====== WireGuard ======

https://www.wireguard.com/

WireGuard is the new kid on the block with regards to VPN stuff. It's **simple**, (comparatively) easy to set up and //fast//.

> Maybe the code isn’t perfect, but I’ve skimmed it, and compared to the horrors that are OpenVPN and IPsec, it’s a work of art.
> //Linus Torvalds//

It's useful for accessing [[anabasis]] machines.

===== How to (user perspective) =====

==== Windows ====

1. Install from https://www.wireguard.com/install/

2. Contact ''tml'' to generate your keys and add them to [[terra]].

3. Use the following template for the connection:

  [Interface]
  Address = 192.168.10.xx/32
  PrivateKey = xxx
  
  [Peer]
  PublicKey = /AZxUoy1XVY9x8b875oo1tRRVywGGwmid4pDJ0nEBSk=
  Endpoint = 37.205.12.19:51194
  AllowedIPs = 192.168.10.0/24
  PersistentKeepalive = 20

Replace ''Address'' and ''PrivateKey'' appropriately.

Save & done!

===== How to (thm notes) =====

''wg genkey | tee privatekey | wg pubkey > publickey''

''wg syncconf wg-anabasis <(wg-quick strip wg-anabasis)''

''iptables -A FORWARD -i wg0 -o wg0 -j ACCEPT''
===== Machines and their WireGuard IPs =====

^ machine    ^       adddress       ^
| terra      | ''192.168.10.1''     |
| abz router | ''192.168.10.2''     |
| albedo     | ''192.168.10.7''     |
| cyrus-1    | ''192.168.10.11''     |
| cyrus-2    | ''192.168.10.12''     |