From aa21318384d4f765a14abf62f23caed076987993 Mon Sep 17 00:00:00 2001 From: Simon Garrelou Date: Thu, 25 May 2023 13:36:31 +0200 Subject: Add section about Wireguard configuration to README --- README.md | 19 +++++++++++++++++-- 1 file changed, 17 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index ca7e944..85affbc 100644 --- a/README.md +++ b/README.md @@ -1,6 +1,6 @@ -# Wireguard configuration manager +# Wireguard server manager -`wgmgr` is a command-line configuration manager for the [Wireguard](https://wireguard.org) VPN solution. It expects a traditional client-server relationship, and cannot be used to handle meshed networks. +`wgmgr` is a command-line manager for the server part of the [Wireguard](https://wireguard.org) VPN solution. It expects a traditional client-server relationship, and cannot be used to handle meshed networks. It handles client creation and removal, and will auto-generate the corresponding private and public keys. It can also generate the configuration file for each client. @@ -53,6 +53,21 @@ Options: -V, --version Print version ``` +## Wireguard configuration file + +This software will parse and edit the Wireguard configuration file specified in `/etc/wgmgr.conf`. While several protections are in place, be advised that this software *might* permanently destroy your Wireguard configuration. Always have backups! + +Each new client is added to the configuration file with a `[Peer]` stanza like the following: + +``` +# The Peer Name +[Peer] +AllowedIPs = 10.8.0.2/32 +PublicKey = GSiujJjngvyLTR0/93l/EUGIs7ohDpKDhoa0WrEXJnA= +``` + +The corresponding private key will be stored in `/etc/wireguard/private_keys/The Peer Name`. Permissions should automatically be set to `rw-------` (600), preventing anyone but root from reading it. + ## Reporting bugs Please report any bugs you find to [bugs+wgmgr@sixfoisneuf.fr](mailto:bugs+wgmgr@sixfoisneuf.fr). Contributions are welcomed, as long as they follow the [git send-email](https://git-send-email.io) format. -- cgit v1.2.3