docker-compose environment for the entire v.st system
https://v.st/
You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
29 lines
1.0 KiB
29 lines
1.0 KiB
2 years ago
|
# wg0-server.conf
|
||
|
#
|
||
|
# This is the configuration for the server hidden behind the wireguard proxy.
|
||
|
# It routes all internet traffic via the proxy, with the exception of traffic
|
||
|
# to the proxy itself. It is still accessible on the local network.
|
||
|
#
|
||
|
# When moving this to a new machine:
|
||
|
# * Update the PostUp route so that the proxy address has an explicit route via the local gateway
|
||
|
# * Update the PownDown to delete the explicit route and restore the default gw
|
||
|
# * Update the Peer PublicKey and Endpoint with the proxy key and address
|
||
|
#
|
||
|
[Interface]
|
||
|
PostUp = wg set %i private-key /etc/wireguard/%i.key
|
||
|
Address = 192.168.4.2/24
|
||
|
|
||
|
# Delete the default gateway and add an explicit route for the wireguard tunnel
|
||
|
PostUp = route add ${PROXY_IP} gw ${SERVER_GW} || echo "wrong route"
|
||
|
PostUp = route del default || echo "no default"
|
||
|
PostUp = route add default gw 192.168.4.1
|
||
|
|
||
|
PostDown = route del ${PROXY_IP}
|
||
|
PostDown = route add default gw ${SERVER_GW}
|
||
|
|
||
|
[Peer]
|
||
|
PublicKey = ${PROXY_PUBKEY}
|
||
|
Endpoint = ${PROXY_IP}:51820
|
||
|
AllowedIPs = 0.0.0.0/0
|
||
|
PersistentKeepalive = 25
|