MikroTik RouterOS Script
/interface wireguard add listen-port={{ form.port }} mtu=1420 name={{ form.interface }} private-key="{{ serverKeys.privateKey }}"
/ip firewall filter add action=accept chain=input comment="WireGuard: Allow Service Port" dst-port={{ form.port }} protocol=udp
/ip firewall filter add action=accept chain=input comment="WireGuard: Allow DNS Access" dst-port=53 in-interface={{ form.interface }} protocol=udp
/ip address add address={{ form.network }}.1/24 interface={{ form.interface }} network={{ form.network }}.0
/interface wireguard peers
add allowed-address={{ form.network }}.{{ ip }}/32 comment="{{ c.name }}" interface={{ form.interface }} public-key="{{ c.publicKey }}" preshared-key="{{ c.psk }}"
{{ t.ui.clientManage }}
{{ form.network }}.{{ ip }}
[Interface]
Address = {{ form.network }}.{{ ip }}/32
PrivateKey = {{ c.privateKey }}
DNS = {{ allowDns ? form.network + '.1' : form.dns }}
[Peer]
PublicKey = {{ serverKeys.publicKey }}
PresharedKey = {{ c.psk }}
Endpoint = {{ form.server }}:{{ form.port }}
AllowedIPs = {{ form.allowedIps }}
PersistentKeepalive = 10