diff --git a/README.org b/README.org index ebba4fc..4f40983 100644 --- a/README.org +++ b/README.org @@ -109,6 +109,18 @@ RSA (NOT ECDSA or DSA). - different Desktop/Workstation spins (Gnome, KDE, sway...) - =dnf= package manager, install updates on reboot - "Atomic Desktop", uses Fedora/RedHat CoreOS with rpm-ostree + flatpaks +- setup syncthing service + #+begin_quote + https://src.fedoraproject.org/rpms/syncthing/tree/rawhide + #+end_quote + #+begin_src bash + sudo systemctl enable --now syncthing@USER.service + #+end_src +- setup wireguard + https://fedoramagazine.org/configure-wireguard-vpns-with-networkmanager/ +- add and configure some modern tools: + https://github.com/ibraheemdev/modern-unix?tab=readme-ov-file + bat duf ripgrep eza fd-find dog ** NEXT Moving to Guix diff --git a/wireguard/README.org b/wireguard/README.org index 86965d1..a980935 100644 --- a/wireguard/README.org +++ b/wireguard/README.org @@ -13,73 +13,71 @@ ** Linux CLI - Cheat Sheet: https://gist.github.com/chrisswanda/88ade75fc463dcf964c6411d1e9b20f4 +Cheat Sheet: https://gist.github.com/chrisswanda/88ade75fc463dcf964c6411d1e9b20f4 - Tutorial with best Explaination: - https://medium.com/tangram-visions/what-they-dont-tell-you-about-setting-up-a-wireguard-vpn-46f7bd168478 +Tutorial with best Explaination: +https://medium.com/tangram-visions/what-they-dont-tell-you-about-setting-up-a-wireguard-vpn-46f7bd168478 *** Create Keys - #+begin_src bash - $ umask 077 - $ wg genkey | tee host.key | wg pubkey > host.pub - #+end_src +#+begin_src bash + $ umask 077 + $ wg genkey | tee host.key | wg pubkey > host.pub +#+end_src *** Setup the Interface - #+begin_src bash - # sudo wg-quick up wg0.conf - #+end_src +#+begin_src bash + # sudo wg-quick up wg0.conf +#+end_src *** Add Peer - #+begin_src bash - # add peer - wg set wg0 peer allowed-ips 10.0.0.x/32 persistent-keepalive 25 +#+begin_src bash + # add peer + wg set wg0 peer allowed-ips 10.0.0.x/32 persistent-keepalive 25 - # verify connection - wg + # verify connection + wg - # save to config - wg-quick save wg0 - - #+end_src + # save to config + wg-quick save wg0 +#+end_src **** Mobile Client - requires ~qrencode~ package installed: - ~qrencode -t ansiutf8 < tunnel.conf~ - where ~tunnel.conf~ is the configuration file for the client, including its private and public keys. +requires ~qrencode~ package installed: +~qrencode -t ansiutf8 < tunnel.conf~ +where ~tunnel.conf~ is the configuration file for the client, including its private and public keys. *** Start/Stop Interface - #+begin_src bash - # Start/stop interface - wg-quick up wg0 - wg-quick down wg0 +#+begin_src bash + # Start/stop interface + wg-quick up wg0 + wg-quick down wg0 - # Start/stop service - $ sudo systemctl stop wg-quick@wg0.service - $ sudo systemctl start wg-quick@wg0.service + # Start/stop service + $ sudo systemctl stop wg-quick@wg0.service + $ sudo systemctl start wg-quick@wg0.service - # Enable service at startup - sudo systemctl enable wg-quick@wg0.service - #+end_src + # Enable service at startup + sudo systemctl enable wg-quick@wg0.service +#+end_src *** Sync the configuration without restarting the interface - From ~man wg-quick~: The strip command is useful for reloading configuration - files without disrupting ac‐ tive sessions: +From ~man wg-quick~: The strip command is useful for reloading +configuration filesystem without disrupting active sessions: - #+begin_src bash - # wg syncconf wg0 <(wg-quick strip wg0) - #+end_src +#+begin_src bash + # wg syncconf wg0 <(wg-quick strip wg0) +#+end_src ** Alternative Webinterfaces for Managing Clients - - https://github.com/place1/wg-access-server/ - - https://github.com/WeeJeWel/wg-easy - - https://github.com/subspacecommunity/subspace - - https://github.com/vx3r/wg-gen-web - - - non-web: https://github.com/mullvad/wg-manager +- https://github.com/place1/wg-access-server/ +- https://github.com/WeeJeWel/wg-easy +- https://github.com/subspacecommunity/subspace +- https://github.com/vx3r/wg-gen-web +- non-web: https://github.com/mullvad/wg-manager