init

client.template

@@ -0,0 +1,9 @@
+[Interface]
+	PrivateKey = ${CLIENT_PRIVATE_KEY}
+	Address = 10.0.0.${IP_ADDR}/16
+
+[Peer]
+	PublicKey = ${SERVER_PUBLIC_KEY}
+	AllowedIPs = 10.0.0.0/16
+	Endpoint = wg.oliveratkinson.net:51820
+	PersistentKeepalive = 25

new-client.sh

@@ -0,0 +1,23 @@
+#!/bin/bash
+printf "Run as sudo\nPress any key to continue..."
+read
+printf "Make sure interface is up.\nPress any key to continue..."
+read
+
+export IP_ADDR="10"
+export SERVER_PUBLIC_KEY=$(wg pubkey < /etc/wireguard/private.key)
+export CLIENT_PRIVATE_KEY=$(wg genkey)
+SERVER_NAME="cs2"
+TEMP_CONF=$(mktemp)
+# numbers are exit codes to run command on
+trap "rm -f $TEMP_CONF; export CLIENT_PRIVATE_KEY=" 0 1 2 3 6 9 14 15
+
+# Add peer to server conf file
+# envsubst < peer.template > $TEMP_CONF
+# wg addconf $SERVER_NAME $TEMP_CONF
+wg set $SERVER_NAME $(wg pubkey < $CLIENT_PRIVATE_KEY) allowed-ips 10.0.0.${IP_ADDR}/16
+ip -4 route add 10.0.0.${IP_ADDR}/16 dev $SERVER_NAME
+
+# Generate client conf file
+envsubst < client.template > client${IP_ADDR}.$SERVER_NAME.conf
+

peer.template

@@ -0,0 +1,3 @@
+[Peer]
+PublicKey = ${SERVER_PUBLIC_KEY}
+AllowedIPs = 10.0.0.${IP_ADDR}/16

server.conf

@@ -0,0 +1,6 @@
+[Interface]
+	PrivateKey = ${SERVER_PRIVATE_KEY}
+	Address = 10.0.0.0/16
+	SaveConfig = true
+	ListenPort = 51820
+