overhauls of most service docs
All checks were successful
Podman DDNS Image / build-and-push-ddns (push) Successful in 33s
All checks were successful
Podman DDNS Image / build-and-push-ddns (push) Successful in 33s
This commit is contained in:
35
active/systemd_wireguard/install.sh
Executable file
35
active/systemd_wireguard/install.sh
Executable file
@@ -0,0 +1,35 @@
|
||||
# TODO
|
||||
# 1. Ask for listen port
|
||||
# 2. Ask for name of eth interface
|
||||
|
||||
apt-get update
|
||||
apt-get upgrade -y
|
||||
apt-get install -y raspberrypi-kernel-headers
|
||||
apt install -y wireguard qrencode iptables
|
||||
|
||||
cat > /etc/sysctl.conf <<EOF
|
||||
net.ipv4.ip_forward=1
|
||||
net.ipv6.conf.all.forwarding=1
|
||||
EOF
|
||||
|
||||
reboot
|
||||
|
||||
cd /etc/wireguard
|
||||
umask 077
|
||||
export PRIVKEY=$(wg genkey)
|
||||
echo $PRIVKEY | tee privatekey | wg pubkey | tee publickey
|
||||
echo $PRIVKEY | tee --append /etc/wireguard/wg0.conf
|
||||
cat > /etc/wireguard/wg0.conf <<EOF
|
||||
[Interface]
|
||||
Address = 10.10.0.1/24
|
||||
Address = fd86:ea04:1111::1/64
|
||||
SaveConfig = true
|
||||
PostUp = iptables -A FORWARD -i wg0 -j ACCEPT; iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE; ip6tables -A FORWARD -i wg0 -j ACCEPT; ip6tables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
|
||||
PostDown = iptables -D FORWARD -i wg0 -j ACCEPT; iptables -t nat -D POSTROUTING -o eth0 -j MASQUERADE; ip6tables -D FORWARD -i wg0 -j ACCEPT; ip6tables -t nat -D POSTROUTING -o eth0 -j MASQUERADE
|
||||
ListenPort = 51820
|
||||
PrivateKey = $PRIVKEY
|
||||
EOF
|
||||
|
||||
sysctl -p
|
||||
wg-quick up wg0
|
||||
wg
|
||||
Reference in New Issue
Block a user