Skip to content

Configure a client VPN connection and upload to their Lokal install bundle

Jump to bottom
Dean Kayton edited this page Jan 26, 2022 · 7 revisions

On sysadmin machine:

  1. Prepare a client config of similar format (save as wg0-client.conf in a directory of your choosing):
[Interface]
PrivateKey = <*1>
Address = <*3>/32

[Peer]
PublicKey = <*2.2>
AllowedIPs = 10.179.0.0/16
Endpoint = <IP-of-WG-server>:51820
PersistentKeepalive = 25
  1. ssh root@<IP-of-WG-server>

On server:

  1. nano /etc/wireguard/wg0.conf
  2. Prepare, append and save a text snippet of the following format (you will need to run commands on sysadmin machine in a seperate terminal window/tab):
[Peer]
# Description as comment here
PublicKey = <*2.1>
AllowedIPs = <*3>/32
  1. systemctl restart wg-quick@wg0

On sysadmin machine:

  1. Browse to nextcloud 'lokal' account
  2. upload client config to path 'client-bundles'
  3. Share file with desired client
  4. Ask them to install lokal using the credentials provided as before

*1 On sysadmin machine, run wg genkey and paste output

*2.1 On sysadmin machine, run echo <private-key-client-interface> | wg pubkey

*2.2 On sysadmin machine, run echo <private-key-server-interface> | wg pubkey

*3 Decide on an IP that is not already used in server config, and is part of 10.179.0.0/16 range

Clone this wiki locally