#!/bin/bash # WireGuard VPN多用户服务端 自动配置脚本 # 本脚本(WireGuard 多用户配置)一键安装短网址 # wget -qO- https://git.io/fpnQt | bash ############################################################# help_info() { cat < spublickey wg genkey | tee cprivatekey | wg pubkey > cpublickey # 生成服务端配置文件 cat <wg0.conf [Interface] PrivateKey = $(cat sprivatekey) Address = 10.0.0.1/24 PostUp = iptables -A FORWARD -i wg0 -j ACCEPT; iptables -A FORWARD -o wg0 -j ACCEPT; iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE PostDown = iptables -D FORWARD -i wg0 -j ACCEPT; iptables -D FORWARD -o wg0 -j ACCEPT; iptables -t nat -D POSTROUTING -o eth0 -j MASQUERADE ListenPort = $port DNS = 8.8.8.8 MTU = $mtu [Peer] PublicKey = $(cat cpublickey) AllowedIPs = 10.0.0.218/32 EOF # 生成简洁的客户端配置 cat <client.conf [Interface] PrivateKey = $(cat cprivatekey) Address = 10.0.0.218/24 DNS = 8.8.8.8 # MTU = $mtu # PreUp = start .\route\routes-up.bat # PostDown = start .\route\routes-down.bat [Peer] PublicKey = $(cat spublickey) Endpoint = $serverip:$port AllowedIPs = 0.0.0.0/0, ::0/0 PersistentKeepalive = 25 EOF # 添加 2-9 号多用户配置 for i in {2..9} do ip=10.0.0.${ip_list[$i]} wg genkey | tee cprivatekey | wg pubkey > cpublickey cat <>wg0.conf [Peer] PublicKey = $(cat cpublickey) AllowedIPs = $ip/32 EOF cat <wg_${host}_$i.conf [Interface] PrivateKey = $(cat cprivatekey) Address = $ip/24 DNS = 8.8.8.8 [Peer] PublicKey = $(cat spublickey) Endpoint = $serverip:$port AllowedIPs = 0.0.0.0/0, ::0/0 PersistentKeepalive = 25 EOF cat /etc/wireguard/wg_${host}_$i.conf| qrencode -o wg_${host}_$i.png done # vps网卡如果不是eth0,修改成实际网卡 ni=$(ls /sys/class/net | awk {print} | grep -e eth. -e ens. -e venet.) if [ $ni != "eth0" ]; then sed -i "s/eth0/${ni}/g" /etc/wireguard/wg0.conf fi # 重启wg服务器 wg-quick down wg0 wg-quick up wg0 wg conf_url=http://${serverip}:8000 cat < ~/wg5 # 打包客户端配置,开启临时WEB服务下载 next() { printf "# %-70s\n" "-" | sed 's/\s/-/g' } host=$(hostname -s) cd /etc/wireguard/ tar cvf wg5clients.tar client* wg* echo -e "${GreenBG}# Windows 客户端配置,请复制配置文本 ${Font}" cat /etc/wireguard/client.conf && next cat /etc/wireguard/wg_${host}_2.conf && next cat /etc/wireguard/wg_${host}_3.conf && next cat /etc/wireguard/wg_${host}_4.conf && next echo -e "${RedBG} 一键安装 WireGuard 脚本 For Debian_9 Ubuntu Centos_7 ${Font}" echo -e "${GreenBG} 开源项目:https://github.com/hongwenjun/vps_setup ${Font}" echo echo -e "# ${Info} 新手使用${GreenBG} bash wg5 ${Font} 命令,使用临时网页下载配置和手机客户端二维码配置" echo -e "# ${Info} 大佬使用${GreenBG} bash wgmtu ${Font} 命令,服务端高级配置; (至少能vim wgmtu会看脚本爱折腾玩家)" # echo -e "# ${Info} 请网页打开 ${GreenBG}${conf_url}${Font} 下载配置文件 wg5clients.tar ,${RedBG}注意: 完成后请重启VPS.${Font}" # echo -e "# scp root@10.0.0.1:/etc/wireguard/wg5clients.tar wg5clients.tar" # python -m SimpleHTTPServer 8000 & echo "" # echo -e "# ${Info} 访问 ${GreenBG}${conf_url}${Font} 点PNG二维码, ${RedBG}手机扫描二维码后请立即重启VPS。${Font}" EOF # 显示服务器配置信息 bash ~/wg5 # 用户选择下载配置和修改mtu sed -i "s/# python -m/python -m/g" ~/wg5 sed -i "s/# echo -e/echo -e/g" ~/wg5