PheeZz's Wireguard Bot

Contents tree:

1. Description
2. Stack
3. Before you start...
4. Setup guide

❗️Attention: check my new VPN bot on XRAY (xtls-reality) protocol

Description

This bot is designed to manage Wireguard VPN server. It can automatically connect and disconnect users, generate QR codes for mobile clients, and also can be used as a payment system for VPN services.

Stack

Core: python 3.10, aiogram 2.x
Database: postgresql

Before you start... (if don't want to use semi-automatic installation script)

1. You need to manually install Wireguard on your server. You can find installation guide here.
2. You need to configure Wireguard server. You can find configuration guide here (RUS).
3. You need to create a bot using BotFather.
4. You need to install PostgreSQL.
5. You need to have poetry installed on your system. You can find installation guide here.

Setup

1. You can use semi-automatic installation script or manual installation guide. If you want to use script, just run it and follow the instructions. If you want to install bot manually, follow the instructions below.

   Semi-automatic installation script

   wget https://raw.githubusercontent.com/PheeZz/wireguard-bot/master/SemiAutoInstall.sh && chmod +x SemiAutoInstall.sh && ./SemiAutoInstall.sh
   

Manual installation guide

2. Clone this repo and go to project folder
   

   git clone https://github.com/PheeZz/wireguard-bot.git && cd wireguard-bot
   

3. Create your virtualenv inside project dir
   

   poetry shell
   

4. Download required libs
   

   poetry install
   

5. Create your database
   

   sudo -u postgres psql
   

   CREATE DATABASE <database_name>;
   CREATE USER <user_name> WITH PASSWORD '<password>';
   GRANT ALL PRIVILEGES ON DATABASE <database_name> TO <user_name>;
   GRANT ALL ON ALL TABLES IN SCHEMA "public" TO <user_name>;
   \q
   

6. Create .env file in data folder and fill it with your data. You can use following example as a template or use .env.sample file (it's the same)
   

   cp data/.env.sample data/.env
   nano data/.env
   

   .env file example

   #telegram bot token
   WG_BOT_TOKEN = <str>
   #ip of your wireguard server
   WG_SERVER_IP = <str>
   #port of your wireguard server
   WG_SERVER_PORT = '51830'
   #server's public key
   WG_SERVER_PUBLIC_KEY = <str>
   #server's preshared key
   WG_SERVER_PRESHARED_KEY= <str>
   #path to wireguard config file, default /etc/wireguard/wg0.conf
   WG_CFG_PATH = '/etc/wireguard/wg0.conf'
   #token for telegram invoice payments, if you don't use payments, just leave it empty (NOW IT'S NOT WORKING)
   PAYMENTS_TOKEN = <str>
   #your telegram id, you can get it from @userinfobot or @myidbot or @RawDataBot
   ADMINS_IDS = <str>
   #your bank card number, if you will use payments with "handmade" method
   PAYMENT_CARD = <str>
   #any text you want to show in the start of every peer config file (for example in case MYVPN_pheezz_PC.conf - "MYVPN" is prefix)
   CONFIGS_PREFIX = <str>
   #how much subscription costs in rubles
   BASE_SUBSCRIPTION_MONTHLY_PRICE_RUBLES = <int>
   #dns server for your peers, default 1.1.1.1 if you don't use AdGuard Home, else 10.0.0.1
   PEER_DNS = '1.1.1.1'
   
   #name of your database
   DATABASE = <str>
   #database user
   DB_USER = <str>
   #database user's password
   DB_USER_PASSWORD = <str>
   #database host, default localhost
   DB_HOST = 'localhost'
   #database port, default 5432
   DB_PORT = '5432'
   

7. Configure your database tables
   

   Move create script from database/create.py to project root folder and run it

   mv database/create.py . && python3.10 create.py
   

   Now you can delete create.py file

   rm create.py
   

8. Install AdGuard Home (optional)

   Firtly make installation script executable

   chmod +x AdGuardInstall.sh
   

   Then run it

   ./AdGuardInstall.sh
   

9. Configure AddGuard Home

   Open AddGuard Home web interface on url <your_server_ip>:3000 Do the initial setup, it's very simple, just follow the instructions and create admin account Go to Settings -> Filters -> DNS blocklists and add some blocklists (I recommend to use add all available blocklists EXCEPT No Google list)

10. Create .service file for your bot

    Path: /etc/systemd/system/wireguard-bot.service Code: (if you using python 3.10)

     [Unit]
     Description='Service for wireguard bot'
     After=network.target
    
     [Service]
     Type=idle
     Restart=on-failure
     User=root
     ExecStart=/bin/bash -c 'cd ~/wireguard-bot/ && $(poetry env info --path)/bin/python3.10 app.py'
    
     [Install]
     WantedBy=multi-user.target
    

11. Enable service and start it

    systemctl enable wireguard-bot.service
    systemctl start wireguard-bot.service
    

12. Finally, you can use your bot and enjoy it ❤️

Extra

Admin commands (available in chat with bot)

1. /give <user_id> <days> - give user access to VPN for <days> days.
   Also you can use this command with <@username> instead of <user_id>.
   If you want to disable user's access, just use /give <user_id> -9999 or any negative number that will be higher than user's access expiration date.
   WARNING: disconnecting user will not remove his access from database, so you can give him access again later.
   Example: /give 123456789 30 - give user with id 123456789 access to VPN for 30 days.
2. /stats - show stats about users and their access expiration dates.
   Aviable options: /stats active - show active users.
   /stats inactive - show inactive users.
   /stats without options will show all users.
   /wgrestart - restart wireguard service

TODO

1. Rewrite subcrription checking daemon (make it parse wg0.conf file, not check by db only).
2. Create server-to-server migration script (user configs must use domain instead of server ip)

Support

You can support me by give star to this repo or.. Donation..

ETH - 0x56936AE100f52F99E87767773Ccb2615f1E06ae4

Star History