Wireguard

Hardware support

Fritzbox Wireguard blog post

Setup

Usage

Start:

wg-quick up wg0

Network-manager integration

see ../network-manager.md

Server

sudo apt install wireguard wireguard-tools linux-headers-amd64

Generate keys

wg genkey | sudo tee /etc/wireguard/server_private.key | \
  wg pubkey | sudo tee /etc/wireguard/server_public.key

Server config:

[Interface]
Address = 10.11.12.1/24
ListenPort = 51820
PrivateKey = ...

[Peer]
PublicKey = ...
AllowedIPs = 10.11.12.2/32

Client

[Interface]
Address = 10.11.12.2/24
DNS = 10.10.10.1
PrivateKey = ...

[Peer]
PublicKey = ...
AllowedIPs = 0.0.0.0/0
Endpoint = 12.34.56.78:51820
PersistentKeepalive = 25

Run wireguard in a container

Together with transmission

SebDanielsson/compose-transmission-wireguard)
aerickson/docker-transmission-wireguard: stale, last commit 2020-10

Mullvad Wireguard

Mullvad config

Key: ..
Pub: ..
IP: 10.99.86.112/32,fc00:bbbb:bbbb:bb01::5670/128

Wireguard ansbible roles

Wireguard roles in Galaxy
Thulium-Drake/ansible-role-wireguard
- Best role so far from looking at it.
githubixx/ansible-role-wireguard
- Very popular
- Big downside: Removes config when ansible-playbook is run against a single endpoint
ansibleguy/infra_wireguard
- Looks complex, generates keys and places them in files on the controller
lablabs/ansible-collection-wireguard
- Debian 11 is supported but the system must use systemd-networkd networking service instead of Network Manager.
abelfodil/ansible_role_wireguard
- Wrong link to Github repo
mawalu/wireguard-private-networking
- Stale !

Wireguard

Hardware support

Setup

Usage

Network-manager integration

Server

Client

Run wireguard in a container

Together with transmission

Mullvad Wireguard

Mullvad config

Wireguard ansbible roles

Wirgeguard gnome indicator

Wirguard overlays

Other projects