45 lines
1.2 KiB
SYSTEMD
Executable File
45 lines
1.2 KiB
SYSTEMD
Executable File
[NetDev]
|
|
Name=wg0
|
|
|
|
Description=Wireguard Client Peer
|
|
|
|
Kind=wireguard
|
|
|
|
[WireGuard]
|
|
|
|
# I usually set this to the port number of the main peer it's not really
|
|
# needed but useful for firewalls.
|
|
FirewallMark=500
|
|
|
|
# The Base64 encoded private key for the interface. It can be generated
|
|
# using the wg genkey command (see wg(8)). This option or
|
|
# PrivateKeyFile= is mandatory to use WireGuard. Note that because this
|
|
# information is secret, you may want to set the permissions of the
|
|
# .netdev file to be owned by "root:systemd-network" with a "0640" file
|
|
# mode.
|
|
PrivateKey=<KEY>
|
|
|
|
# Public key for the above private key. Only here as a reminder.
|
|
#PublicKey=<PUBKEY>
|
|
|
|
# DNS
|
|
DNS = 1.1.1.1, 1.0.0.1
|
|
|
|
# Your Peers.
|
|
[WireGuardPeer]
|
|
|
|
# Base64 encoded public key calculated by wg pubkey (see wg(8)) from a
|
|
# private key, and usually transmitted out of band to the author of the
|
|
# configuration file. This option is mandatory for this section.
|
|
PublicKey=<PUBKEY>
|
|
|
|
# Comma-separated list of IP addresses with CIDR masks from which this
|
|
# peer is allowed to send incoming traffic and to which outgoing traffic
|
|
# for this peer is directed.
|
|
AllowedIPs=0.0.0.0/0, ::/0
|
|
|
|
PersistentKeepalive=20
|
|
|
|
# Endpoint of a peer (for clients).
|
|
#Endpoint=<IP>:<PORT>
|