Zero-Knowledge WireGuard VPN Setup Tool
Secure, user-friendly bash script for WireGuard VPN servers. The server never knows client private keys.
- Zero-Knowledge - Server never sees client private keys
- Post-Quantum PSK - Pre-shared keys for quantum resistance
- Auto-Install - Automated WireGuard package installation
- IPv4 + IPv6 - Dual-stack support
| OS | Min Version | OS | Min Version | |
|---|---|---|---|---|
| Ubuntu | 20.04+ | Fedora | 32+ | |
| Debian | 10+ | Arch/Manjaro | Any | |
| CentOS/AlmaLinux/Rocky | 8+ |
# Download
wget https://raw.githubusercontent.com/kreash/wg-setup/main/wg-setup.sh
chmod +x wg-setup.sh
# Install server
sudo ./wg-setup.sh install
# Add client
sudo ./wg-setup.sh addsudo ./wg-setup.sh| Command | Description |
|---|---|
install |
Install WireGuard server (interactive) |
auto-install [OPTIONS] |
Install WireGuard server (non-interactive) |
add [name] [pubkey] |
Add client (zero-knowledge) |
remove |
Remove client |
list |
List all clients |
show [name] |
Show client configuration |
uninstall |
Remove WireGuard completely |
version |
Show version |
help |
Show help |
sudo ./wg-setup.sh auto-install \
--port 51820 \
--subnet "10.66.66.0/24" \
--endpoint "212.109.198.162" \
--dns "1.1.1.1, 1.0.0.1" \
--allowed-ips "0.0.0.0/0"All options are optional — defaults are applied automatically.
| Option | Default | Description |
|---|---|---|
--port |
random (49152-65535) | WireGuard listen port |
--subnet |
10.66.66.0/24 |
Server IPv4 subnet |
--endpoint |
auto-detect | Public IP or hostname |
--interface |
auto-detect | Public network interface |
--dns |
1.1.1.1, 1.0.0.1 |
Client DNS servers |
--allowed-ips |
0.0.0.0/0 |
Client allowed IPs |
--ipv6-subnet |
disabled | Enable IPv6 with given subnet |
- name: Install WireGuard
command: >
./wg-setup.sh auto-install
--port 51820
--endpoint "{{ ansible_host }}"
--dns "1.1.1.1, 1.0.0.1"
args:
creates: /etc/wireguard/wg0.conf# On client device, run:
wg genkey | tee privatekey | wg pubkeyCopy the public key (stdout) to the server. Keep privatekey file secret!
Inspired by:
MIT License - see LICENSE file.
⭐ Star this project if you find it useful!