 
				-# 安装二维码插件
			
 
				-apt -y install qrencode
			
 
				-cat /etc/wireguard/client.conf | qrencode -o client.png
			
 
				-cat /etc/wireguard/client_2.conf | qrencode -o client_2.png
			
 
				-cat /etc/wireguard/client_3.conf | qrencode -o client_3.png
			
 
				-cat /etc/wireguard/client_4.conf | qrencode -o client_4.png
			
 
				-cat /etc/wireguard/client_5.conf | qrencode -o client_5.png
			
 
				 
			
 
				 #  vultr 服务商的主机默认网卡是 ens3，使用下面命令修改配置
			
 
				-host=$(hostname -s)
			
 
				 if [ $host == "vultr" ]; then
			
 
				     sed -i "s/eth0/ens3/g"  /etc/wireguard/wg0.conf
			
 
				 fi
			
 
				 
			
 
				+
			
 
				 # 重启wg服务器
			
 
				 wg-quick down wg0
			
 
				 wg-quick up wg0
			
@@ -174,13 +120,26 @@ wg
 
				 
			
 
				 
			
 
				 cat <<EOF >wg5
			
 
				-# 打包5个客户端配置，手机扫描二维码2号配置，PC使用1号配置
			
 
				+# 打包10个客户端配置，手机扫描二维码2号配置，PC使用1号配置
			
 
				+
			
 
				+next() {
			
 
				+    printf "# %-70s\n" "-" | sed 's/\s/-/g'
			
 
				+}
			
 
				+
			
 
				+host=$(hostname -s)
			
 
				+
			
 
				 cd  /etc/wireguard/
			
 
				-tar cvf  wg5clients.tar client*
			
 
				-cat /etc/wireguard/client_2.conf | qrencode -o - -t ansi256
			
 
				-echo "# 手机扫描二维码2号配置，PC使用1号配置请复制下面文本"
			
 
				-cat /etc/wireguard/client.conf
			
 
				-echo "#  你有2种方式获得5个配置，可以使用下面2种命令行，再次显示本文本使用 bash wg5"
			
 
				+tar cvf  wg5clients.tar  client*  wg_$host*
			
 
				+cat /etc/wireguard/wg_$host_1.conf | qrencode -o - -t ansi256
			
 
				+echo "# 手机扫描二维码2号配置，PC使用配置复制下面文本"
			
 
				+
			
 
				+cat /etc/wireguard/client.conf       && next
			
 
				+cat /etc/wireguard/wg_$host_1.conf   && next
			
 
				+cat /etc/wireguard/wg_$host_2.conf   && next
			
 
				+cat /etc/wireguard/wg_$host_3.conf   && next
			
 
				+cat /etc/wireguard/wg_$host_4.conf   && next
			
 
				+
			
 
				+echo "#  有2种方式获得其他的配置，可以使用下面2种命令行，再次显示本文本使用 bash wg5"
			
 
				 echo "#  scp [email protected]:/etc/wireguard/wg5clients.tar   wg5clients.tar"
			
 
				 echo "#  curl --upload-file ./wg5clients.tar  https://transfer.sh/wg5clients.tar"