CIS + inital
This commit is contained in:
@@ -0,0 +1,11 @@
|
||||
[Interface]
|
||||
PrivateKey = {{ client_private_key }}
|
||||
Address = {{ client_ip }}/{{ wg_network | ansible.utils.ipaddr('prefix') }}
|
||||
DNS = {{ wg_dns_servers | join(', ') }}
|
||||
MTU = {{ wg_mtu }}
|
||||
|
||||
[Peer]
|
||||
PublicKey = {{ wg_server_public_key }}
|
||||
Endpoint = {{ ansible_default_ipv4.address }}:{{ wg_port }}
|
||||
AllowedIPs = 0.0.0.0/0, ::/0
|
||||
PersistentKeepalive = {{ wg_persistent_keepalive }}
|
||||
@@ -0,0 +1,49 @@
|
||||
# WireGuard VPN Client Configurations
|
||||
|
||||
**Server**: {{ inventory_hostname }}
|
||||
**Server IP**: {{ ansible_default_ipv4.address }}
|
||||
**VPN Network**: {{ wg_network }}
|
||||
**Server Public Key**: {{ wg_server_public_key }}
|
||||
|
||||
## Client Configurations
|
||||
|
||||
{% for peer in wg_peers_with_ips | default([]) %}
|
||||
### {{ peer.name }}
|
||||
- **IP Address**: {{ peer.ip }}
|
||||
- **Config File**: `{{ peer.name }}.conf`
|
||||
- **QR Code**: `{{ peer.name }}_qr.txt`
|
||||
|
||||
{% endfor %}
|
||||
|
||||
## Installation Instructions
|
||||
|
||||
### Desktop (Linux/macOS/Windows)
|
||||
|
||||
1. Install WireGuard: https://www.wireguard.com/install/
|
||||
2. Copy the `.conf` file to your device
|
||||
3. Import configuration:
|
||||
- Linux: `sudo wg-quick up /path/to/config.conf`
|
||||
- macOS/Windows: Import via WireGuard GUI
|
||||
4. Connect
|
||||
|
||||
### Mobile (iOS/Android)
|
||||
|
||||
1. Install WireGuard app from App Store/Play Store
|
||||
2. View QR code: `cat <username>_qr.txt`
|
||||
3. Scan QR code in WireGuard app
|
||||
4. Connect
|
||||
|
||||
## Testing
|
||||
|
||||
After connecting, verify your IP:
|
||||
```bash
|
||||
curl https://ifconfig.me
|
||||
```
|
||||
|
||||
Should show: {{ ansible_default_ipv4.address }}
|
||||
|
||||
## Troubleshooting
|
||||
|
||||
- Ensure port {{ wg_port }}/udp is open in firewall
|
||||
- Check server status: `sudo wg show`
|
||||
- Check logs: `sudo journalctl -u wg-quick@{{ wg_interface }}`
|
||||
@@ -0,0 +1,17 @@
|
||||
[Interface]
|
||||
Address = {{ wg_server_ip }}/{{ wg_network | ansible.utils.ipaddr('prefix') }}
|
||||
ListenPort = {{ wg_port }}
|
||||
PrivateKey = {{ wg_server_private_key }}
|
||||
MTU = {{ wg_mtu }}
|
||||
|
||||
PostUp = {{ wg_postup }}
|
||||
PostDown = {{ wg_postdown }}
|
||||
|
||||
{% for peer in wg_peers_with_ips | default([]) %}
|
||||
# {{ peer.name }}
|
||||
[Peer]
|
||||
PublicKey = {{ lookup('file', wg_keys_dir + '/' + peer.name + '_public.key') }}
|
||||
AllowedIPs = {{ peer.ip }}/32
|
||||
PersistentKeepalive = {{ wg_persistent_keepalive }}
|
||||
|
||||
{% endfor %}
|
||||
Reference in New Issue
Block a user