Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://gitlab.com/e5716/sinergia-vpn
My personal Wireguard VPN automated to run on the cloud
https://gitlab.com/e5716/sinergia-vpn
vpn wireguard
Last synced: 22 days ago
JSON representation
My personal Wireguard VPN automated to run on the cloud
- Host: gitlab.com
- URL: https://gitlab.com/e5716/sinergia-vpn
- Owner: e5716
- License: mit
- Created: 2020-06-10T04:02:28.777Z (over 4 years ago)
- Default Branch: master
- Last Synced: 2024-07-30T21:00:29.271Z (4 months ago)
- Topics: vpn, wireguard
- Stars: 0
- Forks: 0
- Open Issues:
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
README
# Sinergia VPN
My personal VPN running on a cloud instance, focused on privacy. Based on Wireguard, Unbound and [StevenBlack hosts](https://github.com/StevenBlack/hosts).
[[_TOC_]]
## Getting started
This script needs Terraform and Ansible installed on your computer. Also you need a DigitalOcean account to deploy your VPN server there.
Please generate a DigitalOcean Personal Access Token and associate a SSH key to your account.
**If you need free credits, [use my DO referral link to get $100 USD](https://m.do.co/c/397805aa0e0e)**.
### Deploy
The deployment of the VPN server is pretty easy, just run `./run-vpn.sh create `. Don't forget to backup the `./wg-outputs/` folder once finished, as this is the location where your generated keys are available to connect the VPN.
You can destroy your instance anytime, running `./run-vpn.sh destroy `.
Please take in account each time you run a new VPN creation, new keys are generated. So you will need to delete the `./wg-outputs/` directory before running a new VPN deploy.
#### Examples
Please take a look to the [**Examples** section of LOS-Infra](https://gitlab.com/fremontt/minimal-docker-for-lineageos/infra#examples); the execution is exactly the same.
### Connecting to the VPN
By default, this tool will generate 3 configuration files for your devices, in the directory `./wg-outputs/client_.conf`
> (Optional) You can change the value of the variable `HOSTS_TO_CREATE` in `./run-vpn.sh` if you want a different number of device config files to be generated.
#### On Linux
I suggest use NetworkManager, as it has native support for Wireguard.
Assuming this is your `./wg-outputs/client_1.conf`
```
[Interface]
Address = 192.168.69.1/24
PrivateKey = 0000000000000000000000000=
DNS = 192.168.69.254
[Peer]
PublicKey = 111111111111111111111111111111111111111=
PresharedKey = 2222222222222222222222222222222222222=
AllowedIPs = 0.0.0.0/0, ::/0
Endpoint = 100.101.102.103:47469
PersistentKeepalive = 60
```
1. On NetworkManager, add a new connection of type **VPN > Wireguard**.
2. Assign a name (no spaces, no symbols, just alphanumeric and less than 15 characters).
3. Under **Wireguard Interface** tab, fill the *Private key* and check the *Autoroute peers* fields.
4. Add a new peer using the button **Peers**.
5. Fill the *Public key*, *Allowed IPs*, *Endpoint address*, *Endpoint port*, *Preshared key* and *Persistent keepalive* fields.
6. Under **IPv4 tab** tab, choose the *Method: Manual*, fill the *DNS Server* with the `DNS` config value and add a new IP using the value in `Address` config (no need to put the `/24`); NetworkManager should fill automatically the *Netmask*.
7. Under **IPv4 tab** tab, choose the *Method: Ignored*.
8. Save your changes and connect to your VPN.
#### On Android
1. On your phone device, download [Wireguard app](https://f-droid.org/en/packages/com.wireguard.android/)
2. On your computer, generate a QR code of your client config running `qrencode -t ansiutf8 -r ./wg-outputs/client_.conf`.
3. Open the Wireguard app and add a new tunnel using "Scan from QR code"
## License
This is an open-source project by **@fremontt** under license MIT