wg5clients.sh 4.3 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183
  1. #!/bin/bash
  2. # WireGuard VPN多用户服务端 自动配置脚本
  3. # 本脚本(WireGuard 多用户配置)一键安装短网址
  4. # wget -qO- https://git.io/fpnQt | bash
  5. # 本脚本适合已经安装 WireGuard VPN 的vps
  6. # 如果你的vps没有安装 WireGuard ,可以用下行命令先安装
  7. # 一键安装wireguard 脚本 debian 9
  8. # wget -qO- git.io/fptwc | bash
  9. # vultr 服务商的主机默认网卡是 ens3,脚本执行完成,还要替换网卡名
  10. # sed -i "s/eth0/ens3/g" /etc/wireguard/wg0.conf
  11. #############################################################
  12. # 定义修改端口号,适合已经安装WireGuard而不想改端口
  13. port=9009
  14. # 获得服务器ip,自动获取
  15. serverip=$(curl -4 icanhazip.com)
  16. #############################################################
  17. # 转到wg配置文件目录
  18. cd /etc/wireguard
  19. # 然后开始生成 密匙对(公匙+私匙)。
  20. wg genkey | tee sprivatekey | wg pubkey > spublickey
  21. wg genkey | tee cprivatekey1 | wg pubkey > cpublickey1
  22. wg genkey | tee cprivatekey2 | wg pubkey > cpublickey2
  23. wg genkey | tee cprivatekey3 | wg pubkey > cpublickey3
  24. wg genkey | tee cprivatekey4 | wg pubkey > cpublickey4
  25. wg genkey | tee cprivatekey5 | wg pubkey > cpublickey5
  26. # 生成服务端 多用户配置文件
  27. cat <<EOF >wg0.conf
  28. [Interface]
  29. PrivateKey = $(cat sprivatekey)
  30. Address = 10.0.0.1/24
  31. PostUp = iptables -A FORWARD -i wg0 -j ACCEPT; iptables -A FORWARD -o wg0 -j ACCEPT; iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
  32. PostDown = iptables -D FORWARD -i wg0 -j ACCEPT; iptables -D FORWARD -o wg0 -j ACCEPT; iptables -t nat -D POSTROUTING -o eth0 -j MASQUERADE
  33. ListenPort = $port
  34. DNS = 8.8.8.8
  35. MTU = 1200
  36. [Peer]
  37. PublicKey = $(cat cpublickey1)
  38. AllowedIPs = 10.0.0.2/32
  39. [Peer]
  40. PublicKey = $(cat cpublickey2)
  41. AllowedIPs = 10.0.0.8/32
  42. [Peer]
  43. PublicKey = $(cat cpublickey3)
  44. AllowedIPs = 10.0.0.18/32
  45. [Peer]
  46. PublicKey = $(cat cpublickey4)
  47. AllowedIPs = 10.0.0.88/32
  48. [Peer]
  49. PublicKey = $(cat cpublickey5)
  50. AllowedIPs = 10.0.0.188/32
  51. EOF
  52. # 生成简洁的客户端配置
  53. cat <<EOF >client.conf
  54. [Interface]
  55. PrivateKey = $(cat cprivatekey1)
  56. Address = 10.0.0.2/24
  57. DNS = 8.8.8.8
  58. MTU = 1200
  59. PreUp = start .\route\routes-up.bat
  60. PostDown = start .\route\routes-down.bat
  61. [Peer]
  62. PublicKey = $(cat spublickey)
  63. Endpoint = $serverip:$port
  64. AllowedIPs = 0.0.0.0/0, ::0/0
  65. PersistentKeepalive = 25
  66. EOF
  67. cat <<EOF >client_2.conf
  68. [Interface]
  69. PrivateKey = $(cat cprivatekey2)
  70. Address = 10.0.0.8/24
  71. DNS = 8.8.8.8
  72. MTU = 1200
  73. [Peer]
  74. PublicKey = $(cat spublickey)
  75. Endpoint = $serverip:$port
  76. AllowedIPs = 0.0.0.0/0, ::0/0
  77. PersistentKeepalive = 25
  78. EOF
  79. cat <<EOF >client_3.conf
  80. [Interface]
  81. PrivateKey = $(cat cprivatekey3)
  82. Address = 10.0.0.18/24
  83. DNS = 8.8.8.8
  84. MTU = 1200
  85. [Peer]
  86. PublicKey = $(cat spublickey)
  87. Endpoint = $serverip:$port
  88. AllowedIPs = 0.0.0.0/0, ::0/0
  89. PersistentKeepalive = 25
  90. EOF
  91. cat <<EOF >client_4.conf
  92. [Interface]
  93. PrivateKey = $(cat cprivatekey4)
  94. Address = 10.0.0.88/24
  95. DNS = 8.8.8.8
  96. MTU = 1200
  97. [Peer]
  98. PublicKey = $(cat spublickey)
  99. Endpoint = $serverip:$port
  100. AllowedIPs = 0.0.0.0/0, ::0/0
  101. PersistentKeepalive = 25
  102. EOF
  103. cat <<EOF >client_5.conf
  104. [Interface]
  105. PrivateKey = $(cat cprivatekey5)
  106. Address = 10.0.0.188/24
  107. DNS = 8.8.8.8
  108. MTU = 1200
  109. [Peer]
  110. PublicKey = $(cat spublickey)
  111. Endpoint = $serverip:$port
  112. AllowedIPs = 0.0.0.0/0, ::0/0
  113. PersistentKeepalive = 25
  114. EOF
  115. # 安装二维码插件
  116. apt -y install qrencode
  117. cat /etc/wireguard/client.conf | qrencode -o client.png
  118. cat /etc/wireguard/client_2.conf | qrencode -o client_2.png
  119. cat /etc/wireguard/client_3.conf | qrencode -o client_3.png
  120. cat /etc/wireguard/client_4.conf | qrencode -o client_4.png
  121. cat /etc/wireguard/client_5.conf | qrencode -o client_5.png
  122. # 重启wg服务器
  123. wg-quick down wg0
  124. wg-quick up wg0
  125. wg
  126. cat <<EOF >wg5
  127. # 打包5个客户端配置,手机扫描二维码2号配置,PC使用1号配置
  128. cd /etc/wireguard/
  129. tar cvf wg5clients.tar client*
  130. cat /etc/wireguard/client_2.conf | qrencode -o - -t ansi256
  131. echo "# 手机扫描二维码2号配置,PC使用1号配置请复制下面文本"
  132. cat /etc/wireguard/client.conf
  133. echo "# 你有2种方式获得5个配置,可以使用下面2种命令行,再次显示本文本使用 bash wg5"
  134. echo "# scp [email protected]:/etc/wireguard/wg5clients.tar wg5clients.tar"
  135. echo "# curl --upload-file ./wg5clients.tar https://transfer.sh/wg5clients.tar"
  136. EOF
  137. cp wg5 ~/wg5
  138. bash wg5