diff options
author | Trygve Laugstøl <trygvis@inamo.no> | 2020-08-21 13:44:50 +0200 |
---|---|---|
committer | Trygve Laugstøl <trygvis@inamo.no> | 2020-08-21 13:44:50 +0200 |
commit | 9158fc8ff671707c686fcd40e13b06310112eada (patch) | |
tree | f4bbef85c8303cbb63ae7feac44e721bdbf43cf8 /ansible/roles/wireguard2/README.md | |
parent | b103e6d49aade658ebeabe8c21ef172b8bd72202 (diff) | |
download | infra-9158fc8ff671707c686fcd40e13b06310112eada.tar.gz infra-9158fc8ff671707c686fcd40e13b06310112eada.tar.bz2 infra-9158fc8ff671707c686fcd40e13b06310112eada.tar.xz infra-9158fc8ff671707c686fcd40e13b06310112eada.zip |
wireguard2
Diffstat (limited to 'ansible/roles/wireguard2/README.md')
-rw-r--r-- | ansible/roles/wireguard2/README.md | 21 |
1 files changed, 21 insertions, 0 deletions
diff --git a/ansible/roles/wireguard2/README.md b/ansible/roles/wireguard2/README.md new file mode 100644 index 0000000..d154546 --- /dev/null +++ b/ansible/roles/wireguard2/README.md @@ -0,0 +1,21 @@ +# Iptables configuration + +This is required: + + iptables -P FORWARD ACCEPT + +It can possibly be modified to not accept by default, and only allow +to/from our networks but I don't know how to do that. + +# Useful commands + +Cleaning everything and restarting. + + ip link del dev wg0 + systemctl restart systemd-networkd + +# References + + * https://www.eisfunke.com/article/docker-wireguard-systemd.html - Notice that this is not using the "alternate routing table" technique. + * https://nickb.dev/blog/routing-select-docker-containers-through-wireguard-vpn + * https://docs.docker.com/network/bridge/#enable-forwarding-from-docker-containers-to-the-outside-world |