wg-vpn

Console-based automated wireguard tunnel provisioning:

• manages server wireguard config
• generates client config files
• pushes client config files to a directory for easy download
• ability for multiple entry points
• ability for multiple route per entry point
• keeps last handshakes and logs client remote IP changes when detected (crontab job needed)

variables

TITLE: Config menu title
IFACE: Wireguard device name on server
CONF: configuration file location on server (the file itself is managed my the tool)
STATEFILE: state file for storing latest handshakes per client
LOGFILE: locatin of log file (stores changes done to config and keeps history of client remote IPs)
URLBASE: url base for client config downloads
HTMLDIR: location for uploading client config files - should be equivalent to URLBASE
SERVER_IP[entry_point_name]: hostname or IP address of the server (multiple can be defined by changing the name in the brackets)
SERVER_PORT: wireguard port on server (goes into client config)
WGCONF: wireguard config file location on server (dependant on distro startup scripts)
SPRIVKEY: server private key
CLIENT_NET: first three octets of the client ip
CLIENT_RANGE: list containing last octets to be assigned to clients
CLIENT_MASK: netmask for client ip addresses
CLIENT_DNS: dns to be used by clients
CONF_PREFIX: prefix for client config files
ALLOWED_IPS[access]: AllowedIPs for access route
ALLOWED_IPS[full]: AllowedIPs for full route (more route options can be defined)
KEEPALIVE: keepalive entry for clients config
USER_REGEX: regex for allowed characters in usernames. This is solely for management puposes - not being used in the config files
CONF_MESSAGE: message to show after client config file generation