Version 31 - History - The ungleich VPN infrastructure - Open Infrastructure - ungleich redmine

The ungleich VPN infrastructure » History » Version 31

Timothée Floure, 01/08/2020 06:20 PM
Move customer documentation to its own page

-Nico Schottelius
+h1. The ungleich VPN infrastructure
-Nico Schottelius
+{{toc}}
-Timothée Floure
+*%{color:red}This document only concerns server-side configuration and is intended for ungleich staff. See [[Ungleich IPv6 wireguard VPN]] page for end-user/customer documentation.%*
-Nico Schottelius
+h2. Status
 This document is *IN PRODUCTION*.
 Nico Schottelius
-Timothée Floure
+h2. Infrastructure
 Nico Schottelius
-Timothée Floure
+Server: vpn-2a0ae5c1.ungleich.ch
 Port: 51820
 Nico Schottelius
-Timothée Floure
+h2. How to add a new customer connection
 Nico Schottelius
 * Get the public key of the customer
-Nico Schottelius
+* Edit dot-cdist/type/__ungleich_wireguard/manifest and add the new network definition at the end of the file
-Nico Schottelius
+* Let the customer know their network
-Timothée Floure
+h2. Sample server configuration
 Nico Schottelius
 This is just for reference - as a client you don't need this configuration
 Nico Schottelius
 /etc/wireguard/wg0.conf:
 <pre>
 [Interface]
-Nico Schottelius
+ListenPort = 51820
-Nico Schottelius
+PrivateKey = SERVERKEYHERE
 # Nico, 2019-01-23
 [Peer]
 PublicKey = kL1S/Ipq6NkFf1MAsNRou4b9VoUsnnb4ZxgiBrH0zA8=
 AllowedIPs = 2a0a:e5c1:101::/48
 # Customer networks below
 # ...
 </pre>
 Sample server rc.local:
-Nico Schottelius
+<pre>
 ip link add dev wg0 type wireguard
 ip addr add 2a0a:e5c1:100::1/40 dev wg0
 wg setconf wg0 /etc/wireguard/wg0.conf
-Nico Schottelius
+ip link set wg0 up
 Nico Schottelius
-Nico Schottelius
+</pre>

Project

General

Profile

Open Infrastructure

The ungleich VPN infrastructure » History » Version 31