WireGuard: Difference between revisions
| Line 38: | Line 38: | ||
Job for [email protected] failed because the control process exited with error code. | Job for [email protected] failed because the control process exited with error code. | ||
See "systemctl status [email protected]" and "journalctl -xeu [email protected]" for details. | See "systemctl status [email protected]" and "journalctl -xeu [email protected]" for details. | ||
</pre> | |||
Remove so we can try again... | |||
<pre> | |||
🌵 m@bitpost [~] sudo ./wireguard-install.sh | |||
Welcome to WireGuard-install! | |||
The git repository is available at: https://github.com/angristan/wireguard-install | |||
It looks like WireGuard is already installed. | |||
What do you want to do? | |||
1) Add a new user | |||
2) List all users | |||
3) Revoke existing user | |||
4) Uninstall WireGuard | |||
5) Exit | |||
Select an option [1-5]: 4 | |||
WARNING: This will uninstall WireGuard and remove all the configuration files! | |||
Please backup the /etc/wireguard directory if you want to keep your configuration files. | |||
Do you really want to remove WireGuard? [y/n]: y | |||
Removed /etc/systemd/system/multi-user.target.wants/[email protected]. | |||
Reading package lists... Done | |||
Building dependency tree... Done | |||
Reading state information... Done | |||
The following package was automatically installed and is no longer required: | |||
libqrencode4 | |||
Use 'sudo apt autoremove' to remove it. | |||
The following packages will be REMOVED: | |||
qrencode wireguard wireguard-tools | |||
0 upgraded, 0 newly installed, 3 to remove and 0 not upgraded. | |||
After this operation, 411 kB disk space will be freed. | |||
(Reading database ... 139965 files and directories currently installed.) | |||
Removing qrencode (4.1.1-1) ... | |||
Removing wireguard (1.0.20210914-1ubuntu2) ... | |||
Removing wireguard-tools (1.0.20210914-1ubuntu2) ... | |||
Processing triggers for man-db (2.10.2-1) ... | |||
* Applying /etc/sysctl.d/10-console-messages.conf ... | |||
kernel.printk = 4 4 1 7 | |||
* Applying /etc/sysctl.d/10-ipv6-privacy.conf ... | |||
net.ipv6.conf.all.use_tempaddr = 2 | |||
net.ipv6.conf.default.use_tempaddr = 2 | |||
* Applying /etc/sysctl.d/10-kernel-hardening.conf ... | |||
kernel.kptr_restrict = 1 | |||
* Applying /etc/sysctl.d/10-magic-sysrq.conf ... | |||
kernel.sysrq = 176 | |||
* Applying /etc/sysctl.d/10-network-security.conf ... | |||
net.ipv4.conf.default.rp_filter = 2 | |||
net.ipv4.conf.all.rp_filter = 2 | |||
* Applying /etc/sysctl.d/10-ptrace.conf ... | |||
kernel.yama.ptrace_scope = 1 | |||
* Applying /etc/sysctl.d/10-zeropage.conf ... | |||
vm.mmap_min_addr = 65536 | |||
* Applying /etc/sysctl.d/20_MDM_sysctl.conf ... | |||
fs.inotify.max_user_watches = 524288 | |||
* Applying /etc/sysctl.d/30-postgresql-shm.conf ... | |||
* Applying /usr/lib/sysctl.d/50-default.conf ... | |||
kernel.core_uses_pid = 1 | |||
net.ipv4.conf.default.rp_filter = 2 | |||
net.ipv4.conf.default.accept_source_route = 0 | |||
sysctl: setting key "net.ipv4.conf.all.accept_source_route": Invalid argument | |||
net.ipv4.conf.default.promote_secondaries = 1 | |||
sysctl: setting key "net.ipv4.conf.all.promote_secondaries": Invalid argument | |||
net.ipv4.ping_group_range = 0 2147483647 | |||
net.core.default_qdisc = fq_codel | |||
fs.protected_hardlinks = 1 | |||
fs.protected_symlinks = 1 | |||
fs.protected_regular = 1 | |||
fs.protected_fifos = 1 | |||
* Applying /usr/lib/sysctl.d/50-pid-max.conf ... | |||
kernel.pid_max = 4194304 | |||
* Applying /usr/lib/sysctl.d/99-protect-links.conf ... | |||
fs.protected_fifos = 1 | |||
fs.protected_hardlinks = 1 | |||
fs.protected_regular = 2 | |||
fs.protected_symlinks = 1 | |||
* Applying /etc/sysctl.d/99-sysctl.conf ... | |||
net.ipv4.ip_forward = 1 | |||
* Applying /etc/sysctl.conf ... | |||
net.ipv4.ip_forward = 1 | |||
WireGuard uninstalled successfully. | |||
🌵 m@bitpost [~] | |||
</pre> | </pre> | ||
Revision as of 11:52, 10 December 2024
Wireguard is loved FOSS software that is simpler and smaller and WAY FASTER than OpenVPN so, let's have at it.
