Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/infertux/chef-wireguard

Chef cookbook for Wireguard
https://github.com/infertux/chef-wireguard

chef chef-cookbook ruby wireguard

Last synced: 3 days ago
JSON representation

Chef cookbook for Wireguard

Host: GitHub
URL: https://github.com/infertux/chef-wireguard
Owner: infertux
License: other
Created: 2024-06-19T00:40:25.000Z (6 months ago)
Default Branch: master
Last Pushed: 2024-06-19T00:52:45.000Z (6 months ago)
Last Synced: 2024-10-31T21:13:39.410Z (about 2 months ago)
Topics: chef, chef-cookbook, ruby, wireguard
Language: Ruby
Homepage: https://supermarket.chef.io/cookbooks/wireguard
Size: 7.81 KB
Stars: 1
Watchers: 1
Forks: 0
Open Issues: 0
Metadata Files:
- Readme: README.md
- Contributing: CONTRIBUTING.md
- Funding: .github/FUNDING.yml
- License: LICENSE

Awesome Lists containing this project

README

        # Wireguard Chef cookbook

[![Funding](https://img.shields.io/liberapay/patrons/infertux.svg?logo=liberapay)](https://liberapay.com/infertux/donate)

[![Cookbook](https://img.shields.io/cookbook/v/wireguard.svg)](https://supermarket.getchef.com/cookbooks/wireguard)

[![Build Status](https://github.com/infertux/chef-wireguard/actions/workflows/test.yml/badge.svg)](https://github.com/infertux/chef-wireguard/actions)

## Example usage

Let's assume a server listening on a static public address [2001:1:2:3::cafe] on UDP port 51820

and with a Wireguard private address [fc00::42:1].

Let's assume a client assigned with a dynamic public IP address

and with a Wireguard private address [fc00::42:2].

### Server

Add `wireguard::server` to the run list with the following attributes:

```ruby

default['wireguard']['server'] = {

  address: %w(fc00::42:1/112),

  port: 51820,

  public_key: 'SERVER_PUB_KEY',

  private_key: 'SERVER_PRIV_KEY',

  peers: { 'fc00::42:2/128': 'CLIENT_PUB_KEY' },

}

```

### Client

Add `wireguard::client` to the run list with the following attributes:

```ruby

default['wireguard']['client'] = {

  public_key: 'CLIENT_PUB_KEY',

  private_key: 'CLIENT_PRIV_KEY',

  endpoint: '[2001:1:2:3::cafe]:51820',

  address: %w(fc00::42:2/128),

}

default['wireguard']['server'] = {

  address: %w(fc00::42:1/128),

  public_key: 'SERVER_PUB_KEY',

}

```

Once server and client are both converged, you can inspect the Wireguard connection with the `wg` command and ping machines using the [fc00::42:x] addresses.

Bandwidth test using `socat`:

  - server: `dd if=/dev/zero bs=1M count=100 | socat - tcp6-listen:1234,reuseport`

  - client: `socat - tcp6:[fc00::42:1]:1234`

## License

AGPLv3+