Kiritow/wg-ops
1
0
Fork 0
mirror of https://github.com/Kiritow/wg-ops.git synced 2024-03-22 13:11:37 +08:00
Code Issues Projects Releases Wiki Activity

Make full use of wg-quick

Browse Source
This commit is contained in:
Kirigaya Kazuto 2021-07-30 18:32:08 +00:00
parent e744838059
commit 91e50a99ee
4 changed files with 69 additions and 32 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
Readme.md
View File

@ -10,6 +10,12 @@ A group of Interactive bash scripts for [Wireguard](https://github.com/WireGuard
3. Run the generated `start.sh`. (May require Super user permission)
Start as service: `systemctl start wg-quick@wg0`
Start service on system start-up: `systemctl enable wg-quick@wg0`
See [wg-quick(8)](https://man7.org/linux/man-pages/man8/wg-quick.8.html) for more information.
## Notice
Make sure to setup firewall. UFW is recommended.

1
install.sh
View File

@ -5,6 +5,7 @@ sudo apt update
sudo apt install -y curl wireguard python3
mkdir -p local
mkdir -p local/tunnel
mkdir -p bin
cd bin

1
install_cn.sh
View File

@ -5,6 +5,7 @@ sudo apt update
sudo apt install -y curl wireguard python3
mkdir -p local
mkdir -p local/tunnel
mkdir -p bin
cd bin

93
tool_generate.py
View File

@ -1,11 +1,26 @@
# -*- coding: utf-8 -*-
import os
import uuid
from tool_common import load_config, SimpleLogger
logger = SimpleLogger()
def write_tunnel_config(mode, listen_addr, remote_addr, password):
filename = "{}.conf".format(uuid.uuid4())
with open("local/tunnel/{}".format(filename), "w", encoding='utf-8') as f:
f.write('''
-{}
-l {}
-r {}
-k {}
--raw-mode faketcp
-a
'''.format(mode, listen_addr, remote_addr, password))
return filename
config = load_config()
if not config:
logger.error("No valid config found.")
@ -29,9 +44,51 @@ PrivateKey = {}
ListenPort = {}
MTU = {}
'''.format(config["ip"], config["prikey"], config["listen"], config["mtu"]))
# Generate PostUp
f.write('''PostUp=/bin/tmux new-session -s tunnel -d 'watch -n 1 wg'
PostUp=sysctl net.core.default_qdisc=fq
PostUp=sysctl net.ipv4.tcp_congestion_control=bbr
''')
if op_mode in ("s", "m"):
f.write("PostUp=sysctl net.ipv4.ip_forward=1\n")
current_dir = os.getcwd()
path_tunnel = os.path.join(current_dir, "bin", "udp2raw_amd64")
path_speeder = os.path.join(current_dir, "bin", "speederv2_amd64")
for info in udp_clients:
if info["speeder"]["enable"]:
# WG --> Speeder --> RawTunnel
speeder = info["speeder"]
f.write('''PostUp=/bin/tmux new-window -t tunnel -d '{} -c -l127.0.0.1:{} -r 127.0.0.1:{} -f{} --mode 0' \n'''.format(path_speeder, speeder["port"], info["port"], speeder["ratio"]))
filename = write_tunnel_config("c", "127.0.0.1:{}".format(info["port"]), info["remote"], info["password"])
filepath = os.path.join(current_dir, "local", "tunnel", filename)
f.write('''PostUp=/bin/tmux new-window -t tunnel -d '{} --conf-file {}' \n'''.format(path_tunnel, filepath))
for info in udp_servers:
if info["speeder"]["enable"]:
# RawTunnel --> Speeder --> WG
speeder = info["speeder"]
f.write('''PostUp=/bin/tmux new-window -t tunnel -d '{} -s -l127.0.0.1:{} -r 127.0.0.1:{} -f{} --mode 0' \n'''.format(path_speeder, speeder["port"], config["listen"], speeder["ratio"]))
filename = write_tunnel_config("s", "0.0.0.0:{}".format(info["port"]), "127.0.0.1:{}".format(speeder["port"]), info["password"])
filepath = os.path.join(current_dir, "local", "tunnel", filename)
f.write('''PostUp=/bin/tmux new-window -t tunnel -d '{} --conf-file {}' \n'''.format(path_tunnel, filepath))
else:
# RawTunnel --> WG
filename = write_tunnel_config("s", "0.0.0.0:{}".format(info["port"]), "127.0.0.1:{}".format(config["listen"]), info["password"])
filepath = os.path.join(current_dir, "local", "tunnel", filename)
f.write('''PostUp=/bin/tmux new-window -t tunnel -d '{} --conf-file {}' \n'''.format(path_tunnel, filepath))
# Generate PostDown
f.write("PostDown=/bin/tmux kill-session -t tunnel\n")
for info in config["peers"]:
f.write('''[Peer]
f.write('''
[Peer]
PublicKey = {}
AllowedIPs = {}
'''.format(info["pubkey"], info["allowed"]))
@ -54,36 +111,9 @@ with open("start.sh", "w", encoding='utf-8') as f:
set -e
cp local/{}.conf /etc/wireguard/
tmux new-session -s tunnel -d 'watch -n 1 wg'
'''.format(config["interface"]))
for info in udp_clients:
if info["speeder"]["enable"]:
# WG --> Speeder --> RawTunnel
speeder = info["speeder"]
f.write('''tmux new-window -t tunnel -d 'bin/speederv2_amd64 -c -l127.0.0.1:{} -r 127.0.0.1:{} -f{} --mode 0' \n'''.format(speeder["port"], info["port"], speeder["ratio"]))
f.write('''tmux new-window -t tunnel -d 'bin/udp2raw_amd64 -c -l127.0.0.1:{} -r{} -k "{}" --raw-mode faketcp -a' \n'''.format(info["port"], info["remote"], info["password"]))
for info in udp_servers:
if info["speeder"]["enable"]:
# RawTunnel --> Speeder --> WG
speeder = info["speeder"]
f.write('''tmux new-window -t tunnel -d 'bin/speederv2_amd64 -s -l127.0.0.1:{} -r 127.0.0.1:{} -f{} --mode 0' \n'''.format(speeder["port"], config["listen"], speeder["ratio"]))
f.write('''tmux new-window -t tunnel -d 'bin/udp2raw_amd64 -s -l0.0.0.0:{} -r 127.0.0.1:{} -k "{}" --raw-mode faketcp -a' \n'''.format(info["port"], speeder["port"], info["password"]))
else:
# RawTunnel --> WG
f.write('''tmux new-window -t tunnel -d 'bin/udp2raw_amd64 -s -l0.0.0.0:{} -r 127.0.0.1:{} -k "{}" --raw-mode faketcp -a' \n'''.format(info["port"], config["listen"], info["password"]))
# Enable BBR
f.write("sysctl net.core.default_qdisc=fq\n")
f.write("sysctl net.ipv4.tcp_congestion_control=bbr\n")
if op_mode in ("s", "m"):
f.write("sysctl net.ipv4.ip_forward=1\n")
f.write('''wg-quick up {}
wg-quick up {}
tmux attach-session -t tunnel
'''.format(config["interface"]))
'''.format(config["interface"], config["interface"]))
logger.info("Generating stop script...")
@ -91,7 +121,6 @@ with open("stop.sh", "w", encoding='utf-8') as f:
f.write('''#!/bin/bash
set -x
wg-quick down {}
tmux kill-session -t tunnel
'''.format(config["interface"]))