From 1981429774a9958df8254674a6eb4cad93c10a07 Mon Sep 17 00:00:00 2001
From: angristan <angristan@pm.me>
Date: Fri, 24 May 2019 00:25:48 +0200
Subject: [PATCH] Enfore restrictive permissions on /etc/wireguard

---
 wireguard-install.sh | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/wireguard-install.sh b/wireguard-install.sh
index 530e19b..203599f 100644
--- a/wireguard-install.sh
+++ b/wireguard-install.sh
@@ -124,6 +124,8 @@ PublicKey = $SERVER_PUB_KEY
 Endpoint = $SERVER_PUB_IP:$SERVER_PORT
 AllowedIPs = 0.0.0.0/0,::/0" >> "$HOME/$SERVER_WG_NIC-client.conf"
 
+chmod 600 -R /etc/wireguard/
+
 # Enable routing on the server
 echo "net.ipv4.ip_forward = 1
 net.ipv6.conf.all.forwarding = 1" > /etc/sysctl.d/wg.conf