wireguard-install-script# ๐ WireGuard Setup Manager
A modern, secure, and user-friendly WireGuard VPN installation script with advanced management features
๐ Quick Installation
Step-by-Step Installation
curl -O https://raw.githubusercontent.com/Aaron-EUGameHost/wireguard-install-script/main/install.sh
chmod +x install.sh
sudo ./install.sh
๐ What This Script Does
This script provides a complete WireGuard VPN solution that transforms your Linux server into a secure, high-performance VPN server in minutes. Unlike basic installers, our script offers enterprise-grade features with consumer-friendly simplicity.
๐ Best VPS Providers for WireGuard VPN Hosting
Looking for the fastest, most secure VPS for your WireGuard VPN? Here are the top choices tested for performance, reliability, and protection.
| Feature | EUGameHost |
|---|---|
| Location | ๐ฌ๐ง United Kingdom โ ultra-low latency from UK data centre |
| Starting Price | ๐ท From ยฃ2.00/month (View Plans) |
| DDoS Protection | ๐ก๏ธ Up to 6โฏTbps filtering with CosmicGuard tailored for VPN traffic |
| WireGuard-Specific Filtering | โ Yes โ Custom rules to protect UDP-based WireGuard tunnels |
| Disk Performance | ๐ NVMe Gen4 SSDs for instant response times |
| Network Uplink | โก 10โฏGbps connections across all VPS plans |
| Support | ๐ฌ๐ง 100% UK-based team โ real humans, not bots |
| Backups | ๐ Daily encrypted offsite backups included |
| Ownership | ๐ข Company-owned hardware, not rented โ better control and uptime |
| Wireguard DDoS Filter | ๐ The Best WiregGuard DDoS Filters secure your server and keep you in control. |
๐ฅ Top Recommendation: For serious WireGuard VPN hosting with DDoS filtering that actually protects your tunnel, EUGameHost is unmatched โ high throughput, low ping, and filters tailored for WireGuard.
Let me know if you also want a Reddit/Discord-friendly plaintext version or want to turn this into a markdown doc for GitHub.
๐ฏ Core Functionality
Automated Server Setup:
- Detects your operating system and installs compatible WireGuard packages
- Configures network interfaces and routing automatically
- Sets up secure firewall rules (UFW, Firewalld, or iptables)
- Enables IP forwarding for optimal VPN performance
- Creates systemd services for automatic startup
Intelligent Client Management:
- Interactive client creation with input validation
- Automatic IP address assignment with conflict prevention
- QR code generation for mobile devices (both terminal and PNG)
- Client configuration file generation with optimal settings
- Easy client removal with automatic cleanup
โจ Advanced Features & Why They Matter
๐ Enterprise-Grade Security
- Cryptographic Key Management: Secure generation and storage of private keys with proper file permissions (600/700)
- Input Validation: Comprehensive validation prevents configuration errors and security vulnerabilities
- Firewall Integration: Automatically detects and configures your system's firewall (UFW, Firewalld, iptables)
- Network Isolation: Proper subnet management prevents IP conflicts and ensures network security
Why it matters: Your VPN is only as secure as its weakest configuration point. We eliminate common security mistakes.
๐จ Superior User Experience
- Interactive Menu System: Intuitive colored menus make complex operations simple
- Real-Time Status Monitoring: Live connection tracking and system resource monitoring
- QR Code Generation: Instant mobile device setup - scan and connect
- Comprehensive Logging: Detailed logs help troubleshoot issues quickly
Why it matters: Complex doesn't have to mean complicated. Spend time using your VPN, not configuring it.
๐ ๏ธ Professional Management Tools
- JSON Configuration Storage: Structured configuration management for reliability and scalability
- Automated Backup System: Timestamped backups protect against data loss
- Client Metadata Tracking: Track creation dates, status, and usage patterns
- Service Health Monitoring: Real-time monitoring of WireGuard service status
Why it matters: Professional tools for professional results. Manage dozens of clients as easily as one.
๐ Multi-Platform Compatibility
- Ubuntu 20.04+ - Full support with APT package management
- Debian 10+ - Native WireGuard support with backports handling
- CentOS 8+ - EPEL repository integration and RPM management
- Fedora 35+ - Latest WireGuard tools with DNF
- AlmaLinux & Rocky Linux - Enterprise Linux compatibility
- Raspberry Pi OS - ARM architecture support for Pi-based VPNs
Why it matters: One script works everywhere. No need to learn different tools for different systems.
๐ Smart Network Management
- Automatic Interface Detection: Finds your primary network interface automatically
- Port Availability Checking: Scans for available ports to prevent conflicts
- IP Range Management: Intelligent IP assignment prevents subnet collisions
- DNS Configuration: Optimized DNS settings for performance and privacy
Why it matters: Networking complexity handled automatically. Just answer simple questions and go.
๐ Maintenance & Operations
- Live Configuration Reloading: Add/remove clients without service interruption
- System Status Dashboard: Real-time view of connections, resources, and performance
- Automated Cleanup: Proper resource cleanup when removing clients or uninstalling
- Log Management: Structured logging with different severity levels
Why it matters: VPNs need ongoing management. We make it effortless.
