wireguard seperate configs for server and client
This commit is contained in:
parent
06f66dc900
commit
2a6aaa0dc1
|
@ -9,3 +9,8 @@ DNS=1.0.0.1
|
|||
|
||||
# Link discovery causes some issues so disable it.
|
||||
LLDP=no
|
||||
|
||||
[Route]
|
||||
Destination=192.168.1.0/24
|
||||
Gateway=192.168.1.1
|
||||
|
||||
|
|
|
@ -0,0 +1,18 @@
|
|||
[Network]
|
||||
|
||||
Address=10.0.0.2/32
|
||||
|
||||
DNSOverTLS=opportunistic
|
||||
|
||||
DNS=1.1.1.1
|
||||
|
||||
DNS=1.0.0.1
|
||||
|
||||
# Link discovery causes some issues so disable it.
|
||||
LLDP=no
|
||||
|
||||
[Route]
|
||||
Destination=10.0.0.0/24
|
||||
Gateway=10.0.0.1
|
||||
|
||||
|
|
@ -2,9 +2,6 @@
|
|||
|
||||
Address=10.0.0.1/24
|
||||
|
||||
# For clients use an IP address within the peer range with a prefix!
|
||||
#Address=10.0.0.2/32
|
||||
|
||||
DNSOverTLS=opportunistic
|
||||
|
||||
DNS=1.1.1.1
|
|
@ -5,9 +5,6 @@ Kind=wireguard
|
|||
|
||||
[WireGuard]
|
||||
|
||||
# Port to listen on.
|
||||
ListenPort=31987
|
||||
|
||||
# The Base64 encoded private key for the interface. It can be generated
|
||||
# using the wg genkey command (see wg(8)). This option or
|
||||
# PrivateKeyFile= is mandatory to use WireGuard. Note that because this
|
||||
|
@ -17,7 +14,7 @@ ListenPort=31987
|
|||
PrivateKey=<YOUR KEY HERE>
|
||||
|
||||
|
||||
# For Peers.
|
||||
# Your Peers.
|
||||
[WireGuardPeer]
|
||||
|
||||
# Base64 encoded public key calculated by wg pubkey (see wg(8)) from a
|
||||
|
|
|
@ -0,0 +1 @@
|
|||
../drop-ins/wg-client.conf
|
|
@ -1 +0,0 @@
|
|||
../drop-ins/wg.conf
|
|
@ -0,0 +1,32 @@
|
|||
[NetDev]
|
||||
Name=wgs0
|
||||
|
||||
Kind=wireguard
|
||||
|
||||
[WireGuard]
|
||||
|
||||
# Port to listen on.
|
||||
ListenPort=31987
|
||||
|
||||
# The Base64 encoded private key for the interface. It can be generated
|
||||
# using the wg genkey command (see wg(8)). This option or
|
||||
# PrivateKeyFile= is mandatory to use WireGuard. Note that because this
|
||||
# information is secret, you may want to set the permissions of the
|
||||
# .netdev file to be owned by "root:systemd-network" with a "0640" file
|
||||
# mode.
|
||||
PrivateKey=<YOUR KEY HERE>
|
||||
|
||||
|
||||
# Your Peers.
|
||||
[WireGuardPeer]
|
||||
|
||||
# Base64 encoded public key calculated by wg pubkey (see wg(8)) from a
|
||||
# private key, and usually transmitted out of band to the author of the
|
||||
# configuration file. This option is mandatory for this section.
|
||||
#PublicKey=<YOUR KEY HERE>
|
||||
|
||||
# Comma-separated list of IP addresses with CIDR masks from which this
|
||||
# peer is allowed to send incoming traffic and to which outgoing traffic
|
||||
# for this peer is directed.
|
||||
AllowedIPs=10.0.0.2/32
|
||||
|
|
@ -0,0 +1,4 @@
|
|||
# Needs wgs0.netdev & wireguard & wireguard-tools installed to work.
|
||||
|
||||
[Match]
|
||||
Name=wgs0
|
|
@ -0,0 +1 @@
|
|||
../drop-ins/wg-server.conf
|
Loading…
Reference in New Issue