client-playbook/roles/application-wireguard
2023-04-16 08:26:13 +02:00
..
handlers Implemented wireguard for client 2023-04-11 21:21:06 +02:00
tasks Implemented wireguard for client 2023-04-11 21:21:06 +02:00
README.md Added wireguard debug links to doku 2023-04-16 08:26:13 +02:00

Role Native Wireguard

Manages wireguard on a client.

Create Client Keys

  wg_private_key="$(wg genkey)"
  wg_public_key="$(echo "$wg_private_key" | wg pubkey)"
  echo "PrivateKey: $wg_private_key"
  echo "PublicKey: $wg_public_key"
  echo "PresharedKey: $(wg genpsk)"

Debug

When systemctl restart wg-quick@wg0.service returns RTNETLINK answers: Permission denied, modify /etc/sysctl.conf:

net.ipv6.conf.all.disable_ipv6 = 0
net.ipv6.conf.default.disable_ipv6 = 0
net.ipv6.conf.lo.disable_ipv6 = 0

Afterwards reload:

sysctl -p
systemctl restart wg-quick@wg0.service

SSH

When the SSH connection over wireguard is buggy try:

ip li set mtu 1400 dev eth0
ip li set mtu 1400 dev wlo1

This can be connected to the MTU

Other