selfhosted
/
selfhosted-apps-docker
mirror of https://github.com/DoTheEvo/selfhosted-apps-docker.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

update

This commit is contained in:
DoTheEvolution 2020-06-16 20:40:22 +02:00
parent 1b1afd1a2a
commit 6b8b9f8c5f
1 changed files with 10 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
wireguard/readme.md
View File

@ -98,7 +98,8 @@ This configuration when run creates a new `wg0` network interface on the machine
will be used to encrypt packets
* **\# PublicKey** - just a note, what is the public key of the private key
* **Address** - IP address on the created wg0 network interface,
`/24` defines its mask as `255.255.255.0`
can be whatever you want as long as it does not clash with other networks.
`/24` defines the mask as `255.255.255.0`
* **ListenPort** - port on which wireguard connects to the internet, using UDP protocol
* **PostUp/PostDown** - section where one can define what should be done after
the interface is turned on or off.<br>
@ -106,12 +107,13 @@ This configuration when run creates a new `wg0` network interface on the machine
which you want to replace with your own<br>
This setup ipv4 only
**[Peer]** - section defining a peers
**[Peer]** - section defining a peers that will be able to connect
* **PublicKey** - public key of the peer
* **AllowedIPs** - IP addresses that you want to reach at the other end of the tunnel.<br>
When `wg-quick` is run with these defined, a route is added in to the network stack
that makes sure that if something wants IP address defined here, it is send to `wg0`.<br>
Two peers can not have same IP set in there.<br>
When `wg-quick` is run with these defined, a route is added in to the machines
network stack that makes sure that if something wants IP address defined here,
it is send to `wg0`.<br>
Two peers can not have the same IP.<br>
In this case we want to define only single IP of the client as being accessible, allowed through.
### Start and enable the service
@ -151,7 +153,7 @@ Endpoint = 63.123.113.495:51820
Two peers can not have same IP set in there.<br>
In this client case, we want to be able to communicate with the wireguard server,
so its IP is added, but also the entire local network at the end of the tunnel,
so its entire range is added.
so the entire range is added.
* **Endpoint** - public IP at which to find the WireGuard server across the internet
![windows-client](https://i.imgur.com/T5oA2No.png)
@ -178,8 +180,8 @@ The generated crypto keys are used all over in configuration.
Would it not be nice if at a simple glance
you would immediatly know which peer they represent?
Well, what if you generate few millions of keys and pick ones that fit some rule
of having a desired string somewhere in the first 10 letters?
Well, what if you generate few millions of keys and pick the ones
that fit some rule of having a desired string somewhere in the first letters?
[https://github.com/warner/wireguard-vanity-address](https://github.com/warner/wireguard-vanity-address)