Direkt zum Hauptinhalt

Install WireGuard

WireGuard

#!/bin/bash
# Update and Upgrade
apt update && apt upgrade -y && apt full-upgrade -y
#WireGuard Installation
apt-get install -y resolvconf sudo wireguard

Zum autostarten mit wg-quick: "systemctl enable wg-quick@CONFIG"

Umbedingt im Service File eintragen: Before=apache2.service mariadb.service redis-server.service ssh.service "

Eigentliche Datei liegt unter /var/run/resolvconf/resolv.conf

Inhalt:

# Dynamic resolv.conf(5) file for glibc resolver(3) generated by resolvconf(8)
#     DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN
# 127.0.0.53 is the systemd-resolved stub resolver.
# run "resolvectl status" to see details about the actual nameservers.

nameserver 1.1.1.1
nameserver 1.0.0.1
options timeout:1 attempts:1 rotate

Wenn als intern.conf gespeichert:

nano /etc/wireguard/intern.conf && wg-quick up intern && systemctl enable wg-quick@intern

Haupt VPN fürs Management:

nano /etc/wireguard/main.conf && wg-[email protected]
quick 
up main && systemctl enable wg-quick@main && nano /lib/systemd/system/ssh.service && systemctl daemon-reload
[email protected]

Monitoring VPN:

nano /etc/wireguard/monitor.conf && wg-quick up monitor && systemctl enable wg-quick@monitor && nano /lib/systemd/system/prometheus-node-exporter.service && systemctl daemon-reload
[email protected]
echo "ARGS=\"--collector.tcpstat --collector.network_route --collector.logind --collector.mountstats --collector.meminfo_numa --collector.processes --web.listen-address=\"172.26.77.:9100\"\"" > /etc/default/prometheus-node-exporter && systemctl restart prometheus-node-exporter
nach oben