A tool that utilizes the Wireguard CLI (wg
and wg-quick
) to establish a
Wireguard VPN connection using Wireguard by randomly selecting a configuration
file stored in /etc/wireguard
- Wireguard
- Installation for most common Linux based systems: https://www.wireguard.com/install/
- Fedora Silverblue:
rpm-ostree install wireguard-tools
- Wireguard configuration file(s) stored in
/etc/wireguard
- Many VPN providers Mullvad and ProtonVPN for example have the option to
provide Wireguard configuration files.
- https://mullvad.net/download/wireguard-config/
- https://account.protonvpn.com/downloads#wireguard-configuration
- For examples of how they look like: https://www.wireguardconfig.com/
- Many VPN providers Mullvad and ProtonVPN for example have the option to
provide Wireguard configuration files.
The wg-random
command must run with sudo
, as root privileges are required
to run the Wireguard CLI commands.
The following commands must run with sudo
# To start the vpn:
wg-random up
# To stop the vpn:
wg-random down
# To view the status of the vpn:
wg-random status
There different ways of doing this. The approach presented here will be using
systemd
, but one could for instance use crontab
for this as well.
- Verify
systemd
is installed on your system by runningsystemctl --version
- Copy the
wg-random
script to/usr/local/bin
- Copy the
wg-random.service
service file to/etc/systemd/system
. - Run
systemctl daemon-reload
- Run
systemctl enable wg-random.service
The service should not be started/stopped to control the status of the VPN. This
is merely a way to have the VPN auto-start on boot. To start/stop the VPN after
the device has been booted, the wg-random
command should be executed
directly.
- Option to block non VPN communication with
iptables
- Additional option to only select among configuration files containing a certain sub-string (useful for when the name of the configuration files contains regions and/or other properties)