mar
/
sysadmin
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
How to set up/manage services on a computer
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
46 Commits
1 Branch
0 Tags
179 KiB
 
Tree: a1a53c2540
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'a1a53c2540'
${ noResults }
sysadmin/docs/linux/wireguard/install.md

1.3 KiB
Raw Blame History

Install & Configure WireGuard

Install

to install via apt:

sudo apt update
sudo apt install wireguard -y

wireguard is a kernel module, so if you are running an outdated version of the kernel you may need to upgrade it and reboot as well:

sudo apt upgrade
sudo shutdown -r now

Generate Config

create config file with private key for our bridge:

cd /etc/wireguard/
(umask 077 && printf "[Interface]\nPrivateKey = " | sudo tee wg0.conf > /dev/null)
wg genkey | sudo tee -a wg0.conf | wg pubkey | sudo tee wg0.pubkey > /dev/null

open wg0.conf in a text editor and add the following lines:

ListenPort = ${wireguard_port:?}
SaveConfig = true
Address = ${wireguard_ip:?}/24

where 'wireguard_port' is the port that wireguard should listen on, and wireguard_ip is the IP that computer should have in the WireGuard network.

Configure Firewall

if the computer is using a firewall, don't forget to allow whatever port you chose through the firewall. If you are using nftables as your firewall, you will want to edit /etc/nftables.conf.

Start Service

to start wireguard, run the command:

sudo systemctl start wg-quick@wg0

to enable wireguard to automatically start this interface on boot, run the command:

sudo systemctl enable wg-quick@wg0