Hi i agree to split this, i just don’t know how . Open another topic ?
BTW i have WG-Easy up and running as podman, i just don’t know how to wrap this in a app.
Sorry but no.
Hi i agree to split this, i just don’t know how . Open another topic ?
BTW i have WG-Easy up and running as podman, i just don’t know how to wrap this in a app.
Sorry but no.
Do you want to build Apps for Nethserver?
A good place to start
Home | NS8 dev manual (nethserver.github.io)
Everything begins here NethServer/ns8-kickstart: NethServer 8 module template (github.com)
@stephdl made some imporvements to the same
To get started much quicker:
for mariadb based systems stephdl/ns8-kickstart-mariadb: NethServer 8 module template (github.com)
for postgres based systems stephdl/ns8-kickstart-postgresql (github.com)
and there are tone of examples Apps on my repo, Nethserver repo as well
I’m willing to learn, but i have to admit that i do not understand what to do
What i can do is providing a VPS for testing if needed and of course share what i have. I do own a domain so it would be possible to play around with DNS etc.
What i did so far:
I’m not sure that all from 3 - 5 are needed. This has to be checked.
podman run -d \
--name=wg-easy \
-e WG_HOST=*ip_or_FQDN* \
-e PASSWORD=*a_strong_password_for_login_to_admin_interface* \
-e WG_PORT=51822 \
-e UI_TRAFFIC_STATS=true \
-e WG_PERSISTENT_KEEPALIVE=25 \
-v ~/.wg-easy:/etc/wireguard \
-p 51822:51820/udp \
-p 51821:51821/tcp \
--cap-add=NET_ADMIN \
--cap-add=SYS_MODULE \
--cap-add=NET_RAW \
--sysctl="net.ipv4.conf.all.src_valid_mark=1" \
--sysctl="net.ipv4.ip_forward=1" \
--restart unless-stopped \
ghcr.io/wg-easy/wg-easy
Replace the values marked with **.
create a HTTP route with (sorry in german)
open https://your_ip_or_FQDN and login with the “PASSWORD” from point 7.
Further can be found here WG-Easy Github
and here WG-Easy with Podman
@mz05er its not just podman, there are a few concepts to be put into consideration when trying to run containers into nethserver.
HAve you taken a look at this
NS8-Generic Containers-: Install Uptime-kuma - Howto - NethServer Community
An example of just running containers in Nethserver 8, without building the app first for ns8
is it also possible to kindly change the language prior to taking screenshot of your setup, would make a world of difference to non German speakers like myself
As a quick tip, you could use the Google “lens app” (available on both Android and Apple) to auto translate everything you point your camera at. Just q quick remedy to get things going
[root@r3-pve wg-easy]# cat /etc/wireguard/wg0.json
{
"server": {
"privateKey": "KEHHLV5bcNarl7fANSd0/OJCrSg0a8t+jscWs4BTgVE=",
"publicKey": "rxll5FzsUh301Am1Bz1A5t+hkroNj4x+4rps+SKC3EY=",
"address": "10.8.0.1"
},
"clients": {
"c2c147ff-1c42-4dc8-8f03-a235a685f085": {
"id": "c2c147ff-1c42-4dc8-8f03-a235a685f085",
"name": "stephdl",
"address": "10.8.0.2",
"privateKey": "iJSqH3bNy7QPtUxAmtOwUZKfQ7ZpNcSITu6hIWISyFc=",
"publicKey": "pQdn53aKiVPawDS3fOEmiEajHLeIpQ2AoZlYIDbfsAE=",
"preSharedKey": "iCT7Jdq/BRjFFqFglu/n6v+1c1p2er5UlpzLmMK64LA=",
"createdAt": "2024-03-07T14:42:12.569Z",
"updatedAt": "2024-03-07T14:42:12.569Z",
"enabled": true
}
}
}
[root@r3-pve wg-easy]# cat /etc/wireguard/wg0.conf
# Note: Do not edit this file directly.
# Your changes will be overwritten!
# Server
[Interface]
PrivateKey = KEHHLV5bcNarl7fANSd0/OJCrSg0a8t+jscWs4BTgVE=
Address = 10.8.0.1/24
ListenPort = 51820
PreUp =
PostUp = iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -o ens18 -j MASQUERADE; iptables -A INPUT -p udp -m udp --dport 51820 -j ACCEPT; iptables -A FORWARD -i wg0 -j ACCEPT; iptables -A FORWARD -o wg0 -j ACCEPT;
PreDown =
PostDown =
# Client: stephdl (c2c147ff-1c42-4dc8-8f03-a235a685f085)
[Peer]
PublicKey = pQdn53aKiVPawDS3fOEmiEajHLeIpQ2AoZlYIDbfsAE=
PresharedKey = iCT7Jdq/BRjFFqFglu/n6v+1c1p2er5UlpzLmMK64LA=
AllowedIPs = 10.8.0.2/32
I think we need to run it inside a container we could break the first wg0.conf, what you see is only the UI that I tweaked to run it
interesting,
could it be made to make use of TUN devices | NS8 dev manual (nethserver.github.io)
Available in Ns8 to create a new interface?
or is that not necessary
would the scratchpad method be feasible
I don’t think a new interface is needed when it runs in a container.
what i meant is, if you have followed the running generic containers Howto.
WHat happens right now if you reboot your server, are you still able to login to your wgeasy instance @mz05er , or do you have to repeat the process
not --permanent
true, it should be --permanent.
The container is not starting.
Step 7 has to be repeated, nothing else.
I guess it could be auto started with something like “podman generate systemd --new --files --name wg-easy”.
But this is maybe the wrong way if the goal is to have it as app.
should be
firewall-cmd --permanent --add-port=51822/udp
is corrected
not quite true. Number 3. modprobe ip_tables has to be done also.
hint/suggestion: a command (which could be translated into a button) for generate a tunnel and a comand (also translable into button) to download keys/config file for wireguard?
Most of the code should be the same currently available for “container related” wiregard config generation.
@mz05er looks like our prayers have been answerd stephdl · GitHub
Il be patient and wait for the module officially, no need to begin tinkering on my server, and potentially break things.