{"id":466,"date":"2024-08-09T15:47:31","date_gmt":"2024-08-09T08:47:31","guid":{"rendered":"https:\/\/nbvps.anhtuanlqd.com\/?p=466"},"modified":"2025-01-09T10:02:46","modified_gmt":"2025-01-09T03:02:46","slug":"install-wireguard-ubuntu-20","status":"publish","type":"post","link":"https:\/\/nbvps.anhtuanlqd.com\/?p=466","title":{"rendered":"Install Wireguard Ubuntu 20"},"content":{"rendered":"\n

Code cho file script .sh<\/h2>\n\n\n\n
#!\/bin\/bash\n\n# Update package list and install WireGuard\nsudo apt update\nsudo apt install -y wireguard\n\n# Enable IP forwarding\nsudo echo \"net.ipv4.ip_forward=1\" >> \/etc\/sysctl.conf\nsudo sysctl -p\n\n# Create directory for WireGuard configuration\nsudo mkdir -p \/etc\/wireguard\ncd \/etc\/wireguard\n\n# Generate server private and public keys\nwg genkey | sudo tee server_private.key | wg pubkey | sudo tee server_public.key\n\n# Generate client private and public keys\nwg genkey | sudo tee client_private.key | wg pubkey | sudo tee client_public.key\n\n# Read the keys into variables\nSERVER_PRIVATE_KEY=$(sudo cat server_private.key)\nSERVER_PUBLIC_KEY=$(sudo cat server_public.key)\nCLIENT_PRIVATE_KEY=$(sudo cat client_private.key)\nCLIENT_PUBLIC_KEY=$(sudo cat client_public.key)\n\n# Define the WireGuard interface (e.g., wg0)\nWG_INTERFACE=\"wg0\"\n\n# Define server and client IPs\nSERVER_IP=\"10.0.0.1\/24\"\nCLIENT_IP=\"10.0.0.2\"\n\n# Create WireGuard server configuration file\nsudo bash -c \"cat > \/etc\/wireguard\/$WG_INTERFACE.conf\" <<EOL\n[Interface]\nPrivateKey = $SERVER_PRIVATE_KEY\nAddress = $SERVER_IP\nListenPort = 51820\n\n# Enable IP forwarding\nPostUp = iptables -A FORWARD -i $WG_INTERFACE -j ACCEPT; iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE\nPostDown = iptables -D FORWARD -i $WG_INTERFACE -j ACCEPT; iptables -t nat -D POSTROUTING -o eth0 -j MASQUERADE\n\n[Peer]\nPublicKey = $CLIENT_PUBLIC_KEY\nAllowedIPs = $CLIENT_IP\/32\nEOL\n\n# Change permissions of the config file\nsudo chmod 600 \/etc\/wireguard\/$WG_INTERFACE.conf\n\n# Start and enable WireGuard service\nsudo systemctl start wg-quick@$WG_INTERFACE\nsudo systemctl enable wg-quick@$WG_INTERFACE\n\n# Prompt for client configuration details\nread -p \"Enter the Endpoint (e.g., nbvps.anhtuanlqd.com): \" ENDPOINT\nread -p \"Enter the port (e.g., 51820): \" PORT\nread -p \"Enter the DNS server (e.g., 1.1.1.1): \" DNS\nread -p \"Enter the location to copy the client.conf file to (e.g., \/root\/vpn\/): \" COPY_LOCATION\n\n# Create client configuration file\nsudo bash -c \"cat > \/etc\/wireguard\/client.conf\" <<EOL\n[Interface]\nPrivateKey = $CLIENT_PRIVATE_KEY\nAddress = $CLIENT_IP\nDNS = $DNS\n\n[Peer]\nPublicKey = $SERVER_PUBLIC_KEY\nEndpoint = $ENDPOINT:$PORT\nAllowedIPs = 0.0.0.0\/0, ::\/0\nPersistentKeepalive = 21\nEOL\n\n# Create the directory if it doesn't exist\nsudo mkdir -p $COPY_LOCATION\n\n# Copy the client configuration to the specified location\nsudo cp \/etc\/wireguard\/client.conf $COPY_LOCATION\n\n# Output the client configuration location\necho \"Client configuration has been copied to: $COPY_LOCATION\/client.conf\"\n\n<\/code><\/pre>\n\n\n\n
Code for Raspian<\/h2>\n\n\n\n
