#!/bin/sh

# Install wireguard package
sudo apt update
sudo apt install wireguard

# Enable IPv4 packet forwarding, and reload sysctl
sudo sed -e "s/#net.ipv4.ip_forward=1/net.ipv4.ip_forward=1/g" /etc/sysctl.conf
sudo sysctl -p

# Open firewall for wireguard
# Reminder to port forward on router as well
sudo ufw allow 32415/udp comment "wireguard"
sudo ufw reload

# Generate public/private keys for server, with correct permissions
wg genkey | sudo tee /etc/wireguard/private.key
sudo chmod go= /etc/wireguard/private.key
sudo cat /etc/wireguard/private.key | wg pubkey | sudo tee /etc/wireguard/public.key
sudo chmod ugo+rx /etc/wireguard