The repo is back up and working again.
Wanted to try from mobile but I have to come back later
Server seems to work but on client I get:
[root@testvm2 wireguard]# wg-quick up wg0
[#] ip link add wg0 type wireguard
RTNETLINK answers: Operation not supported
Unable to get device: Protocol not supported
Server:
[root@testserver wireguard]# wg-quick up wg0
[#] ip link add wg0 type wireguard
[#] wg setconf wg0 /dev/fd/63
[#] ip address add 10.0.0.1/24 dev wg0
[#] ip link set mtu 1420 dev wg0
[#] ip link set wg0 up
[#] iptables -A FORWARD -i wg0 -j ACCEPT; iptables -t nat -A POSTROUTING -o ens3
[root@testserver wireguard]# ifconfig
wg0: flags=209<UP,POINTOPOINT,RUNNING,NOARP> mtu 1420
inet 10.0.0.1 netmask 255.255.255.0 destination 10.0.0.1
inet6 fe80::6175:2002:5bdf:7d00 prefixlen 64 scopeid 0x20<link>
unspec 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00 txqueuelen 1 (UNSPEC)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 0 bytes 0 (0.0 B)
TX errors 3 dropped 0 overruns 0 carrier 0 collisions 0
Configuration steps:
# Download jdoss wireguard repo
curl -Lo /etc/yum.repos.d/wireguard.repo https://copr.fedorainfracloud.org/coprs/jdoss/wireguard/repo/epel-7/jdoss-wireguard-epel-7.repo
# Install wireguard
yum -y install wireguard-dkms wireguard-tools
# Enable IP forward if not enabled
grep -qF "net.ipv4.ip_forward=1" "/etc/sysctl.conf" || echo "net.ipv4.ip_forward=1" >> "/etc/sysctl.conf"
sysctl -p
# Create wireguard dirs and keys
mkdir /etc/wireguard
cd /etc/wireguard
wg genkey | tee server-private.key | wg pubkey > server-public.key
wg genkey | tee client-private.key | wg pubkey > client-public.key
# Server conf
address=192.168.77.1/24
port=51820
interface=ens33
privatekey=$(cat /etc/wireguard/server-private.key)
publickey=$(cat /etc/wireguard/client-public.key)
allowedips=192.168.77.0/24
printf "[Interface]\nAddress = $address\nListenPort = $port\nPostUp = iptables -A FORWARD -i wg0 -j ACCEPT; iptables -t nat -A POSTROUTING -o $interface -j MASQUERADE\nPostDown = iptables -D FORWARD -i wg0 -j ACCEPT; iptables -t nat -D POSTROUTING -o $interface -j MASQUERADE\nPrivateKey = $privatekey\nSaveConfig = true\n\n[Peer]\nPublicKey = $publickey\nAllowedIPs = $allowedips\n" > /etc/wireguard/wg0.conf
# Client conf
address=192.168.77.2/24
port=51820
interface=ens33
privatekey=$(cat /etc/wireguard/client-private.key)
publickey=$(cat /etc/wireguard/server-public.key)
allowedips=0.0.0.0/0
publicvpnip=1.2.3.4
printf "[Interface]\nAddress = $address\nListenPort = $port\nPostUp = echo UP\nPostDown = echo DOWN\nPrivateKey = $privatekey\nSaveConfig = true\n\n[Peer]\nPublicKey = $publickey\nAllowedIPs = $allowedips\nEndpoint = $publicvpnip:$port\n" > /etc/wireguard/wg1.conf
# Set permissions
chmod 700 server-*.key *.conf
# Firewall config
config set fw_wireguard service TCPPort 51820 access green,red status enabled
signal-event firewall-adjust
# Start up wireguard
wg-quick up wg0