New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Comments
No
Just a heads up, but if your wireguard server broke this week, there's a fix that'll take a few days to make it out, but you can install the hwe kernel as a quick solution if you can't wait.
https://www.reddit.com/r/WireGuard/comments/h0tkzt/up_to_date_ubuntu_18044_cannot_compile_wireguard/?utm_source=amp&utm_medium=&utm_content=post_body
Yep. I just upgraded local machine to 18.04 hwe.
I think I'll directly move some servers over to 5.4+ based LTS distros rather than risk tunnel breakage from a bad ppa build.
Thank you @Nyr! This is very easy to use.
Can you add AdGuard "Family protection" DNS servers to the list, please? (of course I can change those by myself, but it would be nice to have)
Unlikely, because it's not a very popular choice.
I'll consider a "custom DNS server" option instead.
Why not change custom DNS from config file yourself? It takes you 10 secs only.
@Nyr Nice to see you back! I love the script!
I installed Wireguard on my Phoenix VPS. I use Adguard DNS servers. I don't understand why dnsleaktest shows my dns is 149.28.95.9 when using Wireguard for Android app on my phone. It's 149.28.95.9.vultr.com. Choopa, LLC. AdGuard's DNS servers are 176.103.130.132, 176.103.130.134 or 176.103.130.130, 176.103.130.131.
149.28.95.9 isn't my phone's normal DNS either.
VPS's /etc/network/interfaces have 8.8.8.8 and 8.8.4.4 as a DNS servers. What is 149.28.95.9?
It’s adguard ip, they’re with vultr (in asia?)
Thanks. How did you find out or already knew it's adguard ip? Everything I found was it's Choopa's ip and located in the USA.
You use Adguard DNS, so it's Adguard server IP.
Just to clarify, AdGuard uses Vultr (Choopa) for their infrastructure. It's fine, don't worry about it
how to create .conf file
Maybe take a look at Mailcow Dockerized too.
Manual configuration for 1 hour wasted until I found this.
Does this also allow alternate IP assignment on a dual stack instance...?
Thx
It does provide IPv6 and IPv4 simultaneously, if that's what you mean.
Many thanks @Nyr , also for making this available...!
What I meant was,can I assign one device a v4 only and another device on the same home network with a v6 only...?
Yes, you can modify that in the client configuration.
@Nyr thanks for this, just saw it.
Can this run simultaneously on the same CentOS 8 server running DirectAdmin without any conflict? @DA_Mark @smtalk
Will DirectAdmin updates break the script or vice-versa?
Thanks!
Yeah, you can do it. No conflict at all.
Thanks again @Nyr. I take it that there's no conflict with any of the major control panels on CentOS 7/8? Currently I'm using the following 3 on numerous servers; cPanel, DirectAdmin and ApisCP.
No conflict at all.
I have try cloudron with the wireguard script, so wireguard not working.
Is it conflict with cloudron?
Thanks.
Nice one. I am thinking about a Wireguard API which will accept clients public key and give a config file in response. Client will only need to add his private key in the config.
You are thinking for commercial one, you could hire a programmer for it.
Probably. I don't need one, I will start as soon as my current project is over.
Many thanks for saving our lives, Nyr!!! I've been using Nyr tools since openvpn release.
I also install wireguard using this on my Raspberry Pi with raspberrypi-kernel-headers. It works like a charm.
Thank for your work @Nyr
I'm not an user, yet.
But after some quick code review I don't like that if there is no
wg0.conf
exists, then the script begin wireguard installation. Sure, I want it to install all configs for me, but I like to install everything byapt-get
by myself. I'm about the part where it is requestread -n1 -r -p "Press any key to continue..."
. Why not give user some more information and opportunity to refuse shadowapt-get
iterations with-y
flag.Why I'm not happy about that? I'm new wireguard user. As I see it add
debian-backports
, but installwireguard
package (notwireguard-tools
) and not from added backports. Need to use-t debian-backports
flag as I know. The result will work, but not as module if I'm not miss something. So I want more control over thisapt-get
iterations. it will be beautiful to add opportunity to skip this step with some nice warning what user need to install if he want manually. and then continue only with configs/iptables rules.My 5 cents.
p.s. and missed opportunity to choose tcp, instead of udp
Anyway, than you very much. You made a good amount of job!
Noticed a very interesting glitch. It works with ipad but I tried to set up a second client on Ubuntu and it does not work. Seems like it connects to the server (however, I do not see a handshake after sudo wg command) but there is no internet. Nothing pings. Any thoughts on this?