Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[MODULE REQUEST] Configuration of Wireguard VPN #482

Open
5 tasks done
shake-spear opened this issue Mar 21, 2020 · 0 comments
Open
5 tasks done

[MODULE REQUEST] Configuration of Wireguard VPN #482

shake-spear opened this issue Mar 21, 2020 · 0 comments
Labels
Help Wanted Module Request

Comments

@shake-spear
Copy link
Contributor

shake-spear commented Mar 21, 2020
edited
Loading

Please prefix your issue title with one of the following: [BUG], [ISSUE], [FEATURE REQUEST], [MODULE REQUEST], [OTHER].

Replace everything between stars with current version of your facileManager and module installations:
fM Version : 3.6.7

In raising this issue, I confirm the following (please check boxes, eg [X]):

  • I have read and understood the contributors guide.
  • I have checked that the bug-fix I am reporting can be replicated, or that the feature I am suggesting isn't already present.
  • I have checked that the issue I'm posting isn't already reported.
  • I have checked that the issue I'm posting isn't already solved and no duplicates exist in closed issues and opened issues
  • I have checked the pull requests tab for existing solutions/implementations to my issue/suggestion.

It would be nice to have a module supporting "Wireguard".

ideas:

  • Configuration auf Server (/etc/wg0.conf)
    ` [Interface]
    Address = X.X.X.X/Y
    ListenPort = #####

        PrivateKey = <server private key>
    PostUp = iptables -A FORWARD -i %i -j ACCEPT; iptables -A FORWARD -o %i -j ACCEPT; iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
   PostDown = iptables -D FORWARD -i %i -j ACCEPT; iptables -D FORWARD -o %i -j ACCEPT; iptables -t nat -D POSTROUTING -o eth0 -j MASQUERADE

  • Keymanagement (storing in database)
    - Server Private Key and Pubkey (calling "wg genkey" and "wg pubkey")
    - create, change, delete
    - Client Private Key and Pubkey (calling "wg genkey" and "wg pubkey")
    - create, change, delete, enable,disable

  • Configuration auf Clients on "serverside" (in wg0.conf)
    - adding section for enabled clients to wg0.conf
    # Client1
    [Peer]
    PublicKey = ....
    AllowedIPs = X.X.X.X/Y A.A.A.A/B

        # Client2
   [Peer]
   PublicKey = ....
   AllowedIPs = X.X.X.X/Y A.A.A.A/B

  • Generation of Configuration for "clientside"
    - configfile .conf for all cases:
    [Interface]
    PrivateKey =
    Address = 10.10.10.2/32
    DNS = X.X.X.X

           [Peer]
       PublicKey = <pubkey of server>
       AllowedIPs = X.X.XX/Y
       Endpoint = X.X.X.X:#####

  - Linux clients VPNs (e.g. select clienttype "Linux" or "Other" on UI)
       copy generated client file to /etc/wireguard/<clientname>.conf

  - Others
       - show config file for copy&past
       - show qr code generated with "qrencode -t ansiutf8 < <clientname>.conf"

`
@shake-spear shake-spear changed the title [MODULE REQUEST] [MODULE REQUEST] Configuration of Wireguard VPN Mar 21, 2020
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
Help Wanted Module Request
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@WillyXJ @shake-spear