From 3202136ef43723262c5eda69cc42e5d3861f0caa Mon Sep 17 00:00:00 2001 From: Paul Buetow Date: Thu, 1 May 2025 17:34:48 +0300 Subject: more on this --- README.md | 108 +++++++++++++++++++++++++++++++--------------- wireguardmeshgenerator.rb | 3 +- 2 files changed, 75 insertions(+), 36 deletions(-) diff --git a/README.md b/README.md index 7b4cc1a..2932887 100644 --- a/README.md +++ b/README.md @@ -4,6 +4,79 @@ This generates the WireGuard config for my f3s project. This script is run on my ## Installation +### FreeBSD + +```sh +paul@f0:~ % doas freebsd-update fetch..... and so on... reboot +paul@f0:~ % doas pkg update +paul@f0:~ % doas pkg upgrade +paul@f0:~ % reboot + +paul@f0:~ % doas pkg install wireguard-tools +paul@f0:~ % doas sysrc wireguard_interfaces=wg0 +wireguard_interfaces: -> wg0 +paul@f0:~ % doas sysrc wireguard_enable=YES +wireguard_enable: -> YES +paul@f0:~ % doas mkdir -p /usr/local/etc/wireguard +paul@f0:~ % doas touch /usr/local/etc/wireguard/wg0.conf +paul@f0:~ % doas service wireguard start +paul@f0:~ % cat <>/etc/hosts + +192.168.1.130 f0 f0.lan f0.lan.buetow.org +192.168.1.131 f1 f1.lan f1.lan.buetow.org +192.168.1.132 f2 f2.lan f2.lan.buetow.org + +192.168.2.130 f0.wg0 f0.wg0.wan.buetow.org +192.168.2.131 f1.wg0 f1.wg0.wan.buetow.org +192.168.2.132 f2.wg0 f2.wg0.wan.buetow.org + +192.168.2.120 r0.wg0 r0.wg0.wan.buetow.org +192.168.2.121 r1.wg0 r1.wg0.wan.buetow.org +192.168.2.122 r2.wg0 r2.wg0.wan.buetow.org +END +``` + +https://github.com/angristan/wireguard-install/discussions/499 + +```sh +[root@r0 ~] dnf install policycoreutils-python-utils +[root@r0 ~] semanage permissive -a wireguard_t +[root@r0 ~] reboot +``` + +### Install the config + +## Installation + ```sh bundler install sudo dnf install -y wireguard-tools @@ -42,41 +115,6 @@ keys/r2/privkey keys/r2/pubkey ``` -## Installation - -### FreeBSD - -```sh -paul@f0:~ % doas freebsd-update fetch..... and so on... reboot -paul@f0:~ % doas pkg update -paul@f0:~ % doas pkg upgrade -paul@f0:~ % reboot - -paul@f0:~ % doas pkg install wireguard-tools -paul@f0:~ % doas sysrc wireguard_interfaces=wg0 -wireguard_interfaces: -> wg0 -paul@f0:~ % doas sysrc wireguard_enable=YES -wireguard_enable: -> YES -paul@f0:~ % doas mkdir -p /usr/local/etc/wireguard -paul@f0:~ % doas touch /usr/local/etc/wireguard/wg0.conf -paul@f0:~ % doas service wireguard start -``` - -### Rocky Linux 9 - -```sh -[root@r0 ~] dnf update -y -[root@r0 ~] reboot - -[root@r0 ~] dnf install wireguard-tools -[root@r0 ~] mkdir -p /etc/wireguard -[root@r0 ~] touch /etc/wireguard/wg0.conf -[root@r0 ~] systemctl enable wg-quick@wg0.service -[root@r0 ~] systemctl start wg-quick@wg0.service -``` - -### Install the config - ```sh rake install ``` diff --git a/wireguardmeshgenerator.rb b/wireguardmeshgenerator.rb index 001b2aa..c7badd4 100644 --- a/wireguardmeshgenerator.rb +++ b/wireguardmeshgenerator.rb @@ -128,7 +128,7 @@ InstallConfig = Struct.new(:myself, :hosts) do fi #{@sudo_cmd} chmod 700 #{@conf_dir} #{@sudo_cmd} mv -v wg0.conf #{@conf_dir} - #{@sudo_cmd} chmod 600 #{@conf_dir}/wg0.conf + #{@sudo_cmd} chmod 644 #{@conf_dir}/wg0.conf SH end @@ -136,6 +136,7 @@ InstallConfig = Struct.new(:myself, :hosts) do puts "Reloading Wireguard on #{@myself}" ssh <<~SH #{@sudo_cmd} #{@reload_cmd} + #{@sudo_cmd} wg show SH end -- cgit v1.2.3