... | ... | @@ -4,7 +4,7 @@ setting wireguard tunnel for alpine linux developer to access infra hosts |
|
|
note: all this have to be done as root on client machine or using doas/sudo
|
|
|
|
|
|
note: hub public key is: hm9zrdHJU2fJsrKnRqo4xXlqbsdNC0CfTySwOzdBwm8=
|
|
|
1. using 'wg' tool
|
|
|
## 1. using 'wg' tool
|
|
|
```
|
|
|
apk add wireguard-tools-wg
|
|
|
```
|
... | ... | @@ -25,4 +25,53 @@ your assigned ip address must be changed above after address parameter |
|
|
generate private/public keys
|
|
|
```
|
|
|
wg genkey | tee privatekey | wg pubkey > publickey
|
|
|
``` |
|
|
\ No newline at end of file |
|
|
```
|
|
|
create config file in /etc/wireguard/wg0.conf (or anywhere else) but put
|
|
|
path to it above in interface in 'post-up' parameter
|
|
|
```
|
|
|
[Interface]
|
|
|
ListenPort = 41414
|
|
|
PrivateKey = xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx=
|
|
|
|
|
|
[Peer]
|
|
|
PublicKey = hm9zrdHJU2fJsrKnRqo4xXlqbsdNC0CfTySwOzdBwm8=
|
|
|
Endpoint = wg.alpinelinux.org:41414
|
|
|
AllowedIPs = 172.16.0.0/16
|
|
|
```
|
|
|
PrivateKey above is your private key
|
|
|
PublicKey is 'hub' public key
|
|
|
|
|
|
after that start wg tunnel with 'ifup wg0'
|
|
|
|
|
|
also it can be stopped with 'ifdown wg0'
|
|
|
|
|
|
## 2. using 'wg-quick' tool (simpler option)
|
|
|
|
|
|
apk add wireguard-tools-wg-quick
|
|
|
|
|
|
interface setup in /etc/network/interfaces not needed
|
|
|
|
|
|
create config file in /etc/wireguard/wg0.conf (or anywhere else) but put
|
|
|
path to it above in interface in 'post-up' parameter
|
|
|
```
|
|
|
[Interface]
|
|
|
Address = your_assigned_ip_address/32
|
|
|
ListenPort = 41414
|
|
|
PrivateKey = xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx=
|
|
|
SaveConfig = false
|
|
|
|
|
|
[Peer]
|
|
|
PublicKey = hm9zrdHJU2fJsrKnRqo4xXlqbsdNC0CfTySwOzdBwm8=
|
|
|
Endpoint = wg.alpinelinux.org:41414
|
|
|
AllowedIPs = 172.16.0.0/16
|
|
|
```
|
|
|
|
|
|
Address is your assigned ip address
|
|
|
PrivateKey above is your private key
|
|
|
PublicKey is 'hub' public key
|
|
|
|
|
|
start it with:
|
|
|
wg-quick up /etc/wireguard/wg0.conf
|
|
|
|
|
|
or stop with:
|
|
|
wg-quick down /etc/wireguard/wg0.conf |
|
|
\ No newline at end of file |