40 lines
826 B
Markdown
Executable File
40 lines
826 B
Markdown
Executable File
# Wireguard
|
|
|
|
## Install
|
|
|
|
```bash
|
|
ansible-playbook \
|
|
-i ansible/inventory.yaml \
|
|
-l wireguard \
|
|
active/systemd_wireguard/install_backup.yaml \
|
|
-e "@active/systemd_wireguard/secrets/vars.yaml"
|
|
```
|
|
|
|
## Add a client
|
|
|
|
```bash
|
|
export WG_IP_SUFFIX=$(cat IP && echo $(($(cat IP) + 1)) > IP)
|
|
export PRIVKEY=$(wg genkey)
|
|
export PUBKEY=$(echo $PRIVKEY | wg pubkey)
|
|
export SERVER_PUBKEY=$(cat publickey)
|
|
cat <<EOF > id_$WG_IP_SUFFIX
|
|
[Interface]
|
|
PrivateKey = $PRIVKEY
|
|
Address = 10.10.0.$WG_IP_SUFFIX/32
|
|
DNS = 10.10.0.1
|
|
|
|
[Peer]
|
|
PublicKey = $SERVER_PUBKEY
|
|
Endpoint = pihole.reeserelease.com:51820
|
|
AllowedIPs = 10.10.0.1/32
|
|
EOF
|
|
|
|
cat id_$WG_IP_SUFFIX | qrencode -t ansiutf8
|
|
echo "Added ID $WG_IP_SUFFIX"
|
|
echo "Press enter to continue"
|
|
read
|
|
|
|
wg set wg0 peer $PUBKEY allowed-ips 10.10.0.$WG_IP_SUFFIX/32
|
|
wg-quick down wg0 && wg-quick up wg0
|
|
```
|