qusal/salt/sys-wireguard
Ben Grande 011a71a36d
style: limit line length per file extension
Editorconfig can only act based on file extension and path, not
attributes, it remains a mean only for multiple collaborators to use the
same configuration on their editor. When it is too restrictive, such as
not considering the file syntax, use a lint tool for the specific file
type instead of trusting editorconfig. Changes were made to increase
readability.
2024-07-09 17:42:07 +02:00
..
files style: limit line length per file extension 2024-07-09 17:42:07 +02:00
clone.sls refactor: initial commit 2023-11-13 14:33:28 +00:00
clone.top refactor: initial commit 2023-11-13 14:33:28 +00:00
configure.sls fix: clean Wireguard rules 2024-06-19 15:08:03 +02:00
configure.top refactor: initial commit 2023-11-13 14:33:28 +00:00
create.sls fix: clean Wireguard rules 2024-06-19 15:08:03 +02:00
create.top refactor: initial commit 2023-11-13 14:33:28 +00:00
init.top refactor: initial commit 2023-11-13 14:33:28 +00:00
install.sls fix: bind wireguard configuration directory 2024-06-28 10:39:44 +02:00
install.top refactor: initial commit 2023-11-13 14:33:28 +00:00
README.md doc: lint markdown files 2024-07-04 17:27:31 +02:00
version fix: generate RPM Specs for Qubes Builder V2 2024-06-21 17:00:06 +02:00

sys-wireguard

Wireguard VPN in Qubes OS.

Table of Contents

Description

Setup a Wireguard VPN qube named "sys-wireguard" to provide network access to other qubes through the VPN with fail closed mechanism.

Installation

  • Top:
sudo qubesctl top.enable sys-wireguard
sudo qubesctl --targets=tpl-sys-wireguard,sys-wireguard state.apply
sudo qubesctl top.disable sys-wireguard
  • State:
sudo qubesctl state.apply sys-wireguard.create
sudo qubesctl --skip-dom0 --targets=tpl-sys-wireguard state.apply sys-wireguard.install
sudo qubesctl --skip-dom0 --targets=sys-wireguard state.apply sys-wireguard.configure

Usage

Use the VPN qube sys-wireguard to enforce incoming and outgoing connections from clients connected to the VPN with a fail safe mechanism.

To start using the VPN:

  1. Copy the Wireguard configuration you downloaded to sys-wireguard and place it in /home/user/wireguard.conf.
  2. Run from Dom0 to apply Qubes Firewall rules: qvm-wireguard

Credits