From bf9b7c7baf26b9481d55dd321bd93c079b51cb6f Mon Sep 17 00:00:00 2001
From: Tianyu Liu <liu.tianyu93@hotmail.com>
Date: Wed, 30 Apr 2025 14:30:22 +0200
Subject: [PATCH] Add permernant setup script for server peer

---
 wireguard/center_setup.sh | 45 +++++++++++++++++++++++++++++++++++++++
 1 file changed, 45 insertions(+)
 create mode 100755 wireguard/center_setup.sh

diff --git a/wireguard/center_setup.sh b/wireguard/center_setup.sh
new file mode 100755
index 0000000..67b0a41
--- /dev/null
+++ b/wireguard/center_setup.sh
@@ -0,0 +1,45 @@
+#!/bin/bash
+
+WG_NUM=$1
+WG_CONF="/etc/wireguard"
+PRIV_KEY_FILE="wg${WG_NUM}_privatekey"
+PUB_KEY_FILE="wg${WG_NUM}_publickey"
+CONF_FILE="wg${WG_NUM}.conf"
+
+if [ -z "$1" ]; then
+    echo "Wireguard interface number not provided."
+    exit 1
+fi
+
+if ! [[ "$1" =~ ^-?[0-9]+([.][0-9]+)?$ ]]; then
+    echo "Wireguard interface number has to be a number."
+    exit 2
+fi
+
+wg genkey | tee wg"$WG_NUM"_privatekey | wg pubkey > wg"$WG_NUM"_publickey
+
+PRIVATE_KEY=$(cat $PRIV_KEY_FILE)
+
+sudo mkdir -p $WG_CONF
+sudo mv ./$PRIV_KEY_FILE $WG_CONF
+sudo mv ./$PUB_KEY_FILE $WG_CONF
+
+read -p "Enter IP (as server) (e.g. 192.168.${WG_NUM}.1/24): " ADDRESS
+read -p "Enter wireguard subnet, should be the subnet of server IP: " WG_SUBNET
+read -p "Enter physical interface for nat out: " PHY
+read -p "Enter port to listern (e.g. 51820): " LISTEN_PORT
+
+
+CONF_CONTENT="[Interface]
+PrivateKey = $PRIVATE_KEY
+SaveConfig = false
+Address = $ADDRESS
+ListenPort = $LISTEN_PORT
+PostUp = iptables -A FORWARD -i wg$WG_NUM -j ACCEPT; iptables -t nat -A POSTROUTING -s $WG_SUBNET -o $PHY -j MASQUERADE
+PostDown = iptables -D FORWARD -i wg$WG_NUM -j ACCEPT; iptables -t nat -D POSTROUTING -s $WG_SUBNET -o $PHY -j MASQUERADE
+"
+
+echo "$CONF_CONTENT" > "$CONF_FILE"
+sudo mv "$CONF_FILE" "$WG_CONF"
+
+echo "Config saved to: $WG_CONF/$CONF_FILE"
\ No newline at end of file