wireguard create new clients automatically

hi @ all,

is it possible to run the basic install script again to copy contents from existing wg0-client.conf with a new key pair to wg1-client.conf, wg2-client.conf etc. to create more clients automatically?

best wishes!


pls have a look to our online docs https://dietpi.com/docs/software/vpn/#wireguard

there is a section on how to add new clients https://dietpi.com/docs/software/vpn/#adding-multiple-clients

it works like a charm, but maybe it would be possible to input a script that lets the user set a value for clients and those are automatically created. that would be handy.

UPDATE: when following the script I can create a new client, but when I connect to the server no data is received. in other words: tunnel1 works fine, tunnel 2 won’t although the settings are basically the same (except for key pair for client 2).
tried to check every single step. but with no success. do you have an idea?

The IP of the second client should also be different.

yup, you need to use different IP’s for each client Server client 01 client 02 client 03

I do. How can I start Clean? Deleted WG and install again?

A small Script would be ideal to automate the generation of clients here. Since it is basically the start install Script with modifications I thought it would be handy for many users, too.

If you have it installed via DietPi software, just uninstall it. If you like something like a script to manage your accounts, you could use PiVPN as command line tool to manage your peers.

But I agree, a simple dialog/UI for client config creation and revocation would be awesome. We’re open for contributions :slight_smile:.

with pivpn I can manage my wireguard accounts?!? do I have to install wireguard before or is PiVPN → WG the way to go?

PiVPN is a simple command line tool to manage wg configuration files. It’s not an own VPN software. During installation, PiVPN install script will take care on all needed steps to get Wireguard installation done. Basically it’s doing nothing else than manager the conf files. Server configuration will be different from DietPi’s as PiVPN is more generic script that will work on quite a large number of different OS.

will give it a go. since uninstall I cannot even get ONE client to connect again. strange.

Ensure the correct DDNS is used. As well check if you see a handshake on the server side. On plain Wireguard, you can use wg command. As well check correct port forwarding on your router. As long as you don’t see a handshake, VPN connection is not established.

If you see a handshake, try to open a website using IP first. This will exclude DNS and verify basic connection. If this works, try opening a page using DNS.

pivpn works great. it makes creating clients much easier. but it does not seem to have Pihole as DNS because ads come through. how to test if it uses Pihole?

Have a look in your client app. There you see the DNS server set. Change it to your PiHole server IP.

I guess PiVPN stores the DNS server information somewhere, to use it for the client file creation. But I’m not 100% sure where.

it stores a 10.0.6.x IP although Pihole is 192.168.2.x. strange

10.0.6.x is the VPN-internal IP. That should also work when Pi-hole is on the same system as the VPN server, and the IP matches the servers IP, hence usually. Otherwise, yes, the LAN IP will always work.

piVPN works great. the normal WG script wouldn’t work, but PiVPN did the trick. I have no clue why. same input data was used.

just to be clear, PiVPN is doing nothing else crating the client conf files. The WireGuard VPN server is still the same as before. Probably something was not set correctly while setting up the additional clients.