switching public/private

2024-11-15 08:33:57 -07:00 · 2024-11-15 08:33:57 -07:00 · 27be196d17
commit 27be196d17
parent 09c1f39a62
10 changed files with 1 additions and 1 deletions
--- a/diy-tunnel/vps/README.md
+++ b/diy-tunnel/vps/README.md
@ -0,0 +1 @@
+`wg0.conf` should be deployed to `/etc/wireguard/wg0.conf` on the public facing (VPS) server.
--- a/diy-tunnel/vps/wg0.conf
+++ b/diy-tunnel/vps/wg0.conf
@ -0,0 +1,15 @@
+[Interface]
+Address = 10.0.0.1/24         # Private IP for the VPS in the VPN network
+ListenPort = 51820            # Default WireGuard port
+PrivateKey = ###PRIVATE KEY FOR PUBLIC SERVER####
+
+# packet forwarding
+PreUp = sysctl -w net.ipv4.ip_forward=1
+
+# port forwarding (HTTP, HTTPS) - update port list as required 
+PreUp = iptables -t nat -A PREROUTING -i eth0 -p tcp -m multiport --dports 80,443 -j DNAT --to-destination 10.0.0.2
+PostDown = iptables -t nat -D PREROUTING -i eth0 -p tcp -m multiport --dports 80,443 -j DNAT --to-destination 10.0.0.2
+
+[Peer]
+PublicKey = ###PUBLIC KEY FOR PRIVATE SERVER####
+AllowedIPs = 10.0.0.2/32      # IP of the home server in VPN
				`@ -0,0 +1 @@`
				`wg0.conf` should be deployed to `/etc/wireguard/wg0.conf` on the public facing (VPS) server.