spanskiduh
/
kp_wireguard
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Update with docker conf

main
Gašper Spagnolo 2023-04-05 14:08:27 +02:00
parent 532d2f179e
commit aca7f9fbdf
2 changed files with 30 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

30
README.md
View File

@ -48,3 +48,33 @@ wiershark pcap/keep_alive.pcap # public interface (encrypted traffic, keepalive
## Good resource about wireguard ## Good resource about wireguard
- [github](https://github.com/pirate/wireguard-docs) - [github](https://github.com/pirate/wireguard-docs)
## Enable IP forwarding on the peer through which other devices on the network will connect to WireGuard peer
```bash
sysctl -w net.ipv4.ip_forward=1
sysctl -w net.ipv6.conf.all.forwarding=1
```
## ENABLE logging for debugging
```bash
modprobe wireguard
echo module wireguard +p > /sys/kernel/debug/dynamic_debug/control
dmesg -wH
```
## Run in docker
```yml
version: '3'
services:
wireguard:
image: linuxserver/wireguard
ports:
- 51820:51820/udp
cap_add:
- NET_ADMIN
- SYS_MODULE
volumes:
- /lib/modules:/lib/modules
- ./wg0.conf:/config/wg0.conf:ro
```

13
vg/playbooks/server_init.yml
View File

@ -148,16 +148,3 @@
- name: Add each peer to root node configuration - name: Add each peer to root node configuration
ansible.builtin.shell: "wg set wg0 peer {{ peer_node_pubkeys[item] }} allowed-ips 10.6.0.{{ item+2 }}" ansible.builtin.shell: "wg set wg0 peer {{ peer_node_pubkeys[item] }} allowed-ips 10.6.0.{{ item+2 }}"
loop: "{{ range(0, n_peer_nodes) | list }}" loop: "{{ range(0, n_peer_nodes) | list }}"
# Enable IP forwarding on the peer through which other devices on the network will connect to WireGuard peer
# sysctl -w net.ipv4.ip_forward=1
# sysctl -w net.ipv6.conf.all.forwarding=1
#
#
#
# ENABLE LOGGING FOR DEBUGGING
# modprobe wireguard
# echo module wireguard +p > /sys/kernel/debug/dynamic_debug/control
# dmesg -wH