client-playbook/roles/application-wireguard/README.md

1.8 KiB

Role Native Wireguard

Manages wireguard on a client.

Create Client Keys

  wg_private_key="$(wg genkey)"
  wg_public_key="$(echo "$wg_private_key" | wg pubkey)"
  echo "PrivateKey: $wg_private_key"
  echo "PublicKey: $wg_public_key"
  echo "PresharedKey: $(wg genpsk)"

Debug

When systemctl restart wg-quick@wg0.service returns RTNETLINK answers: Permission denied, modify /etc/sysctl.conf:

net.ipv6.conf.all.disable_ipv6 = 0
net.ipv6.conf.default.disable_ipv6 = 0
net.ipv6.conf.lo.disable_ipv6 = 0

Afterwards reload:

sysctl -p
systemctl restart wg-quick@wg0.service

SSH

When the SSH connection over wireguard is buggy try:

ip li set mtu 1400 dev eth0
ip li set mtu 1400 dev wlo1

This can be connected to the MTU

Other