WirFixenAlles/Boilerplates
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
Files
65869b6a57d2db0de6b9a832b14111f0899d5811
Boilerplates/Linux/WireGuard/dashboard+serivice.md

79 lines
2.1 KiB
Markdown
Raw Blame History

# Installation von WireGuard und WG-Dashboard auf AlmaLinux
If you are not logged in as root then do `sudo su -`
Change this part of your config file /etc/wireguard/site2site.conf down in this script:
```bash
Address = 172.32.0.0/24
ListenPort = 51820
iptables -t nat -I POSTROUTING -o site2site -j SNAT --to 172.32.0.0
```
# Installscript
```bash
# Disable AlmaLinux build in Firewall
systemctl disable --now firewalld
# Update the System
dnf update -y && dnf install -y nano iptables git wireguard-tools python3 python3-pip net-tools openssh-server
# Enable SSH Server
systemctl enable --now sshd
# Install WG-Dashboard https://github.com/donaldzou/WGDashboard
git clone -b v3.0.6 https://github.com/donaldzou/WGDashboard.git /opt/wgdashboard
cd /opt/wgdashboard/src/
chmod +x wgd.sh
./wgd.sh install
chmod -R 755 /etc/wireguard
./wgd.sh debug
# Create systemd service
tee /etc/systemd/system/wg-dashboard.service <<EOF
[Unit]
After=netword.service
[Service]
WorkingDirectory=/opt/wgdashboard/src
ExecStart=/usr/bin/python3 /opt/wgdashboard/src/dashboard.py
Restart=always
[Install]
WantedBy=default.target
EOF
chmod 664 /etc/systemd/system/wg-dashboard.service
systemctl daemon-reload
# Make AlmaLinux able to forward IPv4
echo "net.ipv4.ip_forward = 1" | tee -a /etc/sysctl.conf
sysctl -p
# Config WireGuard with your settings
systemctl disable --now wg-quick@wg0
mkdir -p /etc/wireguard/keys
cd /etc/wireguard/keys
wg genkey | tee site2site_priv.key
cat /etc/wireguard/keys/site2site_priv.key | wg pubkey | tee /etc/wireguard/keys/site2site_pub.key
PrivKey=$(cat site2site_priv.key)
cat site2site_pub.key
tee /etc/wireguard/site2site.conf <<EOF
[Interface]
Address = 172.32.0.0/24
ListenPort = 51820
EOF
echo -e "PrivateKey = $PrivKey" >> /etc/wireguard/site2site.conf
# Adjust iptables rules
iptables -t nat -I POSTROUTING -o site2site -j SNAT --to 172.32.0.0
iptables -A FORWARD -i site2site -j ACCEPT
iptables -A FORWARD -o site2site -j ACCEPT
# Enable serivce for the site2site WireGuard VPN and the Dashboard for it
systemctl enable --now wg-quick@site2site
systemctl enable --now wg-dashboard
```
Reference in New Issue View Git Blame Copy Permalink