Skip to content

nycmeshnet/vpn-infra

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

10 Commits
.github/workflows
.github/workflows
 
 
ansible
ansible
 
 
terraform
terraform
 
 
.gitignore
.gitignore
 
 
README.md
README.md
 
 
requirements.txt
requirements.txt
 
 

Repository files navigation

vpn-infra

Adding a config

Add a road warrior config

  1. Generate a public private keypair. wg genkey | tee yourname_privatekey | wg pubkey > yourname_publickey
  2. Add a new entry to ansible/wireguard.yaml
Key Description Restrictions
NAME Name of the interface Should be letters and numbers
PORT Port number for the wireguard interface Should be a unique number
PEER_PUBLIC_KEY Your public key Should be a wireguard public key
INTERFACE_ADDRESS Address for the wireguard interface Should be a unique /31 in the assigned range (10.70.250.0/24).
PEER_ALLOWED_IPS IPs allowed to connect. Default 0.0.0.0/0. IP range
PEER_PERSISTENT_KEEPALIVE Persistent keepalive. Default 25. Integer

  1. Open a pull request in this repository with your changes.

  2. After your pull request is created, a build will automatically run. If it fails, correct the configuration issue.

  3. A volunteer will merge your pull request, you can then set up your device and start using it.

Add a remote hub config

  1. Generate a public private keypair. wg genkey | tee nn000_privatekey | wg pubkey > nn000_publickey
  2. Add a new entry to ansible/wireguard.yaml
Key Description Restrictions
NAME Name of the interface Should be nn000 where 000 is your NN
PORT Port number for the wireguard interface Should be a unique number
PEER_PUBLIC_KEY Your public key Should be a wireguard public key
INTERFACE_ADDRESS Address for the wireguard interface Should be a unique /30 in the assigned range (10.70.250.0/24).
NEIGHBORS Neighbor IP address An IP address
TX_LENGTH MTU. The default is 1420. Should be a unique number
COST The OSPF cost of the link from the VPN server to your remote hub. The default is 100. Should be a unique number
PEER_ALLOWED_IPS IPs allowed to connect. Default 0.0.0.0/0. IP range
PEER_PERSISTENT_KEEPALIVE Persistent keepalive. Default 25. Integer

  1. Open a pull request in this repository with your changes.

  2. After your pull request is created, a build will automatically run. If it fails, correct the configuration issue.

  3. A volunteer will merge your pull request, you can then set up your device and start using it.

About

No description, website, or topics provided.

Resources

Readme
Activity
Custom properties

Stars

0 stars

Watchers

6 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Contributors 2

  •  
  •  

Languages