Tips-Of-Mine/infrastructure
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add wireguard config for glinet router

Browse Source
This commit is contained in:
Jake Howard
2024-04-23 22:19:57 +01:00
parent 8929a22ce5
commit 670ad78d44
8 changed files with 91 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
ansible/roles/glinet_vpn/files/client.conf Normal file
View File

@ -0,0 +1,10 @@
[Interface]
Address = {{ client_cidr }}
PrivateKey = {{ client_private_key }}
[Peer]
PublicKey = {{ server_public_key }}
Endpoint = {{ server_public_ip }}:53
AllowedIPs = 0.0.0.0/0 ::/0
PersistentKeepalive = 25

14
ansible/roles/glinet_vpn/files/server.conf Normal file
View File

@ -0,0 +1,14 @@
[Interface]
Address = {{ server_ip }}
PrivateKey = {{ server_private_key }}
ListenPort = 53
PostUp = iptables -A FORWARD -i %i -j ACCEPT; iptables -A FORWARD -o %i -j ACCEPT; iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
PostDown = iptables -D FORWARD -i %i -j ACCEPT; iptables -D FORWARD -o %i -j ACCEPT; iptables -t nat -D POSTROUTING -o eth0 -j MASQUERADE
PostUp = ip6tables -A FORWARD -i %i -j ACCEPT; ip6tables -A FORWARD -o %i -j ACCEPT; ip6tables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
PostDown = ip6tables -D FORWARD -i %i -j ACCEPT; ip6tables -D FORWARD -o %i -j ACCEPT; ip6tables -t nat -D POSTROUTING -o eth0 -j MASQUERADE
[Peer]
PublicKey = {{ client_public_key }}
AllowedIPs = {{ client_cidr }}