unifios-utilities/wireguard-go/README.md

1.5 KiB

Wireguard VPN server / client

Features

  1. Wireguard VPN to anywhere! Uses wireguard-go, not the kernel module.
  2. Persists through reboots and firmware updates.
  3. Tested with a Wireguard Server in AWS.

Requirements

  1. You have successfully setup the on boot script described here
  2. Not recommended for Wireguard newbies. Set it up on other devices first. This document does not include iptables / nat rules.

Customization

Steps

  1. Create your public and private keys
    podman run -i --rm --net=host --name wireguard_conf masipcat/wireguard-go wg genkey > /mnt/data/wireguard/privatekey
    podman run -i --rm --net=host --name wireguard_conf masipcat/wireguard-go wg genkey < /mnt/data/wireguard/privatekey > /mnt/data/wireguard/publickey
    
  2. Make configurations dir
    mkdir -p /mnt/data/wireguard
    
  3. Create wireguard configuration file in /mnt/data/wireguard. Template: wg0.conf
  4. Copy 20-wireguard.sh to /mnt/data/on_boot.d and update its values to reflect your environment
  5. Execute /mnt/data/on_boot.d/20-wireguard.sh
  6. If you are running a server, make the appropriate firewall rules / port forwards

Useful commands

podman exec -it wireguard wg
podman exec -it wireguard wg-quick up wg0
podman exec -it wireguard wg-quick down wg0