WonderBeat/amnezia-isntall

## amnezia-isntall
#!/bin/sh
# https://github.com/openwrt-xiaomi/awg-openwrt/wiki/AmneziaWG-installing#%D1%83%D1%81%D1%82%D0%B0%D0%BD%D0%BE%D0%B2%D0%BA%D0%B0-amneziawg-%D0%B8-%D0%B4%D1%80%D1%83%D0%B3%D0%B8%D1%85-%D0%BD%D1%83%D0%B6%D0%BD%D1%8B%D1%85-%D1%83%D1%82%D0%B8%D0%BB%D0%B8%D1%82-%D0%BD%D0%B0-vds-%D1%81%D0%B5%D1%80%D0%B2%D0%B5%D1%80%D0%B5
# https://github.com/amnezia-vpn/amneziawg-linux-kernel-module?tab=readme-ov-file#debian
# https://habr.com/ru/companies/amnezia/articles/807539/

#
# AmneziaWG setup
#
apt install -y gnupg2 linux-headers-$(uname -r)
apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 57290828
echo "deb https://ppa.launchpadcontent.net/amnezia/ppa/ubuntu focal main" | tee -a /etc/apt/sources.list
echo "deb-src https://ppa.launchpadcontent.net/amnezia/ppa/ubuntu focal main" | tee -a /etc/apt/sources.list
apt update
apt install -y amneziawg
awg --version
lsmod | grep amnezia
journalctl -xeft kernel

#
# AmneziaWG config
#
apt install -y curl wget python3 python3-pip python3-qrcode qrencode
mkdir -p ~/awg
chmod go-xrw -R ~/awg
cd ~/awg
wget -O awgcfg.py https://gist.githubusercontent.com/remittor/8c3d9ff293b2ba4b13c367cc1a69f9eb/raw/awgcfg.py
python3 awgcfg.py --make /etc/amnezia/amneziawg/awg0.conf -i 10.22.8.1/24 -p 27015
python3 awgcfg.py --create
python3 awgcfg.py --add "raccoon"
python3 awgcfg.py --conf
qrencode -t ansiutf8 < raccoon.conf

#
# Firewall settings
#
sed -i 's/#.*net.ipv4.ip_forward/net.ipv4.ip_forward/g' /etc/sysctl.conf
sysctl -p
apt install -y iptables iptables-persistent
iptables -A INPUT -p tcp --dport 22 -j ACCEPT
iptables -A INPUT -p udp --dport 27015 -j ACCEPT
iptables -P INPUT DROP
iptables -A FORWARD -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
iptables -A FORWARD -i awg0 -o ens3 -j ACCEPT
iptables -t nat -I POSTROUTING -o ens3 -j MASQUERADE
netfilter-persistent save

#
# AmneziaWG test
#
awg-quick up awg0
awg showconf awg0
awg show

#
# AmneziaWG service
#
systemctl enable --now awg-quick@awg0
systemctl restart awg-quick@awg0.service
systemctl status awg-quick@awg0.service
	#!/bin/sh
	# https://github.com/openwrt-xiaomi/awg-openwrt/wiki/AmneziaWG-installing#%D1%83%D1%81%D1%82%D0%B0%D0%BD%D0%BE%D0%B2%D0%BA%D0%B0-amneziawg-%D0%B8-%D0%B4%D1%80%D1%83%D0%B3%D0%B8%D1%85-%D0%BD%D1%83%D0%B6%D0%BD%D1%8B%D1%85-%D1%83%D1%82%D0%B8%D0%BB%D0%B8%D1%82-%D0%BD%D0%B0-vds-%D1%81%D0%B5%D1%80%D0%B2%D0%B5%D1%80%D0%B5
	# https://github.com/amnezia-vpn/amneziawg-linux-kernel-module?tab=readme-ov-file#debian
	# https://habr.com/ru/companies/amnezia/articles/807539/

	#
	# AmneziaWG setup
	#
	apt install -y gnupg2 linux-headers-$(uname -r)
	apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 57290828
	echo "deb https://ppa.launchpadcontent.net/amnezia/ppa/ubuntu focal main" \| tee -a /etc/apt/sources.list
	echo "deb-src https://ppa.launchpadcontent.net/amnezia/ppa/ubuntu focal main" \| tee -a /etc/apt/sources.list
	apt update
	apt install -y amneziawg
	awg --version
	lsmod \| grep amnezia
	journalctl -xeft kernel

	#
	# AmneziaWG config
	#
	apt install -y curl wget python3 python3-pip python3-qrcode qrencode
	mkdir -p ~/awg
	chmod go-xrw -R ~/awg
	cd ~/awg
	wget -O awgcfg.py https://gist.githubusercontent.com/remittor/8c3d9ff293b2ba4b13c367cc1a69f9eb/raw/awgcfg.py
	python3 awgcfg.py --make /etc/amnezia/amneziawg/awg0.conf -i 10.22.8.1/24 -p 27015
	python3 awgcfg.py --create
	python3 awgcfg.py --add "raccoon"
	python3 awgcfg.py --conf
	qrencode -t ansiutf8 < raccoon.conf

	#
	# Firewall settings
	#
	sed -i 's/#.*net.ipv4.ip_forward/net.ipv4.ip_forward/g' /etc/sysctl.conf
	sysctl -p
	apt install -y iptables iptables-persistent
	iptables -A INPUT -p tcp --dport 22 -j ACCEPT
	iptables -A INPUT -p udp --dport 27015 -j ACCEPT
	iptables -P INPUT DROP
	iptables -A FORWARD -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
	iptables -A FORWARD -i awg0 -o ens3 -j ACCEPT
	iptables -t nat -I POSTROUTING -o ens3 -j MASQUERADE
	netfilter-persistent save

	#
	# AmneziaWG test
	#
	awg-quick up awg0
	awg showconf awg0
	awg show

	#
	# AmneziaWG service
	#
	systemctl enable --now awg-quick@awg0
	systemctl restart awg-quick@awg0.service
	systemctl status awg-quick@awg0.service
No results found