#!\/bin\/bash\n\n# Update package list and install WireGuard\nsudo apt update\nsudo apt install -y wireguard\n\n# Enable IP forwarding\nsudo echo \"net.ipv4.ip_forward=1\" | sudo tee -a \/etc\/sysctl.conf\nsudo sysctl -p\n\n# Create directory for WireGuard configuration\nsudo mkdir -p \/etc\/wireguard\ncd \/etc\/wireguard\n\n# Generate server private and public keys\nwg genkey | sudo tee server_private.key | wg pubkey | sudo tee server_public.key\n\n# Generate client private and public keys\nwg genkey | sudo tee client_private.key | wg pubkey | sudo tee client_public.key\n\n# Read the keys into variables\nSERVER_PRIVATE_KEY=$(sudo cat server_private.key)\nSERVER_PUBLIC_KEY=$(sudo cat server_public.key)\nCLIENT_PRIVATE_KEY=$(sudo cat client_private.key)\nCLIENT_PUBLIC_KEY=$(sudo cat client_public.key)\n\n# Define the WireGuard interface (e.g., wg0)\nWG_INTERFACE=\"wg0\"\n\n# Define server and client IPs\nSERVER_IP=\"10.0.0.1\/24\"\nCLIENT_IP=\"10.0.0.2\"\n\n# Create WireGuard server configuration file\nsudo bash -c \"cat > \/etc\/wireguard\/$WG_INTERFACE.conf\" <<EOL\n[Interface]\nPrivateKey = $SERVER_PRIVATE_KEY\nAddress = $SERVER_IP\nListenPort = 51820\n\n# Enable IP forwarding\nPostUp = iptables -A FORWARD -i $WG_INTERFACE -j ACCEPT; iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE\nPostDown = iptables -D FORWARD -i $WG_INTERFACE -j ACCEPT; iptables -t nat -D POSTROUTING -o eth0 -j MASQUERADE\n\n[Peer]\nPublicKey = $CLIENT_PUBLIC_KEY\nAllowedIPs = $CLIENT_IP\/32\nEOL\n\n# Change permissions of the config file\nsudo chmod 600 \/etc\/wireguard\/$WG_INTERFACE.conf\n\n# Start and enable WireGuard service\nsudo systemctl start wg-quick@$WG_INTERFACE\nsudo systemctl enable wg-quick@$WG_INTERFACE\n\n# Prompt for client configuration details\nread -p \"Enter the Endpoint (e.g., nbvps.anhtuanlqd.com): \" ENDPOINT\nread -p \"Enter the port (e.g., 51820): \" PORT\nread -p \"Enter the DNS server (e.g., 1.1.1.1): \" DNS\nread -p \"Enter the location to copy the client.conf file to (e.g., \/root\/vpn\/): \" COPY_LOCATION\n\n# Create client configuration file\nsudo bash -c \"cat > \/etc\/wireguard\/client.conf\" <<EOL\n[Interface]\nPrivateKey = $CLIENT_PRIVATE_KEY\nAddress = $CLIENT_IP\nDNS = $DNS\n\n[Peer]\nPublicKey = $SERVER_PUBLIC_KEY\nEndpoint = $ENDPOINT:$PORT\nAllowedIPs = 0.0.0.0\/0, ::\/0\nPersistentKeepalive = 21\nEOL\n\n# Create the directory if it doesn't exist\nsudo mkdir -p $COPY_LOCATION\n\n# Copy the client configuration to the specified location\nsudo cp \/etc\/wireguard\/client.conf $COPY_LOCATION\n\n# Output the client configuration location\necho \"Client configuration has been copied to: $COPY_LOCATION\/client.conf\"\n<\/code><\/pre>\n","protected":false},"excerpt":{"rendered":"
Code cho file script .sh Code for Raspian<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_eb_attr":"","footnotes":""},"categories":[2,23],"tags":[38,149,148],"class_list":["post-466","post","type-post","status-publish","format-standard","hentry","category-linux","category-tips-and-trick","tag-ubuntu","tag-vpn","tag-wireguard"],"blocksy_meta":[],"_links":{"self":[{"href":"https:\/\/nbvps.anhtuanlqd.com\/index.php?rest_route=\/wp\/v2\/posts\/466","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/nbvps.anhtuanlqd.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/nbvps.anhtuanlqd.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/nbvps.anhtuanlqd.com\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/nbvps.anhtuanlqd.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=466"}],"version-history":[{"count":3,"href":"https:\/\/nbvps.anhtuanlqd.com\/index.php?rest_route=\/wp\/v2\/posts\/466\/revisions"}],"predecessor-version":[{"id":470,"href":"https:\/\/nbvps.anhtuanlqd.com\/index.php?rest_route=\/wp\/v2\/posts\/466\/revisions\/470"}],"wp:attachment":[{"href":"https:\/\/nbvps.anhtuanlqd.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=466"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/nbvps.anhtuanlqd.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=466"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/nbvps.anhtuanlqd.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=466"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}