Open pompushko opened 5 months ago
Hi! WireRest has been tested on configurations with over 10,000 peers, 30 is a breeze :)
There is no flag to disable PSK generation, but you can simply send an empty value as in the example below. PSK will not be generated
{
"publicKey": "PUBKEY",
"presharedKey": "",
"privateKey": "PRIVATE_KEY",
//other data
}
WireRest does not have the feature of listening to a specific IP address. You can instead specify a subnet by passing --server.address=192.168.1.100
in the run arguments. Replace 192.168.1.100
with the IP address available on your server. Alternatively, you can configure some kind of firewall (such as UFW) to configure access rules.
Well. Yes. I tried to play and yes. I have to send only to auto generate peer data.
{
"presharedKey": ""
}
But this is super weird :D Why not only make a get request and thats all. Without any data except token?
Thank you for server IP setting :)
Okay. Here is mine 2 coins about backup after any changes in wg0.conf:
pupa@vpn-1:~$ cat /etc/systemd/system/wireguard-backup.path
[Unit]
Description=Watch for changes in config of WireGuard VPN
[Path]
Unit=wireguard-backup.service
PathChanged=/etc/wireguard/wg0.conf
[Install]
WantedBy=multi-user.target
Use any cloud or storage for backups. I use GCP
pupa@vpn-1:~$ cat /etc/systemd/system/wireguard-backup.service
[Unit]
Description=Upload backup for config file of WireGuard VPN
After=network.target
[Service]
Type=oneshot
ExecStartPre=/usr/bin/sleep 10
ExecStart=/usr/bin/bash -c "/usr/bin/gcloud storage cp /etc/wireguard/wg0.conf gs://my-vpn/$(date +"%%Y%%m%%d%%H%%M%%S")_wg0.conf"
[Install]
WantedBy=multi-user.target
sudo systemctl enable wireguard-backup.{path,service}
sudo systemctl start wireguard-backup.{path,service}
Hello
I have a big wg0.conf file with 30+ peers.
Is there any good way to use WireRest with current configuration and dont broke anything? Also, I dont use pre-shared key. How to disable it via any flag or variable? Is there any variable to listen only specific IP?
Thank you.