docker-compose environment for the entire v.st system
https://v.st/
You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
29 lines
1.1 KiB
29 lines
1.1 KiB
# Wireguard proxy setup
|
|
|
|
This is for a server that is inside of a firewall or behind a NAT gateway
|
|
that doesn't have a static IP address. A cheap $6/month DigitalOcean droplet
|
|
can be created that will route *all* internet traffic to the server, allowing
|
|
it to change IP.
|
|
|
|
* On both proxy and the server:
|
|
|
|
```
|
|
sudo apt install wireguard-tools net-tools
|
|
wg genkey \
|
|
| sudo tee /etc/wireguard/wg0.key \
|
|
| wg pubkey \
|
|
| sudo tee /etc/wireguard/wg0.pub
|
|
sudo chmod -R go-rwx /etc/wireguard
|
|
```
|
|
|
|
* Copy `wireguard/wg0-proxy.conf` to `/etc/wireguard/wg0.conf` on the proxy
|
|
* On the **proxy** edit `/etc/wireguard/wg0.conf`:
|
|
* Change `${SERVER_PUBKEY}` to the public key that was output on the server
|
|
|
|
* Copy `wireguard/wg0-server.conf` to `/etc/wireguard/wg0.conf` on the server.
|
|
* On the **server** edit `/etc/wireguard/wg0.conf`:
|
|
* Change `${PROXY_IP}` to the public IP address of the proxy (two places)
|
|
* Change `${PROXY_PUBKEY}` to the public key output on the proxy (two places)
|
|
* Change `${SERVER_GW}` to the gateway address used to reach the internet from the server
|
|
|
|
* On both machines run `sudo wg-quick up /etc/wireguard/wg0.conf`
|
|
|