#!/bin/bash
cd /etc/wireguard
umask 077
: ${range4:=10.8.5}
: ${range6:=fd4b:ab94:3f04::}
: ${nodeid:=123}
: ${endpoint:=vpn.example.com:51820}
: ${serverpubkey:=XXXOTHERNODEPUBKEY}

wg genkey | tee privatekey | wg pubkey > publickey
wg genpsk > secretpsk
cat > wg0.conf <<EOF
[Interface]
#ListenPort = 51820
Address = ${range4}.$nodeid/24
Address = ${range6}$nodeid/64
PrivateKey = $(cat privatekey)
[Peer]
PublicKey = $serverpubkey
PresharedKey = $(cat secretpsk)
AllowedIPs = ${range4}.0/24, ${range6}/64
Endpoint = $endpoint
PersistentKeepalive = 15
EOF
wg-quick up wg0

cat <<EOF
# on wireguard server add
[Peer]
PublicKey = $(cat publickey)
PresharedKey = $(cat secretpsk)
AllowedIPs = ${range4}.$nodeid/32, ${range6}$nodeid/128
EOF