Generates config files for mobile apps (qr code) and text configs
$ python3.9 -m venv .venv
$ .venv/bin/pip install colorama configargparse cryptography qrcode yaml
$ .venv/bin/python wireguard-gen.py --help
usage: wireguard-gen.py [-h] [-c CONFIG] [--qr] [--ipv4-subnet IPV4_SUBNET] [--ipv6-subnet IPV6_SUBNET] [--endpoint ENDPOINT] [--server-public-key SERVER_PUBLIC_KEY]
[--mtu MTU] [--table TABLE] [--dns DNS [DNS ...]] [--allowed-ips ALLOWED_IPS [ALLOWED_IPS ...]] [--listen-port LISTEN_PORT]
[--persistent-keepalive PERSISTENT_KEEPALIVE] [--use-preshared-key]
client_number
Wireguard client config generator
optional arguments:
-h, --help show this help message and exit
-c CONFIG, --config CONFIG
Client configuration options:
client_number IP addresses shift
--qr print cinfiguration as QRCode [env var: WG_QR] (default: False)
Server options:
--ipv4-subnet IPV4_SUBNET
[env var: WG_IPV4_SUBNET] (default: None)
--ipv6-subnet IPV6_SUBNET
[env var: WG_IPV6_SUBNET] (default: None)
--endpoint ENDPOINT [env var: WG_ENDPOINT] (default: None)
--server-public-key SERVER_PUBLIC_KEY
[env var: WG_SERVER_PUBLIC_KEY] (default: None)
--mtu MTU [env var: WG_MTU] (default: None)
--table TABLE [env var: WG_TABLE] (default: None)
--dns DNS [DNS ...] [env var: WG_DNS] (default: None)
--allowed-ips ALLOWED_IPS [ALLOWED_IPS ...]
[env var: WG_ALLOWED_IPS] (default: ['0.0.0.0/0', '::/0'])
--listen-port LISTEN_PORT
[env var: WG_LISTEN_PORT] (default: 0)
--persistent-keepalive PERSISTENT_KEEPALIVE
[env var: WG_PERSISTENT_KEEPALIVE] (default: 0)
--use-preshared-key [env var: WG_USE_PRESHARED_KEY] (default: False)
Args that start with '--' (eg. --qr) can also be set in a config file (specified via -c). Config file syntax allows: key=value, flag=true, stuff=[a,b,c] (for details, see
syntax at https://goo.gl/R74nmi). If an arg is specified in more than one place, then commandline values override environment variables which override config file values
which override defaults.
create file which describes server parameters
# wireguard-test.conf
dns=["1.1.1.1"]
endpoint = test.example.com:51820
ipv4-subnet = 10.255.0.0/24
ipv6-subnet = fe00::/64
persistent-keepalive = 25
server-public-key = LDR4+9cmEZx2VyqFOOr3rGZEoG+UrO2TSUB8gWP5+20=
use-preshared-key = 1
$ .vnv/bin/python wireguard-gen.py -c wireguard-test.conf 2 --qr
Server config:
peers:
- AllowedIPs: 10.255.0.2/32,fe00::2/128
PresharedKey: dfSFGiGibwT5LonAn7/sp+arf1DoFjL2l8jTk22tq0A=
PublicKey: I4EZx5zQYqKSjGNEcHnOn96hQS32JQbtSlpcJVJpOR8=
Client config:
[Interface]
Address = 10.255.0.2/32,fe00::2/128
DNS = 1.1.1.1
PrivateKey = UHuvxk0p4sKZqOaUpDLCVUNmKOKktrtpvzjRC0p1wHI=
[Peer]
AllowedIPs = 0.0.0.0/0,::/0
Endpoint = test.example.com:51820
PersistentKeepalive = 25
PresharedKey = dfSFGiGibwT5LonAn7/sp+arf1DoFjL2l8jTk22tq0A=
PublicKey = LDR4+9cmEZx2VyqFOOr3rGZEoG+UrO2TSUB8gWP5+20=
Client config as QR Code example