work

.obsidian/workspace.json

@@ -13,7 +13,7 @@
             "state": {
               "type": "markdown",
               "state": {
-                "file": "Счета.md",
+                "file": "TODO.md",
                 "mode": "source",
                 "source": false
               }
@@ -69,7 +69,7 @@
       }
     ],
     "direction": "horizontal",
-    "width": 300.5
+    "width": 210.5
   },
   "right": {
     "id": "22baf11b84f2becb",
@@ -85,7 +85,7 @@
             "state": {
               "type": "backlink",
               "state": {
-                "file": "Счета.md",
+                "file": "TODO.md",
                 "collapseAll": false,
                 "extraContext": false,
                 "sortOrder": "alphabetical",
@@ -126,27 +126,29 @@
   },
   "active": "b1883a85b706d1f6",
   "lastOpenFiles": [
+    "linux/server.md",
+    "keys/wg.conf",
+    "keys/Новый текстовый документ.txt",
+    "linux/Tmux.md",
+    "hardcore web development/4. Linux.md",
+    "linux/linux common.md",
+    "Счета.md",
     "TODO.md",
     "Тренировки и занятия.md",
     "ROTEK/RT-701/common.md",
     "hardcore web development/10. frontend.md",
-    "linux/server.md",
     "keys/dmt_server.pub",
     "keys/dmt_server",
     "keys",
-    "hardcore web development/4. Linux.md",
-    "linux/linux common.md",
     "FlyElectronics/Drone.md",
     "hardcore web development/5-6-7 Internet.md",
     "hardcore web development/9. Сессии, cookies, безопасность.md",
     "linux/Raspberry Pi 3 Model B v1.2.md",
-    "Счета.md",
     "img/Pasted image 20240518111756.png",
     "linux/GS server.md",
     "linux/bash.md",
     "Кодинг.md",
     "Разное.md",
-    "linux/Tmux.md",
     "proGit.md",
     "hardcore web development/SSH how to.md",
     "linux/vim.md",
@@ -165,8 +167,6 @@
     "img/Pasted image 20240415122028.png",
     "Linux",
     "hardcore web development",
-    "Database.kdbx.WBWzRR",
-    "Golang",
     "img/sch04.JPG"
   ]
 }

keys/wg.conf

@@ -0,0 +1,10 @@
+[Interface]
+PrivateKey = 8GmKTYViROxVR/hnOBIn0ONQ1wPUYxzqmpbMRObDgXY=
+Address = 10.0.0.2/32
+DNS = 8.8.8.8
+
+[Peer]
+PublicKey = OAyEBLq2HWmYgtVjUS/DDkzsimy2OmJxkWc8e04FTkA=
+Endpoint = 94.232.244.161:51840
+AllowedIPs = 0.0.0.0/0
+PersistentKeepalive = 20

linux/server.md

@@ -107,6 +107,52 @@ $ useradd -m dmt -G sudo -s /bin/bash # создать нового пользо
 ```bash
 $ sudo apt install git ufw nmap ten-tools curl
 ```
+<h6>VPN wireguard</h6>
+```bash
+$ sudo apt install -y wireguard
+$ cd /etc/wireguard
+$ wg genkey | tee /etc/wireguard/privatkey | wg pubkey | tee /etc/wireguard/pubkey # создать ключи
+```
+Создать в `/etc/wireguard` файл `wg0.conf`:
+```bash
+[Interface]  
+PrivateKey = <privatekey>  
+Address = 10.0.0.1/24  
+ListenPort = 51830  
+PostUp = iptables -A FORWARD -i %i -j ACCEPT; iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE  
+PostDown = iptables -D FORWARD -i %i -j ACCEPT; iptables -t nat -D POSTROUTING -o eth0 -j MASQUERADE
+```
+Отредактировать файл wg0.conf
+- В поле `PriveteKey` вставить содержимое файла /etc/wireguard/privatkey
+- Заменить дефолтный порт
+Настроийка:
+```bash
+$ echo "net.ipv4.ip_forward=1" >> /etc/sysctl.conf # ip-форвардинг
+$ sysctl -p # проверить
+$ systemctl enable wg-quick@wg0.service # настроить запуск
+; systemctl start wg-quick@wg0.service # запуск
+```
+Настройка клиента:
+```bash
+$ wg genkey | tee /etc/wireguard/<privatekey_name> | wg pubkey | tee /etc/wireguard/<publickey_name>
+```
+Далее нужно добавить публичный ключ пользователя в wg0.conf
+```bash
+$ systemctl restart wg-quick@wg0.service # перезапустить wireguard
+```
+На стороне клиента создать конфиг:
+```bash
+[Interface]
+PrivateKey = <user privatekey>
+Address = 10.0.0.2/32 # IP-адрес клиента из конфига /etc/wireguard/gw0.conf
+DNS = 8.8.8.8
+
+[Peer]
+PublicKey = <server pubkey>
+Endpoint = <server IP>:<VPN port>
+AllowedIPs = 0.0.0.0/0
+PersistentKeepalive = 20
+```
 
 <h6>Оплата</h6>
 - [x] 20.05.24