update READMEs
This commit is contained in:
parent
1eb7de5772
commit
05d5e6d6b1
12
README.org
12
README.org
|
|
@ -109,6 +109,18 @@ RSA (NOT ECDSA or DSA).
|
||||||
- different Desktop/Workstation spins (Gnome, KDE, sway...)
|
- different Desktop/Workstation spins (Gnome, KDE, sway...)
|
||||||
- =dnf= package manager, install updates on reboot
|
- =dnf= package manager, install updates on reboot
|
||||||
- "Atomic Desktop", uses Fedora/RedHat CoreOS with rpm-ostree + flatpaks
|
- "Atomic Desktop", uses Fedora/RedHat CoreOS with rpm-ostree + flatpaks
|
||||||
|
- setup syncthing service
|
||||||
|
#+begin_quote
|
||||||
|
https://src.fedoraproject.org/rpms/syncthing/tree/rawhide
|
||||||
|
#+end_quote
|
||||||
|
#+begin_src bash
|
||||||
|
sudo systemctl enable --now syncthing@USER.service
|
||||||
|
#+end_src
|
||||||
|
- setup wireguard
|
||||||
|
https://fedoramagazine.org/configure-wireguard-vpns-with-networkmanager/
|
||||||
|
- add and configure some modern tools:
|
||||||
|
https://github.com/ibraheemdev/modern-unix?tab=readme-ov-file
|
||||||
|
bat duf ripgrep eza fd-find dog
|
||||||
|
|
||||||
** NEXT Moving to Guix
|
** NEXT Moving to Guix
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -13,73 +13,71 @@
|
||||||
|
|
||||||
** Linux CLI
|
** Linux CLI
|
||||||
|
|
||||||
Cheat Sheet: https://gist.github.com/chrisswanda/88ade75fc463dcf964c6411d1e9b20f4
|
Cheat Sheet: https://gist.github.com/chrisswanda/88ade75fc463dcf964c6411d1e9b20f4
|
||||||
|
|
||||||
Tutorial with best Explaination:
|
Tutorial with best Explaination:
|
||||||
https://medium.com/tangram-visions/what-they-dont-tell-you-about-setting-up-a-wireguard-vpn-46f7bd168478
|
https://medium.com/tangram-visions/what-they-dont-tell-you-about-setting-up-a-wireguard-vpn-46f7bd168478
|
||||||
|
|
||||||
*** Create Keys
|
*** Create Keys
|
||||||
|
|
||||||
#+begin_src bash
|
#+begin_src bash
|
||||||
$ umask 077
|
$ umask 077
|
||||||
$ wg genkey | tee host.key | wg pubkey > host.pub
|
$ wg genkey | tee host.key | wg pubkey > host.pub
|
||||||
#+end_src
|
#+end_src
|
||||||
|
|
||||||
*** Setup the Interface
|
*** Setup the Interface
|
||||||
|
|
||||||
#+begin_src bash
|
#+begin_src bash
|
||||||
# sudo wg-quick up wg0.conf
|
# sudo wg-quick up wg0.conf
|
||||||
#+end_src
|
#+end_src
|
||||||
|
|
||||||
*** Add Peer
|
*** Add Peer
|
||||||
|
|
||||||
#+begin_src bash
|
#+begin_src bash
|
||||||
# add peer
|
# add peer
|
||||||
wg set wg0 peer <client_pubkey> allowed-ips 10.0.0.x/32 persistent-keepalive 25
|
wg set wg0 peer <client_pubkey> allowed-ips 10.0.0.x/32 persistent-keepalive 25
|
||||||
|
|
||||||
# verify connection
|
# verify connection
|
||||||
wg
|
wg
|
||||||
|
|
||||||
# save to config
|
# save to config
|
||||||
wg-quick save wg0
|
wg-quick save wg0
|
||||||
|
#+end_src
|
||||||
#+end_src
|
|
||||||
|
|
||||||
**** Mobile Client
|
**** Mobile Client
|
||||||
|
|
||||||
requires ~qrencode~ package installed:
|
requires ~qrencode~ package installed:
|
||||||
~qrencode -t ansiutf8 < tunnel.conf~
|
~qrencode -t ansiutf8 < tunnel.conf~
|
||||||
where ~tunnel.conf~ is the configuration file for the client, including its private and public keys.
|
where ~tunnel.conf~ is the configuration file for the client, including its private and public keys.
|
||||||
|
|
||||||
*** Start/Stop Interface
|
*** Start/Stop Interface
|
||||||
|
|
||||||
#+begin_src bash
|
#+begin_src bash
|
||||||
# Start/stop interface
|
# Start/stop interface
|
||||||
wg-quick up wg0
|
wg-quick up wg0
|
||||||
wg-quick down wg0
|
wg-quick down wg0
|
||||||
|
|
||||||
# Start/stop service
|
# Start/stop service
|
||||||
$ sudo systemctl stop wg-quick@wg0.service
|
$ sudo systemctl stop wg-quick@wg0.service
|
||||||
$ sudo systemctl start wg-quick@wg0.service
|
$ sudo systemctl start wg-quick@wg0.service
|
||||||
|
|
||||||
# Enable service at startup
|
# Enable service at startup
|
||||||
sudo systemctl enable wg-quick@wg0.service
|
sudo systemctl enable wg-quick@wg0.service
|
||||||
#+end_src
|
#+end_src
|
||||||
|
|
||||||
*** Sync the configuration without restarting the interface
|
*** Sync the configuration without restarting the interface
|
||||||
|
|
||||||
From ~man wg-quick~: The strip command is useful for reloading configuration
|
From ~man wg-quick~: The strip command is useful for reloading
|
||||||
files without disrupting ac‐ tive sessions:
|
configuration filesystem without disrupting active sessions:
|
||||||
|
|
||||||
#+begin_src bash
|
#+begin_src bash
|
||||||
# wg syncconf wg0 <(wg-quick strip wg0)
|
# wg syncconf wg0 <(wg-quick strip wg0)
|
||||||
#+end_src
|
#+end_src
|
||||||
|
|
||||||
** Alternative Webinterfaces for Managing Clients
|
** Alternative Webinterfaces for Managing Clients
|
||||||
|
|
||||||
- https://github.com/place1/wg-access-server/
|
- https://github.com/place1/wg-access-server/
|
||||||
- https://github.com/WeeJeWel/wg-easy
|
- https://github.com/WeeJeWel/wg-easy
|
||||||
- https://github.com/subspacecommunity/subspace
|
- https://github.com/subspacecommunity/subspace
|
||||||
- https://github.com/vx3r/wg-gen-web
|
- https://github.com/vx3r/wg-gen-web
|
||||||
|
- non-web: https://github.com/mullvad/wg-manager
|
||||||
- non-web: https://github.com/mullvad/wg-manager
|
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue