diff --git a/BashScripts/install-wireguard-server.sh b/BashScripts/install-wireguard-server.sh
new file mode 100644
index 0000000..4d37802
--- /dev/null
+++ b/BashScripts/install-wireguard-server.sh
@@ -0,0 +1,117 @@
+# Install using: sudo su -c "bash <(wget -qO- /url/to/install-wireguard-server.sh)"
+
+# Make sure script is ran as root
+if [[ $EUID -ne 0 ]]; then
+	exec sudo /bin/bash "$0" "$@"
+fi
+read -e -p "Enter lan NIC: " -i $(ip route | grep default | sed -e 's/^.*dev.//' -e 's/.proto.*//') NIC_NAME
+read -e -p "Enter VPN subnet: " -i "192.168.200" VPN_SUBNET
+read -e -p "Enter LAN subnet: " -i "192.168.0" LAN_SUBNET
+read -e -p "Enter VPN public hostname: " -i "home.myspace.nu" VPN_PUBLIC_HOST
+
+if [ $(dpkg-query -W -f='${Status}' wireguard 2>/dev/null | grep -c "ok installed") -eq 0 ];
+then
+	echo "Installing Wireguard"
+	apt install wireguard
+fi
+
+mkdir -m 0700 /etc/wireguard/ > /dev/null 2>&1
+cd /etc/wireguard/
+
+if [ ! -f privatekey ]
+then
+	echo "Generating private and public keys"
+	umask 077; wg genkey | tee privatekey | wg pubkey > publickey
+fi
+SERVER_PRIVATEKEY=$(cat "privatekey")
+SERVER_PUBLICKEY=$(cat "publickey")
+# sudo ufw allow 41194/udp
+
+if ! grep -q "net.ipv4.ip_forward" "/etc/sysctl.d/10-wireguard.conf"; then
+	echo 'net.ipv4.ip_forward=1' | sudo tee -a /etc/sysctl.d/10-wireguard.conf
+	echo 'net.ipv6.conf.all.forwarding=1' | sudo tee -a /etc/sysctl.d/10-wireguard.conf
+	sysctl -p /etc/sysctl.d/10-wireguard.conf
+fi
+
+sudo tee /etc/wireguard/wg0.conf.base > /dev/null <<EOL
+[Interface]
+Address = $VPN_SUBNET.1/24
+ListenPort = 51820
+PrivateKey = ${SERVER_PRIVATEKEY}
+
+PostUp = iptables -A FORWARD -i %i -d 192.168.0.1/32 -j ACCEPT
+PostUp = iptables -A FORWARD -i %i -d 192.168.0.3/32 -j ACCEPT
+PostUp = iptables -A FORWARD -i %i -d 192.168.200.0/24 -j ACCEPT
+PostUp = iptables -A FORWARD -i %i -d 0.0.0.0/0 -j DROP
+PostUp = iptables -A FORWARD -o %i -j ACCEPT
+PostUp = iptables -t nat -A POSTROUTING -o ${NIC_NAME,,} -j MASQUERADE
+
+PostDown = iptables -D FORWARD -i %i -d 192.168.0.1/32 -j ACCEPT
+PostDown = iptables -D FORWARD -i %i -d 192.168.0.3/32 -j ACCEPT
+PostDown = iptables -D FORWARD -i %i -d 192.168.200.0/24 -j ACCEPT
+PostDown = iptables -D FORWARD -i %i -d 0.0.0.0/0 -j DROP
+PostDown = iptables -D FORWARD -o %i -j ACCEPT
+PostDown = iptables -t nat -D POSTROUTING -o ${NIC_NAME,,} -j MASQUERADE
+
+# [Peer]
+# Client 1
+# PublicKey = ...
+# AllowedIPs = 192.168.200.2/32
+
+EOL
+cat /etc/wireguard/wg0.conf.base /etc/wireguard/wg0.conf.clients > /etc/wireguard/wg0.conf
+
+if ! systemctl is-active --quiet "wg-quick@wg0.service" ; then
+	systemctl enable wg-quick@wg0
+	systemctl start wg-quick@wg0
+	sudo systemctl status wg-quick@wg0
+	wg
+	ip a show wg0
+fi
+
+
+sudo tee /usr/local/bin/wg-adduser.sh > /dev/null <<EOL
+read -e -p "Enter username: " -i "Anonymous" WGCLIENT
+for i in {2..255}; do
+	ip="$VPN_SUBNET.\$i"
+	if ! grep -q "\$ip" "/etc/wireguard/wg0.conf"; then
+		break
+	fi
+done
+CLIENT_PRIVATEKEY=\$(wg genkey)
+CLIENT_PUBLICKEY=\$(echo "\$CLIENT_PRIVATEKEY" | wg pubkey)
+SERVER_PUBLICKEY=$(cat "/etc/wireguard/publickey")
+
+sudo tee /etc/wireguard/client-\$WGCLIENT.conf > /dev/null <<LOE
+# Private key: \$CLIENT_PRIVATEKEY
+# Public key:  \$CLIENT_PUBLICKEY
+[Interface]
+PrivateKey = \$CLIENT_PRIVATEKEY
+Address = \$ip/24
+DNS = 1.1.1.1, 8.8.8.8
+
+[Peer]
+PublicKey = \$SERVER_PUBLICKEY
+# AllowedIPs = 0.0.0.0/0 # Will route all traffic through the VPN
+AllowedIPs = $LAN_SUBNET.0/24, $VPN_SUBNET.0/24
+Endpoint = $VPN_PUBLIC_HOST:51820
+PersistentKeepalive = 25
+LOE
+
+cat <<LOE >> "/etc/wireguard/wg0.conf.clients"
+
+[Peer]
+# Client: \$WGCLIENT
+PublicKey = \$CLIENT_PUBLICKEY
+AllowedIPs = \$ip/32
+LOE
+cat /etc/wireguard/wg0.conf.base /etc/wireguard/wg0.conf.clients > /etc/wireguard/wg0.conf
+cat /etc/wireguard/client-\$WGCLIENT.conf
+wg-quick down wg0 && wg-quick up wg0
+EOL
+chmod 777 /usr/local/bin/wg-adduser.sh
+
+sudo tee /usr/local/bin/wg-restart.sh > /dev/null <<EOL
+wg-quick down wg0 && wg-quick up wg0
+EOL
+chmod 777 /usr/local/bin/wg-restart.sh