LEdoian
/
nethorror
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Wireguards

Browse Source
master
LEdoian 2 weeks ago
parent 74a3d7a98d
commit 2ee68a9d92
7 changed files with 59 additions and 0 deletions
Show Stats Download Patch File Download Diff File

12
lib.shs
Unescape Escape View File

@ -71,3 +71,15 @@ veth_to_bridge() {
ip link set dev "$ve_br" up ip link set dev "$ve_br" up
ip link set dev "$ifname" netns ./state/$mach/netns # FIXME: hardcoded ip link set dev "$ifname" netns ./state/$mach/netns # FIXME: hardcoded
} }
wireguard() {
ifname="$1"
config="$2"
shift 2
ip link add name "$ifname" type wireguard
wg setconf "$ifname" "$config"
for ip; do
ip addr add "$ip" dev "$ifname"
done
ip link set "$ifname" up
}

2
machines/loc1xe/setup.sh
Unescape Escape View File

@ -12,3 +12,5 @@ ip addr add 192.168.0.3/24 dev wifi
# No IPv6 at public spaces lol (but we should try obtaining it anyway! # No IPv6 at public spaces lol (but we should try obtaining it anyway!
ip link set dev wifi up ip link set dev wifi up
ip route add default via 192.168.0.1 dev wifi ip route add default via 192.168.0.1 dev wifi
wireguard wg1 ./machines/$mach/wg1.conf 2a01:4f8:c0c:36b8:ff01:8000:10:f03/128

12
machines/loc1xe/wg-vms.conf
Unescape Escape View File

@ -0,0 +1,12 @@
[Interface]
PrivateKey = 4BZHeHTS/BxAk4g8hnuPt9XnT/PkNonouwvTBqWzuEg=
#PublicKey = TISpt9e6DkduZVO4vxtq2xc5obdQk+oVAmASGwO+QC4=
# Uo
[Peer]
PublicKey = ayYOaj4sTxuLfc43v7jzm3vLwaBHwgPNHHPaqSoGuWg=
# I guess everything goes?
AllowedIPs = ::/0
PersistentKeepalive = 30
# FIXME: We know that this is IPv4-only host, but still it would be better to use a hostname with both IP addresses…
Endpoint = 100.100.0.2:62421

11
machines/loc1xe/wg1.conf
Unescape Escape View File

@ -0,0 +1,11 @@
[Interface]
PrivateKey = iKIS2LUeG+p1BopORRzys07H+XQsFiC0KOtQralM6UM=
#PublicKey = rds4mKmqeqvfkXa54HUfSm1gSd/SsOgoKzM8J3MxjHY=
# Uo
[Peer]
PublicKey = /8CkD4bw2UAyJERNPAm7x2dVwcJhQFHXDLXPshi8qzM=
AllowedIPs = 2a01:4f8:c0c:36b8:ff01:8000:10:f06/128
PersistentKeepalive = 30
# FIXME: We know that this is IPv4-only host, but still it would be better to use a hostname with both IP addresses…
Endpoint = 100.100.0.2:52345

4
machines/uo/setup.sh
Unescape Escape View File

@ -1,6 +1,8 @@
#!/bin/sh #!/bin/sh
set -eu set -eu
. ./lib.shs
# typically: bring up the networks # typically: bring up the networks
ip link set dev lo up ip link set dev lo up
@ -12,3 +14,5 @@ ip addr add fe80:ff01::2/64 dev up_ve scope link
ip link set dev up_ve up ip link set dev up_ve up
ip route add default via 100.100.0.1 dev up_ve ip route add default via 100.100.0.1 dev up_ve
ip route add default via fe80:ff01::1 dev up_ve ip route add default via fe80:ff01::1 dev up_ve
wireguard wg1 ./machines/$mach/wg1.conf 2a01:4f8:c0c:36b8:ff01:8000:10:f06/128

9
machines/uo/wg-vms.conf
Unescape Escape View File

@ -0,0 +1,9 @@
[Interface]
PrivateKey = 0PzCYMZWnvmHGrz39yfPIacR0QsC4+vu5Oywj4UcNWk=
#PublicKey = ayYOaj4sTxuLfc43v7jzm3vLwaBHwgPNHHPaqSoGuWg=
ListenPort = 62421
# Xe
[Peer]
PublicKey = TISpt9e6DkduZVO4vxtq2xc5obdQk+oVAmASGwO+QC4=
AllowedIPs = 2a01:4f8:c0c:36b8:ff01:8000:0:0003/128 2a01:4f8:c0c:36b8:ff01:8000:0:0004/128

9
machines/uo/wg1.conf
Unescape Escape View File

@ -0,0 +1,9 @@
[Interface]
PrivateKey = WPFnuxrOJP7F5oXodB4O6uPTn5qzGQUwg6AekuYG43Y=
#PublicKey = /8CkD4bw2UAyJERNPAm7x2dVwcJhQFHXDLXPshi8qzM=
ListenPort = 52345
# Xe
[Peer]
PublicKey = rds4mKmqeqvfkXa54HUfSm1gSd/SsOgoKzM8J3MxjHY=
AllowedIPs = 2a01:4f8:c0c:36b8:ff01:8000:10:f03/128
Write Preview
Loading…
Cancel
Save