Installation
Simplest installation can be done with this script. I'm tired and not sure why there is not a dedicated PPA as the version baked into Ubuntu is f'in old... so let's just try this...
curl -O https://raw.githubusercontent.com/angristan/wireguard-install/master/wireguard-install.sh chmod +x wireguard-install.sh ./wireguard-install.sh
My choices:
🌵 m@bitpost [~] sudo ./wireguard-install.sh Welcome to the WireGuard installer! The git repository is available at: https://github.com/angristan/wireguard-install I need to ask you a few questions before starting the setup. You can keep the default options and just press enter if you are ok with them. IPv4 or IPv6 public address: 136.47.226.130 Public interface: enp10s0f0 WireGuard interface name: wg0 Server WireGuard IPv4: 192.168.22.199 Server WireGuard IPv6: fd42:42:42::1 Server WireGuard port [1-65535]: 53 First DNS resolver to use for the clients: 192.168.22.1 Second DNS resolver to use for the clients (optional): 1.1.1.1 WireGuard uses a parameter called AllowedIPs to determine what is routed over the VPN. Allowed IPs list for generated clients (leave default to route everything): 0.0.0.0/0,::/0 Okay, that was all I needed. We are ready to setup your WireGuard server now. You will be able to generate a client at the end of the installation. Press any key to continue...
Something went wrong...
* Applying /etc/sysctl.conf ... net.ipv4.ip_forward = 1 Job for [email protected] failed because the control process exited with error code. See "systemctl status [email protected]" and "journalctl -xeu [email protected]" for details.
Remove so we can try again...
🌵 m@bitpost [~] sudo ./wireguard-install.sh Welcome to WireGuard-install! The git repository is available at: https://github.com/angristan/wireguard-install It looks like WireGuard is already installed. What do you want to do? 1) Add a new user 2) List all users 3) Revoke existing user 4) Uninstall WireGuard 5) Exit Select an option [1-5]: 4 WARNING: This will uninstall WireGuard and remove all the configuration files! Please backup the /etc/wireguard directory if you want to keep your configuration files. Do you really want to remove WireGuard? [y/n]: y Removed /etc/systemd/system/multi-user.target.wants/[email protected]. Reading package lists... Done Building dependency tree... Done Reading state information... Done The following package was automatically installed and is no longer required: libqrencode4 Use 'sudo apt autoremove' to remove it. The following packages will be REMOVED: qrencode wireguard wireguard-tools 0 upgraded, 0 newly installed, 3 to remove and 0 not upgraded. After this operation, 411 kB disk space will be freed. (Reading database ... 139965 files and directories currently installed.) Removing qrencode (4.1.1-1) ... Removing wireguard (1.0.20210914-1ubuntu2) ... Removing wireguard-tools (1.0.20210914-1ubuntu2) ... Processing triggers for man-db (2.10.2-1) ... * Applying /etc/sysctl.d/10-console-messages.conf ... kernel.printk = 4 4 1 7 * Applying /etc/sysctl.d/10-ipv6-privacy.conf ... net.ipv6.conf.all.use_tempaddr = 2 net.ipv6.conf.default.use_tempaddr = 2 * Applying /etc/sysctl.d/10-kernel-hardening.conf ... kernel.kptr_restrict = 1 * Applying /etc/sysctl.d/10-magic-sysrq.conf ... kernel.sysrq = 176 * Applying /etc/sysctl.d/10-network-security.conf ... net.ipv4.conf.default.rp_filter = 2 net.ipv4.conf.all.rp_filter = 2 * Applying /etc/sysctl.d/10-ptrace.conf ... kernel.yama.ptrace_scope = 1 * Applying /etc/sysctl.d/10-zeropage.conf ... vm.mmap_min_addr = 65536 * Applying /etc/sysctl.d/20_MDM_sysctl.conf ... fs.inotify.max_user_watches = 524288 * Applying /etc/sysctl.d/30-postgresql-shm.conf ... * Applying /usr/lib/sysctl.d/50-default.conf ... kernel.core_uses_pid = 1 net.ipv4.conf.default.rp_filter = 2 net.ipv4.conf.default.accept_source_route = 0 sysctl: setting key "net.ipv4.conf.all.accept_source_route": Invalid argument net.ipv4.conf.default.promote_secondaries = 1 sysctl: setting key "net.ipv4.conf.all.promote_secondaries": Invalid argument net.ipv4.ping_group_range = 0 2147483647 net.core.default_qdisc = fq_codel fs.protected_hardlinks = 1 fs.protected_symlinks = 1 fs.protected_regular = 1 fs.protected_fifos = 1 * Applying /usr/lib/sysctl.d/50-pid-max.conf ... kernel.pid_max = 4194304 * Applying /usr/lib/sysctl.d/99-protect-links.conf ... fs.protected_fifos = 1 fs.protected_hardlinks = 1 fs.protected_regular = 2 fs.protected_symlinks = 1 * Applying /etc/sysctl.d/99-sysctl.conf ... net.ipv4.ip_forward = 1 * Applying /etc/sysctl.conf ... net.ipv4.ip_forward = 1 WireGuard uninstalled successfully. 🌵 m@bitpost [~]