Mario Alegre
5 years ago
2 changed files with 48 additions and 0 deletions
@ -0,0 +1,10 @@ |
|||||
|
# add a peer |
||||
|
|
||||
|
Say we want to connect two computers via wireguard. We will call them **one** and **two**. |
||||
|
|
||||
|
## one |
||||
|
on one, run the following command to add a new host: |
||||
|
``` |
||||
|
sudo wg set wg0 peer ${two_pubkey:?} endpoint ${two_public_ip:?}:${two_port:?} allowed-ips ${two_wg_ip:?}/32 |
||||
|
``` |
||||
|
if we also want to be able to refer to the host by an easy to remember name rather than just an IP, we can also add it to `/etc/hosts` |
||||
@ -0,0 +1,38 @@ |
|||||
|
# install & configure wireguard |
||||
|
|
||||
|
## install via apt |
||||
|
``` |
||||
|
sudo apt install wireguard |
||||
|
``` |
||||
|
|
||||
|
## config |
||||
|
create config file with private key for our bridge: |
||||
|
``` |
||||
|
cd /etc/wireguard/ |
||||
|
(umask 077 && printf "[Interface]\nPrivateKey = " | sudo tee wg0.conf > /dev/null) |
||||
|
wg genkey | sudo tee -a wg0.conf | wg pubkey | sudo tee wg0.pubkey |
||||
|
``` |
||||
|
open `wg0.conf` in a text editor and add the following lines: |
||||
|
``` |
||||
|
ListenPort = $port |
||||
|
SaveConfig = true |
||||
|
Address = ${wireguard_ip:?}/24 |
||||
|
``` |
||||
|
where `wireguard_ip` is the IP that computer should have in the WireGuard network. |
||||
|
|
||||
|
## firewall |
||||
|
if the computer is using a firewall, don't forget to allow whatever port you chose through the firewall. If you are using `nftables` as your firewall, you will want to edit `/etc/nftables.conf`. |
||||
|
|
||||
|
## start |
||||
|
to start wireguard, run the command: |
||||
|
``` |
||||
|
sudo systemctl start wg-quick@wg0 |
||||
|
``` |
||||
|
to enable wireguard to automatically start this interface on boot, run the command: |
||||
|
``` |
||||
|
sudo systemctl enable wg-quick@wg0 |
||||
|
``` |
||||
|
to see WireGuard's status and configuration, run: |
||||
|
``` |
||||
|
wg |
||||
|
``` |
||||
Loading…
Reference in new issue