14
edits
(added link to forkie.dev) |
(Add basic tutorial using systemd-networkd) |
||
* It is currently hosted on a VPS at [https://www.urdn.com.ua/ Ukrainian Data Network] but there are plans to move it to her own ASN once she is an LIR at RIPE.
* WireGuard Endpoint: <code>collabvpn.julias.zone:80</code>
==== Used IP-Addresses ====
{| class="wikitable"
!Used For
!Pool
|These IPv4 ports can be routed to peers on demand.
|}
=== Tutorials ===
==== Using systemd-networkd ====
# Create a file named <code>/etc/systemd/network/collabvpn.netdev</code>
# Put the following content into it <code>[NetDev]</code> <code>Name=collabvpn</code><code>Kind=wireguard</code><code>[WireGuard]</code><code>PrivateKey=<YourPrivateKey,SeeBelow!></code><code>[WireGuardPeer]</code><code>PublicKey=DMXzEWzUWoPfV8lJympy1TLsCrCZMkcf/kRofQjg+Gs=</code><code>AllowedIPs=::/0, 0.0.0.0/0</code><code>Endpoint=collabvpn.julias.zone:80</code>
# Set the file permissions using <code>chown root:systemd-network /etc/systemd/network/collabvpn.netdev</code> <code>chmod 0640 /etc/systemd/network/collabvpn.netdev</code>
# You can generate a keypair using <code>KEY=`wg genkey`; echo PrivateKey $KEY; echo PublicKey `echo $KEY | wg pubkey`</code> It is important that you keep PrivateKey PRIVATE, as the name states it. DO NOT share it with anyone.
# Put the PrivateKey into the config.
# Send Julia your PublicKey, see below. Wait for her to respond and then continue.
# Create a file named <code>/etc/systemd/network/collabvpn.network</code>
# Put the following content into it <code>[Match]</code> <code>Name=collabvpn</code><code>[Network]</code><code>Address=<YourIPv6Address></code><code>Address=<YourIPv4Address></code><code>DNS=2a0f:e586:f:2c00::2</code><code>DNS=10.2.6.2</code>
# Fill in your addresses. IMPORTANT: Do not fill in your /64 as your address, fill in your /128. Your /64 is routed over that address and will be unusable if configured improperly.
# Setup a NAT for IPv4, setup a router advertisements for IPv6 and you're good to go.
=== Requesting a Tunnel ===
* Further technical details like blocked ports
* Tutorial using ifupdown/wg-quick and radvd
* Extend tutorial for systemd-networkd to include DHCPv4 server and router advertisements
|
edits