Wireguard
Ansible
ansible-playbook -i ansible/inventory.yaml wireguard/keys.yaml
ansible-playbook -i ansible/inventory.yaml wireguard/wireguard.yaml
ansible-playbook -i ansible/inventory.yaml wireguard/peers.yaml
CLI Setup
# Peer 1
wg genkey | tee /etc/wireguard/privatekey | wg pubkey > /etc/wireguard/publickey
ip link add dev wg0 type wireguard
ip address add dev wg0 10.10.10.1/24
wg set wg0 \
listen-port 51821 \
private-key /etc/wireguard/privatekey
wg set wg0 \
peer CQxNsdPgfzjvOszjn/UZHFdAY3k+D9J+vI8qKUjCYV0= \
allowed-ips '10.10.10.0/24' \
endpoint 10.1.200.253:51821
ip link set up dev wg0
touch /etc/wireguard/wg0.conf
wg-quick save wg0
# Peer 2
wg genkey | tee /etc/wireguard/privatekey | wg pubkey > /etc/wireguard/publickey
ip link add dev wg0 type wireguard
ip address add dev wg0 10.10.10.2/24
wg set wg0 \
listen-port 51821 \
private-key /etc/wireguard/privatekey \
peer kzbHUGzYk6Uyan/NFYY5mh3pxf2IX/WzWZtImeyp6Sw= \
allowed-ips '10.10.10.0/24' \
endpoint 10.1.203.197:51821
ip link set up dev wg0
touch /etc/wireguard/wg0.conf
wg-quick save wg0
# Peer 3
wg genkey | tee /etc/wireguard/privatekey | wg pubkey > /etc/wireguard/publickey
ip link add dev wg0 type wireguard
ip address add dev wg0 10.10.10.3/24
wg set wg0 \
listen-port 51821 \
private-key /etc/wireguard/privatekey \
peer kzbHUGzYk6Uyan/NFYY5mh3pxf2IX/WzWZtImeyp6Sw= \
allowed-ips '10.10.10.0/24' \
endpoint 10.1.203.197:51821
wg set wg0 \
peer 9/dBUlO9TGf0H9M3xwPiuIuz6Q/u7fSJVZaUxqAiqi8= \
allowed-ips '10.10.10.0/24' \
endpoint 10.1.2.10:51821
ip link set up dev wg0
touch /etc/wireguard/wg0.conf
wg-quick save wg0
# teardown
ip link delete wg0