FINALLY WIREGUARD PARTIALLY WORKING WITH DOCKER! THE GUIDE

Got a question about our NAS utilities? The answer lies within.

Moderator: Lillian.W@AST

Post Reply
fosseperme
Posts: 1
youtube meble na wymiar Warszawa
Joined: Thu Nov 25, 2021 6:47 pm

FINALLY WIREGUARD PARTIALLY WORKING WITH DOCKER! THE GUIDE

Post by fosseperme »

PROCEDURE TO INSTALL WIREGUARD GO BY FOSSEPERME (TESTED AND WORKING ON ASUSTOR DRIVERSTOR 2 LATEST FIRMWARE) - WORKS PARTIALLY

BUG - The clients not take the same IP of the NAS - every help is accepted reguarding this


1) Install entware package from store and open port 51820 UDP on the NAS then

ON THE SSH OF THE HOST AS ROOT USER type



opkg update;
opkg upgrade;
opkg install wireguard-go wireguard-tools;




2) IN PORTAINER CREATE A STACK



Code: Select all

version: '3.3'
services:
  wireguard:
    image: masipcat/wireguard-go:latest
    cap_add:
     - NET_ADMIN
     - SYS_ADMIN
     - SYS_MODULE
    sysctls:
     - net.ipv4.ip_forward=1
    volumes:
     - /dev/net/tun:/dev/net/tun
     - /path/of/your/wireguard/file/where/you/have/create/it:/etc/wireguard
    environment:
     - WG_COLOR_MODE=always
     - LOG_LEVEL=info
     - ALLOWEDIPS=0.0.0.0/0
     - MTU=1420
    ports:
     - :51820/udp
    
    privileged: true
    restart: always

3) Log in as root into the bash of the container created and type

cd etc/wireguard

umask 077

wg genkey > server_privatekey

wg pubkey < server_privatekey > server_publickey_client1
wg pubkey < server_privatekey > server_publickey_client2
wg pubkey < server_privatekey > server_publickey_client3
wg pubkey < server_privatekey > server_publickey_client4
wg pubkey < server_privatekey > server_publickey_client5

wg genkey | tee client1_privatekey | wg pubkey > client1_publickey
wg genkey | tee client2_privatekey | wg pubkey > client2_publickey
wg genkey | tee client3_privatekey | wg pubkey > client3_publickey
wg genkey | tee client4_privatekey | wg pubkey > client4_publickey
wg genkey | tee client5_privatekey | wg pubkey > client5_publickey


4)Create and paste the wg0.conf server configuration and clients configuration with respective publics and privates keys (that you can find in path selected on the stack configuration) in your path and wireguard go will work on the container!!!


EXAMPLES OF CONFIGURATION FILES


SERVER CONFIGURATION FILE (wg0.conf)

[Interface]
Address = 10.100.0.1/24
ListenPort = 51820
PrivateKey = <SERVER PRIVATE KEY>

[Peer]
PublicKey = <CLIENT 1 PUBLIC KEY>
AllowedIPs = 10.100.0.2/32

[Peer]
PublicKey = <CLIENT 2 PUBLIC KEY>
AllowedIPs = 10.100.0.3/32

[Peer]
PublicKey = <CLIENT 3 PUBLIC KEY>
AllowedIPs = 10.100.0.4/32

[Peer]
PublicKey = <CLIENT 4 PUBLIC KEY>
AllowedIPs = 10.100.0.5/32

[Peer]
PublicKey = <CLIENT 5 PUBLIC KEY>
AllowedIPs = 10.100.0.6/32


CLIENTS 1 CONFIGURATION (client1.conf)

CLIENT 1

[Interface]
Address = 10.100.0.2/32
PrivateKey = <CLIENT 1 PRIVATE KEY>

[Peer]
PublicKey = <SERVER PUBLIC KEY>
Endpoint = <SERVER PUBLIC IP>:51820


CLIENTS 2 CONFIGURATION (client2.conf)


CLIENT 2

[Interface]
Address = 10.100.0.3/32
PrivateKey = <CLIENT 2 PRIVATE KEY>

[Peer]
PublicKey = <SERVER PUBLIC KEY>
Endpoint = <SERVER PUBLIC IP>:51820



etc.
Post Reply

Return to “NAS Utilities”