From 9158fc8ff671707c686fcd40e13b06310112eada Mon Sep 17 00:00:00 2001
From: Trygve Laugstøl <trygvis@inamo.no>
Date: Fri, 21 Aug 2020 13:44:50 +0200
Subject: wireguard2

---
 ansible/roles/wireguard2/README.md | 21 +++++++++++++++++++++
 1 file changed, 21 insertions(+)
 create mode 100644 ansible/roles/wireguard2/README.md

(limited to 'ansible/roles/wireguard2/README.md')

diff --git a/ansible/roles/wireguard2/README.md b/ansible/roles/wireguard2/README.md
new file mode 100644
index 0000000..d154546
--- /dev/null
+++ b/ansible/roles/wireguard2/README.md
@@ -0,0 +1,21 @@
+# Iptables configuration
+
+This is required:
+
+  iptables -P FORWARD ACCEPT
+
+It can possibly be modified to not accept by default, and only allow
+to/from our networks but I don't know how to do that.
+
+# Useful commands
+
+Cleaning everything and restarting.
+
+  ip link del dev wg0
+  systemctl restart systemd-networkd
+
+# References
+
+  * https://www.eisfunke.com/article/docker-wireguard-systemd.html - Notice that this is not using the "alternate routing table" technique.
+  * https://nickb.dev/blog/routing-select-docker-containers-through-wireguard-vpn
+  * https://docs.docker.com/network/bridge/#enable-forwarding-from-docker-containers-to-the-outside-world
-- 
cgit v1.2.3