jgaunt/homelab-scripts
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Delete wireguard.sh

Browse Source 
no longer needed as pfsense is wireguard server
This commit is contained in:
John Gaunt
2021-03-13 11:24:00 -05:00
parent c2511c1b1c
commit b62202fdba
1 changed files with 0 additions and 61 deletions
Download Patch File Download Diff File Expand all files Collapse all files

61
wireguard.sh
View File

@@ -1,61 +0,0 @@
#/bin/bash
# install wireguard as the VPN server
# install wireguard
dnf install elrepo-release epel-release
dnf install kmod-wireguard wireguard-tools
# setup port forwarding
cat << EOF >> /etc/systctl.d/99-custom.conf
# IPv4 Forwarding
net.ipv4.ip_forward = 1
# IPv6 Forwarding
#net.ipv6.conf.all.forwarding = 1
EOF
sysctl -p /etc/sysctl.d/99-custom.conf
cat << EOF >> /etc/firewalld/services/wireguard.xml
<?xml version="1.0" encoding="utf-8"?>
<service>
<short>wireguard</short>
<description>wireguard vpn</description>
<port protocol="udp" port="51820"/>
</service>
EOF
sleep 5
sudo firewall-cmd --add-service wireguard --permanent
sudo firewall-cmd --add-masquerade --permanent
sudo firewall-cmd --reload
sudo mkdir /etc/wireguard
# make private and public keys
wg genkey | tee /etc/wireguard/<hostname>.wg0.key | wg pubkey > /etc/wireguard/<hostname>.wg0.pub
# example of wg0.conf file
: '
[Interface]
Address = 10.12.0.1/29
PrivateKey = <Private Key>
ListenPort = 51820
PostUp = iptables -A FORWARD -i %i -j ACCEPT; iptables -A FORWARD -o %i -j ACCEPT; iptables -t nat -A POSTROUTING -o <INTERFACE> -j MASQUERADE
PostDown = iptables -D FORWARD -i %i -j ACCEPT; iptables -D FORWARD -o %i -j ACCEPT; iptables -t nat -D POSTROUTING -o <INTERFACE> -j MASQUERADE
# iPhone
[Peer]
PublicKey = <Public Key>
AllowedIPs = 10.12.0.2/32
# GauntLaptop
[Peer]
PublicKey = <Public Key>
AllowedIPs = 10.12.0.3/32
# GauntMTA
[Peer]
PublicKey = <Public Key>
AllowedIPs = 10.12.0.4/32
'