WireGuard Manager ๐
๐คท What is VPN ?
A Virtual Private Network (VPN) allows users to send and receive data through shared or public networks as if their computing devices were directly connected to the private network. Thus, applications running on an end-system (PC, smartphone, etc.) over a VPN may benefit from individual network features, protection, and management. Encryption is a standard aspect of a VPN connection but not an intrinsic one.
๐ถ What is WireGuardโ
WireGuard is a straightforward yet fast and modern VPN that utilizes state-of-the-art cryptography. It aims to be faster, simpler, leaner, and more useful than IPsec while avoiding the massive headache. It intends to be considerably more performant than OpenVPN. WireGuard is designed as a general-purpose VPN for running on embedded interfaces and super computers alike, fit for many different circumstances. Initially released for the Linux kernel, it is now cross-platform (Windows, macOS, BSD, iOS, Android) and widely deployable. It is currently under a massive development, but it already might be regarded as the most secure, most comfortable to use, and the simplest VPN solution in the industry.
โณ Goals
- robust and modern security by default
- minimal config and critical management
- fast, both low-latency and high-bandwidth
- simple internals and small protocol surface area
- simple CLI and seamless integration with system networking
๐ฒ Prerequisite
- CentOS, Debian, Ubuntu, Arch, Fedora, Redhat, Raspbian
- Linux
Kernel 3.1or newer - You will need superuser access or a user account with
sudoprivilege.
๐ฒ Installation
Lets first use curl and save the file in /etc/wireguard/
curl https://raw.githubusercontent.com/complexorganizations/wireguard-manager/master/wireguard-server.sh --create-dirs -o /etc/wireguard/wireguard-server.sh
Then let's make the script user executable (Optional)
chmod +x /etc/wireguard/wireguard-server.sh
It's finally time to execute the script
bash /etc/wireguard/wireguard-server.sh
In your /etc/wireguard/clients directory, you will have .conf files. These are the client configuration files. Download them from your WireGuard Interface and connect using your favorite WireGuard Peer.
๐ฃ After Installation
- Show WireGuard Interface
- Start WireGuard Interface
- Stop WireGuard Interface
- Restart WireGuard Interface
- Add WireGuard Peer
- Remove WireGuard Peer
- Uninstall WireGuard Interface
- Update this script
๐ Usage
usage: ./wireguard-server.sh [options]
--install Install WireGuard Interface
--start Start WireGuard Interface
--stop Stop WireGuard Interface
--restart Restart WireGuard Interface
--list Show WireGuard Peers
--add Add WireGuard Peer
--remove Remove WireGuard Peer
--reinstall Reinstall WireGuard Interface
--uninstall Uninstall WireGuard Interface
--update Update WireGuard Script
--help Show Usage Guide
๐ฅฐ Features
- Installs and configures a ready-to-use WireGuard Interface
- (IPv4|IPv6) Supported, (IPv4|IPv6) Leak Protection
- Iptables rules and forwarding managed in a seamless way
- If needed, the script can cleanly remove WireGuard, including configuration and iptables rules
- Variety of DNS resolvers to be pushed to the clients
- The choice to use a self-hosted resolver with Unbound.
- Preshared-key for an extra layer of security.
- Block DNS leaks
- Dynamic DNS supported
- Many other little things!
๐ก Options
PRIVATE_SUBNET_V4- private IPv4 subnet configuration10.8.0.0/24by defaultPRIVATE_SUBNET_V6- private IPv6 subnet configurationfd42:42:42::0/64by defaultSERVER_HOST_V4- public IPv4 address, detected by default usingcurlSERVER_HOST_V6- public IPv6 address, detected by default usingcurlSERVER_PUB_NIC- public nig address, detected by defaultSERVER_PORT- public port for wireguard server, default is51820DISABLE_HOST- Disable or enable ipv4 and ipv6, default disabledCLIENT_ALLOWED_IP- private or public IP range allowed in the tunnelNAT_CHOICE- Keep sending packets to keep the tunnel alive25INSTALL_UNBOUND- Install unbound settingsy/nDNS_CHOICE- Without Unbound you have to use a public dns like8.8.8.8CLIENT_NAME- name of the clientMTU_CHOICE- the MTU the client will use to connect to DNS1420
๐ ๐ Compatibility with Linux Distro
| OS | Supported | i386 | amd64 | armhf | arm64 |
|---|---|---|---|---|---|
| Ubuntu 14 โค | |||||
| Ubuntu 16 | |||||
| Ubuntu 18 | |||||
| Ubuntu 19 โฅ | |||||
| Debian 7 โค | |||||
| Debian 8 | |||||
| Debian 9 | |||||
| Debian 10 โฅ | |||||
| CentOS 6 โค | |||||
| CentOS 7 | |||||
| CentOS 8 โฅ | |||||
| Fedora 29 โค | |||||
| Fedora 30 | |||||
| Fedora 31 | |||||
| Fedora 32 โฅ | |||||
| RedHat 6 โค | |||||
| RedHat 7 | |||||
| RedHat 8 โฅ | |||||
| Arch | |||||
| Raspbian |
โ๏ธ Compatibility with Cloud Providers
| Cloud | Supported |
|---|---|
| AWS | |
| Google Cloud | |
| Linode | |
| Digital Ocean | |
| Vultr | |
| Microsoft Azure | |
| OpenStack | |
| Rackspace | |
| Scaleway | |
| EuroVPS | |
| Hetzner Cloud | |
| Strato |
๐ก๏ธ Compatibility with Virtualization
| Virtualization | Supported |
|---|---|
| KVM | |
| LXC | |
| OpenVZ | |
| Docker |
๐ป Compatibility with Linux Kernel
| Kernel | Supported |
|---|---|
| Kernel 5.4 โฅ | |
| Kernel 4.19 | |
| Kernel 4.14 | |
| Kernel 4.9 | |
| Kernel 4.4 | |
| Kernel 3.16 | |
| Kernel 3.1 โค |
๐ Q&A
Which hosting provider do you recommend?
- Google Cloud: Worldwide locations, starting at $10/month
- Vultr: Worldwide locations, IPv6 support, starting at $3.50/month
- Digital Ocean: Worldwide locations, IPv6 support, starting at $5/month
- Linode: Worldwide locations, IPv6 support, starting at $5/month
Which WireGuard client do you recommend?
Is there WireGuard documentation?
- Yes, please head to the WireGuard Manual, which references all the options.
How do I install a wireguard without the questions? (Headless Install) Server Only
HEADLESS_INSTALL=y /etc/wireguard/wireguard-server.sh
Official Links
- Homepage: https://www.wireguard.com
- Install: https://www.wireguard.com/install/
- QuickStart: https://www.wireguard.com/quickstart/
- Compiling: https://www.wireguard.com/compilation/
- Whitepaper: https://www.wireguard.com/papers/wireguard.pdf
๐ Architecture
๐ค Developing
Using a browser based development environment:
๐ Debugging
git clone https://github.com/complexorganizations/wireguard-manager /etc/wireguard/
bash -x /etc/wireguard/wireguard-(server|client).sh >> /etc/wireguard/wireguard-(server|client).log
๐ค Author
- Name: Prajwal Koirala
- Website: https://www.prajwalkoirala.com
- Github: @prajwal-koirala
- LinkedIn: @prajwal-koirala
- Twitter: @Prajwal_K23
- Reddit: @prajwalkoirala23
- Twitch: @prajwalkoirala23
โ๏ธ Support
Give a
- BCH :
qzq9ae4jlewtz7v7mn4tv7kav3dc9rvjwsg5f36099 - BSV : ``
- BTC :
3QgnfTBaW4gn4y8QPEdXNJY6Y74nBwRXfR - DAI :
0x8DAd9f838d5F2Ab6B14795d47dD1Fa4ED7D1AcaB - ETC :
0xd42D20D7E1fC0adb98B67d36691754E3F944478A - ETH :
0xe000C5094398dd83A3ef8228613CF4aD134eB0EA - LTC :
MVwkmnnaLDq7UccDeudcpQYwFnnDwDxxmq - XRP :
rw2ciyaNshpHe7bCHo4bRWq6pqqynnWKQg (1790476900)
โค๏ธ Credits
๐ License
Copyright ยฉ 2020 Prajwal
This project is MIT licensed.
React
Typescript
Django
Laravel
Facebook
Microsoft
Google
Alibaba
D3
Tencent