taoluyun 安装 wireguard-go_美国VPS

我只测试了 taoluyun Debian 8 可用。
taoluyun 需要在后台面板启用 tun ppp。

#/bin/sh
#openvz 6 nat vps debian 8 安装 wireguard-go
#https://d.sb/2019/07/wireguard-on-openvz-lxc
#https://blog.ilemonrain.com/linux/wireguard-go.html
su -c "apt update && apt install nano sudo wget curl bash-completion zsh zsh-antigen apt-transport-https socat htop unzip p7zip xz-utils openssl gawk file net-tools dnsutils libmnl-dev libelf-dev build-essential pkg-config -y" && \
cd ~ && \
sudo sh -c "echo ‘deb https://deb.debian.org/debian/ unstable main’ > /etc/apt/sources.list.d/unstable.list" && \
sudo sh -c "printf ‘Package: *\nPin: release a=unstable\nPin-Priority: 90\n’ > /etc/apt/preferences.d/limit-unstable" && \
sudo apt update && \
sudo apt install wireguard-tools –force-yes -y –no-install-recommends && \
cd /opt && \
sudo wget https://dl.google.com/go/go1.12.10.linux-amd64.tar.gz && \
sudo tar zvxf go1.12.10.linux-amd64.tar.gz && \
sudo rm go1.12.10.linux-amd64.tar.gz && \
sudo mv go /opt/go1.12.10 && \
sudo ln -s /opt/go1.12.10/bin/go /usr/local/bin/go && \
sudo git clone https://git.zx2c4.com/wireguard-go && \
sudo sed -i "s/MaxSegmentSize.*/MaxSegmentSize = 1700/g" /opt/wireguard-go/device/queueconstants_default.go && \
sudo sed -i "s/PreallocatedBuffersPerPool.*/PreallocatedBuffersPerPool = 1024/g" /opt/wireguard-go/device/queueconstants_default.go && \
cd wireguard-go && \
sudo make && \
sudo ln -s /opt/wireguard-go/wireguard-go /usr/local/bin/wireguard-go && \
sudo sed -i ‘/Environment=WG_ENDPOINT_RESOLUTION_RETRIES=infinity/a\Environment=WG_I_PREFER_BUGGY_USERSPACE_TO_POLISHED_KMOD=1’ /lib/systemd/system/[email protected] && \
sudo mkdir -p /etc/wireguard && \
sudo chmod 0777 /etc/wireguard && \
cd /etc/wireguard && \
wg genkey | tee sprivatekey | wg pubkey > spublickey && \
wg genkey | tee cprivatekey | wg pubkey > cpublickey && \
echo "[Interface]
PrivateKey = $(cat sprivatekey)
Address = 10.0.0.1/24
PostUp = iptables -A FORWARD -i wg0 -j ACCEPT; iptables -A FORWARD -o wg0 -j ACCEPT; iptables -t nat -A POSTROUTING -o venet0 -j MASQUERADE
PostDown = iptables -D FORWARD -i wg0 -j ACCEPT; iptables -D FORWARD -o wg0 -j ACCEPT; iptables -t nat -D POSTROUTING -o venet0 -j MASQUERADE
ListenPort = 45644
MTU = 1420
[Peer]
PublicKey = $(cat cpublickey)
AllowedIPs = 10.0.0.2/32" | sed ‘/^#/d;/^\s*$/d’ > wg0.conf && \
echo "[Interface]
PrivateKey = $(cat cprivatekey)
Address = 10.0.0.2/24
DNS = 1.1.1.1,8.8.8.8
MTU = 1420
[Peer]
PublicKey = $(cat spublickey)
Endpoint = $(curl -s ip.sb):45644
AllowedIPs = 0.0.0.0/0, ::0/0
PersistentKeepalive = 30" | sed ‘/^#/d;/^\s*$/d’ > client.conf && \
sudo sh -c "echo 1 > /proc/sys/net/ipv4/ip_forward" && \
sudo sh -c "echo ‘net.ipv4.ip_forward = 1’ >> /etc/sysctl.conf" && \
sudo sysctl -p && \
sudo systemctl enable wg-quick@wg0 && \
sudo systemctl start wg-quick@wg0 && \
cat /etc/wireguard/client.conf

复制代码

服务端配置文件需要修改 /etc/wireguard/wg0.conf 的 ListenPort，需要在面板映射一个 udp 端口进来，内网端口。
客户端配置文件需要修改 /etc/wireguard/client.conf 的 Endpoint，需要填写面板的外网地址，以及映射的 udp 外网端口。
修改完成重启服务端 sudo systemctl restart wg-quick@wg0

ip 分流 https://github.com/lmc999/auto-add-routes
福建网友:wg-go在ovz上的效率非常低，之前试过

未经允许不得转载：美国VPS_搬瓦工CN2 GIA VPS » taoluyun 安装 wireguard-go