- Notifications
You must be signed in to change notification settings - Fork310
WireGuard VPN server installer for Ubuntu, Debian, AlmaLinux, Rocky Linux, CentOS, Fedora, openSUSE and Raspberry Pi OS
License
hwdsl2/wireguard-install
Folders and files
| Name | Name | Last commit message | Last commit date | |
|---|---|---|---|---|
Repository files navigation
WireGuard VPN server installer for Ubuntu, Debian, AlmaLinux, Rocky Linux, CentOS, Fedora, openSUSE and Raspberry Pi OS.
This script will let you set up your own VPN server in just a few minutes, even if you haven't used WireGuard before.WireGuard is a fast and modern VPN designed with the goals of ease of use and high performance.
See also:OpenVPN andIPsec VPN server auto setup scripts.
» 📖 Book: Build Your Own VPN Server [English |中文 |Español |Deutsch |Français |Italiano |NL |PT |日本語]
- Fully automated WireGuard VPN server setup, no user input needed
- Supports interactive install using custom options
- Generates VPN profiles to auto-configure Windows, macOS, iOS and Android devices
- Supports managing WireGuard VPN users
- Optimizes
sysctlsettings for improved VPN performance
First, download the script on your Linux server*:
wget -O wireguard.sh https://get.vpnsetup.net/wg
* A cloud server, virtual private server (VPS) or dedicated server.
Option 1: Auto install WireGuard using default options.
sudo bash wireguard.sh --auto
See the script in action (terminal recording).
Note: This recording is for demo purposes only.
For servers with an external firewall (e.g.EC2/GCE), open UDP port 51820 for the VPN.
Option 2: Interactive install using custom options.
sudo bash wireguard.sh
You can customize the following options: VPN server's DNS name, UDP port, DNS server for VPN clients and name of the first client.
For servers with an external firewall, open your selected UDP port for the VPN.
Click here if you are unable to download.
You may also usecurl to download:
curl -fL -o wireguard.sh https://get.vpnsetup.net/wg
Then follow the instructions above to install.
Alternative setup URLs:
https://github.com/hwdsl2/wireguard-install/raw/master/wireguard-install.shhttps://gitlab.com/hwdsl2/wireguard-install/-/raw/master/wireguard-install.sh
If you are unable to download, openwireguard-install.sh, then click theRaw button on the right. PressCtrl/Cmd+A to select all,Ctrl/Cmd+C to copy, then paste into your favorite editor.
Advanced: Auto install using custom options.
Advanced users can auto install WireGuard using custom options, by specifying command-line options when running the script. For more details, see the next section "view usage information for the WireGuard script".
Alternatively, you may provide a Bash "here document" as input to the setup script. This method can also be used to provide input to manage users after install.
First, install WireGuard interactively using custom options, and write down all your inputs to the script.
sudo bash wireguard.sh
If you need to remove WireGuard, run the script again and select the appropriate option.
Next, create the custom install command using your inputs. Example:
sudo bash wireguard.sh<<ANSWERSn51820client2yANSWERS
Note: The install options may change in future versions of the script.
View usage information for the WireGuard script.
Usage: bash wireguard.sh [options]Options: --addclient [client name] add a new client --dns1 [DNS server IP] primary DNS server for new client (optional, default: Google Public DNS) --dns2 [DNS server IP] secondary DNS server for new client (optional) --listclients list the names of existing clients --removeclient [client name] remove an existing client --showclientqr [client name] show QR code for an existing client --uninstall remove WireGuard and delete all configuration -y, --yes assume "yes" as answer to prompts when removing a client or removing WireGuard -h, --help show this help message and exitInstall options (optional): --auto auto install WireGuard using default or custom options --serveraddr [DNS name or IP] server address, must be a fully qualified domain name (FQDN) or an IPv4 address --port [number] port for WireGuard (1-65535, default: 51820) --clientname [client name] name for the first WireGuard client (default: client) --dns1 [DNS server IP] primary DNS server for first client (default: Google Public DNS) --dns2 [DNS server IP] secondary DNS server for first clientTo customize options, you may also run this script without arguments.After setup, you can run the script again to manage users or uninstall WireGuard.
Get your computer or device to use the VPN. Please refer to:
Configure WireGuard VPN Clients
Read📖 VPN book to accessextra content.
Enjoy your very own VPN! ✨🎉🚀✨
This script is based on the great work ofNyr and contributors, with enhancements and changes for compatibility with theSetup IPsec VPN project.
List of enhancements over Nyr/wireguard-install.
- Improved compatibility with Setup IPsec VPN
- Improved script reliability, user input and output
- Supports auto install using default or custom options
- Supports using a DNS name as server address
- Added support for openSUSE Linux
- Supports listing existing VPN clients
- Supports showing QR code for a client
- Supports custom DNS server(s) for VPN clients
- Supports command-line options for managing VPN clients
- Optimizes
sysctlsettings for improved VPN performance - Improved creation of client config files when using
sudo
...and more!
MIT
About
WireGuard VPN server installer for Ubuntu, Debian, AlmaLinux, Rocky Linux, CentOS, Fedora, openSUSE and Raspberry Pi OS
