Created
November 9, 2024 10:08
-
-
Save kafeg/a524f856d6cba0337d0836f3bd6bfb78 to your computer and use it in GitHub Desktop.
Proxmox VE 8.2 host + AmneziaWG
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # The problem: by default not available kernel sources for compile AmneziaWG kernel module. | |
| # So the amnezia instalation is broken by default because of DKMS module can not be built/configured. | |
| # Usually this is not needed on the host, but my use case is WG installation as client | |
| # Prepare for installation as written here (https://github.com/amnezia-vpn/amneziawg-linux-kernel-module): | |
| apt-get install pve-headers | |
| apt install -y software-properties-common python3-launchpadlib gnupg2 linux-headers-$(uname -r) | |
| apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 57290828 | |
| echo "deb https://ppa.launchpadcontent.net/amnezia/ppa/ubuntu focal main" | sudo tee -a /etc/apt/sources.list | |
| echo "deb-src https://ppa.launchpadcontent.net/amnezia/ppa/ubuntu focal main" | sudo tee -a /etc/apt/sources.list | |
| apt-get update | |
| apt-get install -y amneziawg | |
| # After steps above, AmneziaWG will be installed but you will se the error messages about build errors for amneziawg-dkms package. | |
| # So we need to download Proxmox VE kernel manually and use it for reconfigure | |
| cd /root | |
| git clone https://git.proxmox.com/git/pve-kernel.git | |
| cd pve-kernel | |
| git submodule udpate --init | |
| git checkout bookworm-6.8 # this is kernel of the Proxmox VE 8.2 | |
| git submodule udpate | |
| # Let's start reconfigure DKMS module | |
| cd /usr/src/amneziawg-1.0.0 | |
| ln -s /root/pve-kernel/submodules/ubuntu-kernel kernel | |
| dpkg --configure amneziawg-dkms | |
| # Now must be no errors above. | |
| # Add your config to the /etc/amnezia/amneziawg/wg0.conf | |
| # NOTE. I added there my client config with AllowedIPs = 10.8.1.0/24 to access host but without additional routing | |
| # For e.g. my full client config: | |
| # [Interface] | |
| # Address = 10.8.1.50/32 | |
| # #DNS = 1.1.1.1, 1.0.0.1 | |
| # PrivateKey = ... | |
| # Jc = 3 | |
| # Jmin = 15 | |
| # Jmax = 45 | |
| # S1 = 10 | |
| # S2 = 60 | |
| # H1 = 235654565 | |
| # H2 = 865468475 | |
| # H3 = 3956328564 | |
| # H4 = 3645420394 | |
| # [Peer] | |
| # PublicKey = ... | |
| # PresharedKey = ... | |
| # AllowedIPs = 10.8.1.0/24 | |
| # Endpoint = <server host>:<server port> | |
| # PersistentKeepalive = 30 | |
| # And in the end start and activate AmneziaWG to be persistent | |
| awg-quick up wg0 # NOTE: if Proxmox host not accessible after this - try to restart your VPN server, it will force re-connect all clients | |
| systemctl enable awg-quick@wg0 | |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment