Configure wireguard server as a tunnel to connect to the machine (without further connection to the internet)

wireguard_setup.sh

ussage='Ussage: 
First, Thank Andrii Dokhniak, because he is the best!, then

sudo bash wireguard_setup.sh <network interface>

(the network interface is used to get the IP)

Dependencies: 
- qrencode, for creating the qrcode
- wireguard-tools, for the userspace wg command
- kmod-wireguard (from other repos), for the kernel module for old kernels
'


if [ $# -ne 1 ]; then
    echo "$ussage"
    exit -1
fi

if [ $(id --user) -ne 0 ]; then
    echo Please launch as an administrator, see usage
    echo
    echo "$ussage"
    exit -1
fi

ip_out=$(ip -br -4 a s $1)

if [ $? -ne 0 ]; then 
    echo Provide a valid network inteface!!
    echo
    echo "$ussage"
    exit -1
fi

systemctl stop wg-quick@wg0 &> /dev/null

ip=$(echo "$ip_out" | awk -F' ' '{print $3}' | awk -F'/' '{print $1}')


priv_server=$(wg genkey)
pub_server=$(echo $priv_server | wg pubkey)

priv_client=$(wg genkey)
pub_client=$(echo $priv_client | wg pubkey)

psk=$(wg genpsk)

echo $pubkey_server


server=$(cat <<EOF
[Interface]
Address = 10.0.0.1/24
PrivateKey = $priv_server
ListenPort = 51820

[Peer]
PublicKey = $pub_client
PresharedKey = $psk
AllowedIPs = 10.0.0.2/32
EOF
) 

echo "$server" > /etc/wireguard/wg0.conf

client=$(cat <<EOF
[Interface]
Address = 10.0.0.2/32
PrivateKey = $priv_client

[Peer]
PublicKey = $pub_server
PresharedKey = $psk
AllowedIPs = 0.0.0.0/0 
Endpoint = $ip:51820
EOF
) 
systemctl start wg-quick@wg0
echo "$client" | tee /etc/wireguard/wg_client.conf | qrencode -t utf8