mirror of https://github.com/unifi-utilities/unifios-utilities.git synced 2024-08-30 18:32:21 +00:00

History

John Dorman 8761d928bc Wireguard instructions added, nextdns container updates		2020-07-09 20:28:49 -07:00
..
configs	Wireguard instructions added, nextdns container updates	2020-07-09 20:28:49 -07:00
on_boot.d	Wireguard instructions added, nextdns container updates	2020-07-09 20:28:49 -07:00
README.md	Wireguard instructions added, nextdns container updates	2020-07-09 20:28:49 -07:00

README.md

Wireguard VPN server / client

Features

Wireguard VPN to anywhere! Uses wireguard-go, not the kernel module.
Persists through reboots and firmware updates.
Tested with a Wireguard Server in AWS.

Requirements

You have successfully setup the on boot script described here
Not recommended for Wireguard newbies. Set it up on other devices first. This document does not include iptables / nat rules.

Customization

Update wg0.conf to match your env

Steps

Create your public and private keys

podman run -i --rm --net=host --name wireguard_conf masipcat/wireguard-go wg genkey > /mnt/data/wireguard/privatekey
podman run -i --rm --net=host --name wireguard_conf masipcat/wireguard-go wg genkey < /mnt/data/wireguard/privatekey > /mnt/data/wireguard/publickey

Make configurations dir
```
mkdir -p /mnt/data/wireguard
```
Create wireguard configuration file in /mnt/data/wireguard. Template: wg0.conf
Copy 20-wireguard.sh to /mnt/data/on_boot.d and update its values to reflect your environment
Execute /mnt/data/on_boot.d/20-wireguard.sh
If you are running a server, make the appropriate firewall rules / port forwards

Useful commands

podman exec -it wireguard wg
podman exec -it wireguard wg-quick up wg0
podman exec -it wireguard wg-quick down wg0