zsh and wireguard updates

2024-07-08 10:42:58 -04:00
parent 170eabb4db
commit ea21651a2c
10 changed files with 1243 additions and 17 deletions
--- a/wireguard/README.md
+++ b/wireguard/README.md
@@ -0,0 +1,62 @@
+# Wireguard Setup
+
+## Fedora
+
+```bash
+dnf install wireguard
+```
+
+/etc/sysctl.d/10-wireguard.conf
+
+```conf
+net.ipv4.ip_forward=1
+net.ipv6.conf.all.forwarding=1
+```
+
+```bash
+sysctl -p
+```
+
+### Server
+
+```bash
+wg genkey | tee /etc/wireguard/private.key
+cat /etc/wireguard/private.key | wg pubkey | tee /etc/wireguard/public.key
+```
+
+```bash
+cat <<EOF > /etc/wireguard/wg0.conf
+[Interface]
+Address = 10.10.10.1/24,fd10:10:10::1/64
+ListenPort = 51820
+PrivateKey = $(cat /etc/wireguard/private.key)
+SaveConfig = true
+PostUp = iptables -t nat -I POSTROUTING -o bridge0 -j MASQUERADE
+PostUp = ip6tables -t nat -I POSTROUTING -o bridge0 -j MASQUERADE
+PreDown = iptables -t nat -D POSTROUTING -o bridge0 -j MASQUERADE
+PreDown = ip6tables -t nat -D POSTROUTING -o bridge0 -j MASQUERADE
+EOF
+```
+
+```bash
+wg set wg0 peer ndUMratPyYXKiOlU6AT5lYI7v3iohBAimgZY3/jsWik= allowed-ips 10.10.10.2,fd10:10:10::2
+```
+
+### Client
+
+```conf
+[interface]
+PrivateKey = KHgXS7zIqqfb46cfUVKvRZesswZcvib71hhYYcN39mQ=
+Address = 10.10.10.2/32,fd10:10:10::2/32
+
+[Peer]
+PublicKey = kzbHUGzYk6Uyan/NFYY5mh3pxf2IX/WzWZtImeyp6Sw=
+Endpoint = 2600:1700:1e6c:a81f:793d:7abf:e94d:9bc4:51820
+AllowedIPs = 0.0.0.0/0,::/0
+```
+
+### Testing
+
+```bash
+curl -6 icanhazip.com
+```