mirror of
https://github.com/ben-grande/qusal.git
synced 2024-10-01 02:35:49 -04:00
bdd4c789c1
Echo can interpret operand as an option and checking every variable to be echoed is troublesome while with printf, if the format specifier is present before the operand, printing as string can be enforced. |
||
|---|---|---|
| .. | ||
| files | ||
| clone.sls | ||
| clone.top | ||
| configure.sls | ||
| configure.top | ||
| create.sls | ||
| create.top | ||
| init.top | ||
| install.sls | ||
| install.top | ||
| README.md | ||
| version | ||
sys-wireguard
Wireguard VPN in Qubes OS.
Table of Contents
Description
Setup a Wireguard VPN qube named "sys-wireguard" to provide network access to other qubes through the VPN with fail closed mechanism.
Installation
- Top:
sudo qubesctl top.enable sys-wireguard
sudo qubesctl --targets=tpl-sys-wireguard,sys-wireguard state.apply
sudo qubesctl top.disable sys-wireguard
- State:
sudo qubesctl state.apply sys-wireguard.create
sudo qubesctl --skip-dom0 --targets=tpl-sys-wireguard state.apply sys-wireguard.install
sudo qubesctl --skip-dom0 --targets=sys-wireguard state.apply sys-wireguard.configure
Usage
Use the VPN qube sys-wireguard to enforce incoming and outgoing connections
from clients connected to the VPN with a fail safe mechanism.
To start using the VPN:
- Copy the Wireguard configuration you downloaded to
sys-wireguardand place it in/home/user/wireguard.conf. - Run from Dom0 to apply Qubes Firewall rules:
qvm-wireguard