diff --git a/wireguard/deploy-wg-clients.sh b/wireguard/deploy-wg-clients.sh
new file mode 100644
index 0000000..42de6ac
--- /dev/null
+++ b/wireguard/deploy-wg-clients.sh
@@ -0,0 +1,23 @@
+#!/bin/bash
+
+mkdir -p /etc/wireguard/keys
+umask 077 && wg genkey > /etc/wireguard/keys/private.key && wg pubkey < /etc/wireguard/keys/private.key > /etc/wireguard/keys/public.key && umask 0022
+
+IP4="10.17.25.$IP"
+IP6="fd42:42:42:25"`printf '%.2x\n' $IP`"::"
+echo "[Interface]
+Address = $IP4/32
+Address = $IP6/64
+SaveConfig = false
+PostUp = wg set %i private-key /etc/wireguard/keys/private.key
+
+[Peer]
+PublicKey = iu3I09FtiVDIOuiU83JvpfJkg4yiCxolqcFsXbz5Ixc=
+AllowedIPs = 10.17.24.0/22, fd42:42:42::/48
+Endpoint = vpn.altinea.fr:58212
+PersistentKeepalive = 25" > /etc/wireguard/wg0.conf
+
+systemctl enable wg-quick@wg0.service && systemctl daemon-reload && systemctl start wg-quick@wg0
+
+echo -n "Clé publique : "
+cat /etc/wireguard/keys/public.key