Skip to content
This repository has been archived by the owner on Jan 19, 2023. It is now read-only.

Latest commit

 

History

History
34 lines (26 loc) · 1.21 KB

boringtun.md

File metadata and controls

34 lines (26 loc) · 1.21 KB

container-boringtun

This service provides WireGuard interfaces with cloudflare/boringtun.

To start this service, you need to create its config directory at /mnt/data/etc/wireguard. A template config will be created if config file for an interface is not found.

  • Add New Firewall Rule
    • Type: Internet In
    • Rule Applied: After
    • Action: Accept
    • IPv4 Protocol: UDP
    • Destination
      • Destination Type: Address/Port Group
      • IPv4 Address Group: Any
      • Port Group: 51820
# unifi-systemd shell

bash-5.0# mkdir -p /mnt/data/etc/wireguard

bash-5.0# systemctl enable --now container-boringtun@wg0.service
Created symlink /etc/systemd/system/multi-user.target.wants/container-boringtun@wg0.service → /etc/systemd/system/container-boringtun@.service.

bash-5.0# podman ps
CONTAINER ID  IMAGE                    COMMAND  CREATED        STATUS            PORTS                     NAMES
cfe45bc18948  ghcr.io/ntkme/boringtun           5 seconds ago  Up 4 seconds ago  0.0.0.0:51820->51820/udp  boringtun-wg0

bash-5.0# podman exec boringtun-wg0 wg
interface: wg0
  public key: h1wFkpDYYYRAnLOW+At5+lGMY5FpUcxsK3X3qSimTkQ=
  private key: (hidden)
  listening port: 51820