Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
docker_notes:vpn [2024-12-28 Sat wk52 11:11] – [Tailscale] baumkpdocker_notes:vpn [2024-12-28 Sat wk52 11:23] (current) – [Wireguard] baumkp
Line 12: Line 12:
  
 =====Wireguard===== =====Wireguard=====
-I previously successfully setup [[https://wiki.kptree.net/doku.php?id=linux_router:wireguard|KPTree wireguard]] on my router.  This was installed on "bare metal" as was the nftable based router firewall. I later installed Bind9 DNS and Kea DHCP programs in Docker containers.  I always run Docker in a VM to prevent Docker's packet filtering from affecting the bare metal firewall rules.  I did not move Wireguard to a Docker container as I did not have the need at the time.+I previously successfully setup [[https://wiki.kptree.net/doku.php?id=linux_router:wireguard|KPTree wireguard]] on my router.  This was installed on "bare metal" as was the nftable based router firewall. I later installed Bind9 DNS and Kea DHCP programs in Docker containers.  I always run Docker in a VM to prevent Docker's packet filtering from affecting the bare metal firewall rules.  Until recently I did not move Wireguard to a Docker container as I did not have the need or time.
  
 Using Docker [[https://github.com/linuxserver/docker-wireguard|wireguard]] from linuxserver.io is much easier than the manual "bare-metal" setup on my router.  The docker setup is below: Using Docker [[https://github.com/linuxserver/docker-wireguard|wireguard]] from linuxserver.io is much easier than the manual "bare-metal" setup on my router.  The docker setup is below:
Line 46: Line 46:
 ++++ ++++
  
-The Wireguard container [https://github.com/linuxserver/docker-wireguard#server-mode|Server Mode]] documentation give some key points on usage:+The Wireguard container [[https://github.com/linuxserver/docker-wireguard#server-mode|Server Mode]] documentation give some key points on usage:
   *Variables ''SERVERURL'', ''SERVERPORT'', ''INTERNAL_SUBNET'', ''PEERDNS'', ''INTERFACE, ALLOWEDIPS'' and ''PERSISTENTKEEPALIVE_PEERS'' are optional variables used for server mode. Any changes to these environment variables will trigger regeneration of server and peer confs. Peer/client confs will be recreated with existing private/public keys. Delete the peer folders for the keys to be recreated along with the confs.   *Variables ''SERVERURL'', ''SERVERPORT'', ''INTERNAL_SUBNET'', ''PEERDNS'', ''INTERFACE, ALLOWEDIPS'' and ''PERSISTENTKEEPALIVE_PEERS'' are optional variables used for server mode. Any changes to these environment variables will trigger regeneration of server and peer confs. Peer/client confs will be recreated with existing private/public keys. Delete the peer folders for the keys to be recreated along with the confs.
   *To add more peers/clients later on, you increment the ''PEERS'' environment variable or add more elements to the list and recreate the container.   *To add more peers/clients later on, you increment the ''PEERS'' environment variable or add more elements to the list and recreate the container.