From 250886a0ae558e0f9f8653f9cf86c0b8d5066038 Mon Sep 17 00:00:00 2001
From: Tianyu Liu <liu.tianyu93@hotmail.com>
Date: Thu, 22 May 2025 13:53:08 +0200
Subject: [PATCH] Add center no nat

---
 wireguard/center_setup.sh        | 15 ++++--------
 wireguard/center_setup_no_nat.sh | 41 ++++++++++++++++++++++++++++++++
 wireguard/env_center.sh          |  9 +++++++
 3 files changed, 55 insertions(+), 10 deletions(-)
 create mode 100755 wireguard/center_setup_no_nat.sh
 create mode 100644 wireguard/env_center.sh

diff --git a/wireguard/center_setup.sh b/wireguard/center_setup.sh
index 67b0a41..e45b854 100755
--- a/wireguard/center_setup.sh
+++ b/wireguard/center_setup.sh
@@ -1,17 +1,18 @@
 #!/bin/bash
 
-WG_NUM=$1
+. ./env_center.sh
+
 WG_CONF="/etc/wireguard"
 PRIV_KEY_FILE="wg${WG_NUM}_privatekey"
 PUB_KEY_FILE="wg${WG_NUM}_publickey"
 CONF_FILE="wg${WG_NUM}.conf"
 
-if [ -z "$1" ]; then
+if [ -z "$WG_NUM" ]; then
     echo "Wireguard interface number not provided."
     exit 1
 fi
 
-if ! [[ "$1" =~ ^-?[0-9]+([.][0-9]+)?$ ]]; then
+if ! [[ "$WG_NUM" =~ ^-?[0-9]+([.][0-9]+)?$ ]]; then
     echo "Wireguard interface number has to be a number."
     exit 2
 fi
@@ -24,16 +25,10 @@ sudo mkdir -p $WG_CONF
 sudo mv ./$PRIV_KEY_FILE $WG_CONF
 sudo mv ./$PUB_KEY_FILE $WG_CONF
 
-read -p "Enter IP (as server) (e.g. 192.168.${WG_NUM}.1/24): " ADDRESS
-read -p "Enter wireguard subnet, should be the subnet of server IP: " WG_SUBNET
-read -p "Enter physical interface for nat out: " PHY
-read -p "Enter port to listern (e.g. 51820): " LISTEN_PORT
-
-
 CONF_CONTENT="[Interface]
 PrivateKey = $PRIVATE_KEY
 SaveConfig = false
-Address = $ADDRESS
+Address = $WG_IP
 ListenPort = $LISTEN_PORT
 PostUp = iptables -A FORWARD -i wg$WG_NUM -j ACCEPT; iptables -t nat -A POSTROUTING -s $WG_SUBNET -o $PHY -j MASQUERADE
 PostDown = iptables -D FORWARD -i wg$WG_NUM -j ACCEPT; iptables -t nat -D POSTROUTING -s $WG_SUBNET -o $PHY -j MASQUERADE
diff --git a/wireguard/center_setup_no_nat.sh b/wireguard/center_setup_no_nat.sh
new file mode 100755
index 0000000..1ab40ec
--- /dev/null
+++ b/wireguard/center_setup_no_nat.sh
@@ -0,0 +1,41 @@
+#!/bin/bash
+
+. ./env_center.sh
+
+WG_CONF="/etc/wireguard"
+PRIV_KEY_FILE="wg${WG_NUM}_privatekey"
+PUB_KEY_FILE="wg${WG_NUM}_publickey"
+CONF_FILE="wg${WG_NUM}.conf"
+
+if [ -z "$WG_NUM" ]; then
+    echo "Wireguard interface number not provided."
+    exit 1
+fi
+
+if ! [[ "$WG_NUM" =~ ^-?[0-9]+([.][0-9]+)?$ ]]; then
+    echo "Wireguard interface number has to be a number."
+    exit 2
+fi
+
+wg genkey | tee wg"$WG_NUM"_privatekey | wg pubkey > wg"$WG_NUM"_publickey
+
+PRIVATE_KEY=$(cat $PRIV_KEY_FILE)
+
+sudo mkdir -p $WG_CONF
+sudo mv ./$PRIV_KEY_FILE $WG_CONF
+sudo mv ./$PUB_KEY_FILE $WG_CONF
+
+CONF_CONTENT="[Interface]
+PrivateKey = $PRIVATE_KEY
+SaveConfig = false
+Address = $WG_IP
+ListenPort = $LISTEN_PORT"
+
+
+echo "$CONF_CONTENT" > "$CONF_FILE"
+sudo mv "$CONF_FILE" "$WG_CONF"
+
+echo "Config saved to: $WG_CONF/$CONF_FILE"
+
+sudo systemctl enable wg-quick@"wg$WG_NUM"
+sudo systemctl start wg-quick@"wg$WG_NUM"
diff --git a/wireguard/env_center.sh b/wireguard/env_center.sh
new file mode 100644
index 0000000..3b1557b
--- /dev/null
+++ b/wireguard/env_center.sh
@@ -0,0 +1,9 @@
+WG_NUM="1"
+WG_IP="192.168.2.1/24" # IP of the server e.g. 192.168.2.1/24
+WG_SUBNET="192.168.2.0/24" # Subnet of the server IP
+PHY="eth0" # Physical interface for NAT out
+LISTEN_PORT="51821" # Port to listen (e.g. 51820)
+DNS_SERVER="8.8.8.8"
+ALLOWED_IPS="$WG_SUBNET"
+
+