diff --git a/wginstall.sh b/wginstall.sh index 611bf75..22f673b 100644 --- a/wginstall.sh +++ b/wginstall.sh @@ -36,30 +36,35 @@ install_wireguard() { } generate_keys() { + cd /etc/wireguard # 生成WireGuard私钥和公钥 echo "正在生成WireGuard私钥和公钥..." - wg genkey | tee /opt/wg/privatekey | wg pubkey > /opt/wg/publickey + wg genkey | tee privatekey | wg pubkey > publickey && cat privatekey && cat publickey } create_server_config() { # 服务器端配置 read -p "请输入服务器的公网IP地址: " server_public_ip + read -p "请输入服务器的内网IP地址: " server_internal_ip read -p "请输入WireGuard服务器端口号: " server_port read -p "请输入客户端的公钥: " client_public_key read -p "请输入客户端的内网IP地址: " client_internal_ip + eth=$(ls /sys/class/net| grep ^e | head -n1) # 创建服务器端配置文件 - echo "[Interface]" > /opt/wg/wg0.conf - echo "PrivateKey = $(cat /opt/wg/privatekey)" >> /opt/wg/wg0.conf - echo "Address = $client_internal_ip/24" >> /opt/wg/wg0.conf - echo "ListenPort = $server_port" >> /opt/wg/wg0.conf + echo "[Interface]" > /etc/wireguard/wg0.conf + echo "PrivateKey = $(cat /etc/wireguard/privatekey)" >> /etc/wireguard/wg0.conf + echo "Address = $server_internal_ip/24" >> /etc/wireguard/wg0.conf + echo "PostUp = iptables -A FORWARD -i wg0 -j ACCEPT; iptables -A FORWARD -o wg0 -j ACCEPT; iptables -t nat -A POSTROUTING -o $eth -j MASQUERADE" >> /etc/wireguard/wg0.conf + echo "PostDown = iptables -D FORWARD -i wg0 -j ACCEPT; iptables -D FORWARD -o wg0 -j ACCEPT; iptables -t nat -D POSTROUTING -o $eth -j MASQUERADE" >> /etc/wireguard/wg0.conf + echo "ListenPort = $server_port" >> /etc/wireguard/wg0.conf - echo "" >> /opt/wg/wg0.conf - echo "[Peer]" >> /opt/wg/wg0.conf - echo "PublicKey = $client_public_key" >> /opt/wg/wg0.conf - echo "AllowedIPs = $client_internal_ip/32" >> /opt/wg/wg0.conf + echo "" >> /etc/wireguard/wg0.conf + echo "[Peer]" >> /etc/wireguard/wg0.conf + echo "PublicKey = $client_public_key" >> /etc/wireguard/wg0.conf + echo "AllowedIPs = $client_internal_ip/32" >> /etc/wireguard/wg0.conf - echo "WireGuard服务器端配置文件已成功创建在 /opt/wg/wg0.conf。" + echo "WireGuard服务器端配置文件已成功创建在 /etc/wireguard/wg0.conf。" } create_client_config() { @@ -68,19 +73,20 @@ create_client_config() { read -p "请输入WireGuard服务器端口号: " server_port read -p "请输入服务器的公钥: " server_public_key read -p "请输入客户端的内网IP地址: " client_internal_ip + eth=$(ls /sys/class/net| grep ^e | head -n1) # 创建客户端配置文件 - echo "[Interface]" > /opt/wg/wg0.conf - echo "PrivateKey = $(cat /opt/wg/privatekey)" >> /opt/wg/wg0.conf - echo "Address = $client_internal_ip/24" >> /opt/wg/wg0.conf + echo "[Interface]" > /etc/wireguard/wg0.conf + echo "PrivateKey = $(cat /etc/wireguard/privatekey)" >> /etc/wireguard/wg0.conf + echo "Address = $client_internal_ip/24" >> /etc/wireguard/wg0.conf - echo "" >> /opt/wg/wg0.conf - echo "[Peer]" >> /opt/wg/wg0.conf - echo "PublicKey = $server_public_key" >> /opt/wg/wg0.conf - echo "Endpoint = $server_public_ip:$server_port" >> /opt/wg/wg0.conf - echo "AllowedIPs = 0.0.0.0/0, ::/0" >> /opt/wg/wg0.conf + echo "" >> /etc/wireguard/wg0.conf + echo "[Peer]" >> /etc/wireguard/wg0.conf + echo "PublicKey = $server_public_key" >> /etc/wireguard/wg0.conf + echo "Endpoint = $server_public_ip:$server_port" >> /etc/wireguard/wg0.conf + echo "AllowedIPs = 0.0.0.0/0, ::/0" >> /etc/wireguard/wg0.conf - echo "WireGuard客户端配置文件已成功创建在 /opt/wg/wg0.conf。" + echo "WireGuard客户端配置文件已成功创建在 /etc/wireguard/wg0.conf。" } start_wireguard() { @@ -102,8 +108,6 @@ restart_wireguard() { } main() { - # 创建 /opt/wg 目录存放配置文件 - mkdir -p /opt/wg # 显示菜单并选择角色 echo -e "---------------------------" echo -e "欢迎使用WireGuard配置脚本"