๐ฑ Supported Client Platforms
Your WireGuard VPN works seamlessly across all devices:
- ๐ช Windows - Official WireGuard client
- ๐ macOS - App Store or official client
- ๐ง Linux - Native WireGuard support
- ๐ฑ iOS - WireGuard app from App Store
- ๐ค Android - WireGuard app from Google Play
- ๐ OpenWRT - Router-level VPN support
๐ ๏ธ System Requirements
Minimum Requirements:
- OS: Ubuntu 20.04+, Debian 10+, CentOS 8+, Fedora 35+
- RAM: 512MB (1GB+ recommended)
- Storage: 1GB free space
- Network: Public IP address
- Access: Root/sudo privileges
Recommended Specifications:
- CPU: 2+ cores for multiple clients
- RAM: 2GB+ for optimal performance
- Storage: SSD for better I/O performance
- Bandwidth: Unmetered or high allocation
Tested Operating Systems:
- โ Ubuntu 20.04, 22.04, 24.04 LTS
- โ Debian 10 (Buster), 11 (Bullseye), 12 (Bookworm)
- โ CentOS 8, 9 Stream
- โ AlmaLinux 8, 9
- โ Rocky Linux 8, 9
- โ Fedora 35, 36, 37, 38+
- โ Raspberry Pi OS (ARM)
๐ฏ Usage Examples
Basic Installation
# Download and run installer
curl -fsSL https://raw.githubusercontent.com/Aaron-EUGameHost/wireguard-install-script/main/install.sh | sudo bash
# Follow the interactive prompts:
# 1) Install WireGuard Server
# Enter your preferences or press Enter for defaults
Adding Your First Client
# Run the script again after installation
sudo ./wireguard-install.sh
# Select: 2) Add New Client
# Enter client name: "laptop"
# QR code and config file generated automatically
Command Line Usage
# Direct installation
sudo ./wireguard-install.sh install
# Check system status
sudo ./wireguard-install.sh status
# Create backup
sudo ./wireguard-install.sh backup
๐ง Advanced Configuration
Custom Network Settings
# Edit server configuration before installation
nano /etc/wireguard-manager/server.conf
# Customize VPN subnet, DNS servers, port ranges
# Full JSON schema documentation included
Firewall Customization
# Script automatically detects and configures:
# - UFW (Ubuntu/Debian)
# - Firewalld (CentOS/RHEL/Fedora)
# - iptables (fallback)
# Manual firewall rules also supported
Performance Tuning
# Optimized settings included:
# - Kernel parameter tuning
# - Network interface optimization
# - Connection keepalive settings
# - MTU size optimization
๐ Why WireGuard?
WireGuard vs. OpenVPN Performance:
- ๐ 4x faster connection speeds
- ๐ Better battery life on mobile devices
- ๐ก๏ธ Modern cryptography (ChaCha20, Poly1305)
- ๐ง Simpler configuration (less than 100 lines of code)
- โ Kernel-level integration for maximum performance
Real-World Speed Comparison:
- OpenVPN: ~300 Mbps maximum throughput
- WireGuard: ~1000+ Mbps throughput possible
- Latency: 50% lower ping times vs OpenVPN
- CPU Usage: 80% less CPU overhead
๐จ Security Features
Built-in Security Measures:
- ๐ Perfect Forward Secrecy - Keys rotated automatically
- ๐ก๏ธ DDoS Protection - Built-in rate limiting
- ๐ Strong Encryption - ChaCha20-Poly1305 cipher suite
- ๐ซ No Log Policy - Script creates no persistent logs by default
- ๐ DNS Leak Protection - Secure DNS configuration included
Network Security:
- Automatic Firewall Rules - Only necessary ports opened
- IP Forwarding Controls - Secure routing configuration
- Network Isolation - Client traffic properly segmented
- Access Control - Per-client IP and routing restrictions
๐ Monitoring & Maintenance
Built-in Monitoring:
# Real-time connection status
sudo ./wireguard-install.sh status
# View system resources
# Check connected clients
# Monitor network traffic
# Review system logs
Automated Maintenance:
- ๐ Configuration Validation - Automatic syntax checking
- ๐พ Backup Management - Automated timestamped backups
- ๐งน Log Rotation - Prevents disk space issues
- ๐ Health Checks - Service monitoring included
๐ค Contributing
We welcome contributions! Here's how you can help:
Reporting Issues:
- ๐ Bug Reports - Use GitHub issues with detailed info
- ๐ก Feature Requests - Suggest new functionality
- ๐ Documentation - Help improve our guides
Code Contributions:
- ๐ง Shell Scripting - Bash expertise welcome
- ๐ Network Configuration - VPN and networking knowledge
- ๐งช Testing - Multi-platform testing needed
Support the Project:
- โญ Star this repository - Help others discover it
- ๐ข Share with friends - Spread the word
- ๐ฌ Join discussions - Help answer questions
๐ Support & Troubleshooting
Common Issues:
โ "Port already in use" error
# Script automatically finds available ports
# If you need a specific port, stop conflicting services first
โ "Cannot detect public IP" error
# Manual IP specification supported
# Check your cloud provider's networking setup
โ "Kernel module not found" error
# Script handles kernel module installation
# Older kernels may need system updates
Getting Help:
๐ License & Legal
MIT License - Free for personal and commercial use
This project is not affiliated with the WireGuard project. WireGuard is a registered trademark of Jason A. Donenfeld.
Privacy Notice:
- No user data collected or transmitted
- No telemetry or analytics included
- Configuration remains on your server only
- Open source - audit the code yourself
Made with โค๏ธ by EUGameHost
Secure your connections. Protect your privacy. Own your VPN.