mosskoi/MKs-Docker-Compose
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

adding untested changes and new dockers

Browse Source
This commit is contained in:
mk
2026-03-11 22:18:38 -03:00
parent fae6ea1abe
commit 52af4904da
34 changed files with 949 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

57
tools/wireguard/vps/setup.sh Normal file
View File

@@ -0,0 +1,57 @@
#!/bin/bash
# VPS Setup Script - Run on your Debian VPS as root
set -e
echo "=== Installing WireGuard ==="
apt update
apt install -y wireguard
echo "=== Generating Keys ==="
cd /etc/wireguard
umask 077
wg genkey | tee privatekey | wg pubkey > publickey
echo ""
echo "========================================"
echo "VPS Private Key (put in wg0.conf):"
cat privatekey
echo ""
echo "VPS Public Key (put in home server config):"
cat publickey
echo "========================================"
echo ""
echo "=== Copy your wg0.conf to /etc/wireguard/wg0.conf ==="
echo "=== Then replace VPS_PRIVATE_KEY with the private key above ==="
echo "=== And replace HOME_PUBLIC_KEY with your home server's public key ==="
echo ""
echo "=== Enabling IP Forwarding ==="
echo 'net.ipv4.ip_forward=1' > /etc/sysctl.d/99-wireguard.conf
sysctl -p /etc/sysctl.d/99-wireguard.conf
echo "=== Setting up iptables rules ==="
# Get the main network interface (usually eth0 or ens3)
INTERFACE=$(ip route | grep default | awk '{print $5}' | head -n1)
echo "Detected interface: $INTERFACE"
# Forward ports 80 and 443 to home server via WireGuard
iptables -t nat -A PREROUTING -i $INTERFACE -p tcp --dport 80 -j DNAT --to-destination 10.0.0.2:80
iptables -t nat -A PREROUTING -i $INTERFACE -p tcp --dport 443 -j DNAT --to-destination 10.0.0.2:443
iptables -A FORWARD -i $INTERFACE -o wg0 -p tcp --dport 80 -j ACCEPT
iptables -A FORWARD -i $INTERFACE -o wg0 -p tcp --dport 443 -j ACCEPT
iptables -A FORWARD -i wg0 -o $INTERFACE -m state --state RELATED,ESTABLISHED -j ACCEPT
iptables -t nat -A POSTROUTING -o wg0 -j MASQUERADE
echo "=== Making iptables persistent ==="
apt install -y iptables-persistent
netfilter-persistent save
echo "=== Enabling WireGuard service ==="
systemctl enable wg-quick@wg0
echo ""
echo "=== After you update wg0.conf with keys, run: ==="
echo "systemctl start wg-quick@wg0"
echo ""
echo "=== Done! ==="