wireguard: added section in vpn and docker setup

master
tiyn 2 years ago
parent 6271756ac5
commit f6d0bff2c3

@ -1,11 +1,11 @@
# jonohill - docker-openvpn-proxy # jonohill - docker-openvpn-proxy
This is a [Docker](/wiki/docker.md) container for an This is a [Docker](/wiki/docker.md) container for an
[OpenVPN proxy](/wiki/vpn.md#proxy). [OpenVPN proxy](/wiki/vpn.md#proxy-ovpn).
The official container and documentation was made by The official container and documentation was made by
[jonohill](https://github.com/jonohill/docker-openvpn-proxy). [jonohill](https://github.com/jonohill/docker-openvpn-proxy).
## Set-up ## Set-Up
Create the file `rebuild.sh`. Create the file `rebuild.sh`.
Change the settings according to your needs and run `./rebuild.sh` afterwards. Change the settings according to your needs and run `./rebuild.sh` afterwards.
@ -26,7 +26,7 @@ Set the following ports with the -p tag.
| -------------- | ------------------------ | -------- | ------------ | | -------------- | ------------------------ | -------- | ------------ |
| `9050` | `8080` | HTTP | proxy port | | `9050` | `8080` | HTTP | proxy port |
## Environment-variables ## Environment-Variables
Set the following variables with the -e tag. Set the following variables with the -e tag.

@ -0,0 +1,89 @@
# linuxserver - airsonic-advanced
This is a [Docker](/wiki/docker.md) container for a
[WireGuard](../vpn.md#WireGuard) server.
The official container and documentation was made by
[linuxserver](https://hub.docker.com/r/linuxserver/wireguard).
## Set-Up
Create the file `rebuild.sh`.
Change the settings according to your needs.
Especially change `<VPN.SERVERNAME.COM>` to the URL the VPN is accessible at.
If not already done set a port forward or something similar.
`PEERS` describes the number of configs to create for
[clients](/wiki/vpn.md#client-wg).
It is also possible to give a list of clients to create.
Then run `./rebuild.sh`
## Usage
### Retrieve Client Certificates by QR-Code
The client certificates can be retrieved with the following command.
`<peer-number>` is the number or identifier of the peer.
```sh
docker exec -it wireguard /app/show-peer <peer-number>
```
After running the command a QR-code should be displayed that describes the
certificate.
## Environment-Variables
Set the following variables with the -e tag.
| Name | Usage | Default |
| ----------- | --------------- | ------- |
| `PUID` | UserID | |
| `PGID` | GroupID | |
| `TZ` | Timezone | |
| `SERVERURL` | URL of server | |
| `PEERS` | Number of peers | |
## Volumes
Set the following volumes with the -v tag.
| Outside mount/volume name | Container mount | Description |
| ------------------------- | --------------- | ----------------------- |
| `wireguard` | `/config` | Configuration files |
## Ports
Set the following ports with the -p tag.
| Container Port | Recommended outside port | Protocol | Description |
| -------------- | ------------------------ | -------- | ----------- |
| `51820` | `51820` | UDP | VPN port |
## Additional
There are some special variables to set.
| Flag | Usage |
| ----------- | ---------------------- |
| `--cap-add` | add linux capabilities |
## rebuild.sh
```sh
#!/bin/sh
docker stop wireguard
docker rm wireguard
docker pull lscr.io/linuxserver/wireguard:latest
docker run --name=wireguard \
--cap-add=NET_ADMIN \
--cap-add=SYS_MODULE \
-e PUID=1000 \
-e PGID=1000 \
-e TZ=Etc/UTC \
-e SERVERURL=<VPN.SERVERNAME.COM> \
-e PEERS=1 \
-p 51820:51820/udp \
-v wireguard:/config \
--sysctl="net.ipv4.conf.all.src_valid_mark=1" \
--restart unless-stopped \
-d lscr.io/linuxserver/wireguard:latest
```

@ -11,27 +11,51 @@ VPNs feature a server and a client side.
[OpenVPN](https://openvpn.net) is a free software to create a VPN via an [OpenVPN](https://openvpn.net) is a free software to create a VPN via an
encrypted TLS connection. encrypted TLS connection.
### Set up ### Set up (OVPN)
In the following sections the different set ups of OpenVPN usages are described. In the following sections the different set ups of OpenVPN usages are described.
#### Server #### Server (OVPN)
The software can be set up via [Docker](/wiki/docker.md) with the The software can be set up via [Docker](/wiki/docker.md) with the
[kylemanna image](./docker-images/kylemanna_-_openvpn.md). [kylemanna image](./docker-images/kylemanna_-_openvpn.md).
Additionally to this a client is needed on the system that need access to the Additionally to this a client is needed on the system that need access to the
server software. server software.
#### Client #### Client (OVPN)
OpenVPN clients can be found for many devices. OpenVPN clients can be found for many devices.
For Android for example there is For Android for example there is
[OpenVPN for Android in the F-Droid store](https://f-droid.org/de/packages/de.blinkt.openvpn/). [OpenVPN for Android in the F-Droid store](https://f-droid.org/de/packages/de.blinkt.openvpn/).
For most linux distributions there is a package called `openvpn`. For most linux distributions there is a package called `openvpn`.
#### Proxy #### Proxy (OVPN)
For OpenVPN a proxy acts as an imntermediary between the system communicating For OpenVPN a proxy acts as an imntermediary between the system communicating
with the proxy and the OpenVPN server. with the proxy and the OpenVPN server.
A proxy can be set up via [Docker](/wiki/docker.md) with the A proxy can be set up via [Docker](/wiki/docker.md) with the
[jonohill image](./docker-images/jonohill_-_docker-openvpn-proxy.md). [jonohill image](./docker-images/jonohill_-_docker-openvpn-proxy.md).
## WireGuard
[WireGuard](https://www.wireguard.com/) is a free and open-source software that
implements encrypted VPNs.
It was designed to be especially fast and secure.
### Setup (WG)
In the following sections the different set ups of WireGuard usages are described.
#### Server (WG)
The software can be set up via [Docker](/wiki/docker.md) with the
[linuxserver image](/wiki/docker-images/linuxserver_-_wireguard.md).
Additionally to this a [client](#client-wg) is needed on the system that
accesses the server.
#### Client (WG)
WireGuard clients can be found for many devices.
For Android for example there is
[Wireguard for Android in the F-Droid store](https://f-droid.org/de/packages/com.wireguard.android/).
For most linux distributions there is a package called `wireguard`.

Loading…
Cancel
Save