Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details

All Projects → mawalu → Wireguard Private Networking

mawalu / Wireguard Private Networking

Licence: mit

Build your own multi server private network using wireguard and ansible

Labels

html ansible vpn mesh mesh-networks

Projects that are alternatives of or similar to Wireguard Private Networking

edgevpn

⛵ The immutable, decentralized, statically built p2p VPN without any central server and automatic discovery! Create decentralized introspectable tunnels over p2p with shared tokens

Stars: ✭ 223 (+79.84%)

Mutual labels: mesh-networks, vpn, mesh

netmaker

Netmaker makes networks with WireGuard. Netmaker automates fast, secure, and distributed virtual networks.

Stars: ✭ 4,147 (+3244.35%)

Mutual labels: mesh-networks, vpn, mesh

Ergo

a Framework for creating mesh networks using technologies and design patterns of Erlang/OTP in Golang

Stars: ✭ 376 (+203.23%)

Mutual labels: mesh, mesh-networks

Ansible Openwisp2

Ansible role that installs and upgrades OpenWISP.

Stars: ✭ 403 (+225%)

Mutual labels: mesh, mesh-networks

Kt Connect

Manage and Integration with your Kubernetes dev environment more efficient.

Stars: ✭ 499 (+302.42%)

Mutual labels: mesh, vpn

yggmail

End-to-end encrypted email for the mesh networking age

Stars: ✭ 72 (-41.94%)

Mutual labels: mesh-networks, mesh

tinc-boot

Bootstrap your Tinc node quickly and easy

Stars: ✭ 128 (+3.23%)

Mutual labels: mesh-networks, vpn

Wesher

wireguard overlay mesh network manager

Stars: ✭ 461 (+271.77%)

Mutual labels: vpn, mesh-networks

vyatta-cjdns

A cjdns package for Ubiquiti EdgeOS and VyOS, allowing cjdns to be used on EdgeRouters

Stars: ✭ 39 (-68.55%)

Mutual labels: mesh-networks, mesh

Yggdrasil Go

An experiment in scalable routing as an encrypted IPv6 overlay network

Stars: ✭ 1,007 (+712.1%)

Mutual labels: mesh, mesh-networks

Streisand

Streisand sets up a new server running your choice of WireGuard, OpenConnect, OpenSSH, OpenVPN, Shadowsocks, sslh, Stunnel, or a Tor bridge. It also generates custom instructions for all of these services. At the end of the run you are given an HTML file with instructions that can be shared with friends, family members, and fellow activists.

Stars: ✭ 22,605 (+18129.84%)

Mutual labels: ansible, vpn

Vpn At Home

1-click, self-hosted deployment of OpenVPN with DNS ad blocking sinkhole

Stars: ✭ 1,106 (+791.94%)

Mutual labels: ansible, vpn

ipvpn

[WIP] Easy-to-use decentralized secure overlay private network (for any device)

Stars: ✭ 24 (-80.65%)

Mutual labels: vpn, mesh

everip

The Elastic Versatile Encrypted Relay for IP (EVER/IP) Networking Suite

Stars: ✭ 32 (-74.19%)

Mutual labels: mesh-networks, mesh

EtherGuard-VPN

Layer2 version of wireguard with Floyd Warshall implement in go.

Stars: ✭ 38 (-69.35%)

Mutual labels: mesh-networks, vpn

Algo

Set up a personal VPN in the cloud

Stars: ✭ 24,275 (+19476.61%)

Mutual labels: ansible, vpn

MeshNetSimulator

A simulator for sketching mesh network routing strategies

Stars: ✭ 71 (-42.74%)

Mutual labels: mesh-networks, mesh

Wifimeshraspberrypi

Workshop to create a sensor application over a WiFi Mesh network

Stars: ✭ 99 (-20.16%)

Mutual labels: mesh, mesh-networks

Cjdns

An encrypted IPv6 network using public-key cryptography for address allocation and a distributed hash table for routing.

Stars: ✭ 4,766 (+3743.55%)

Mutual labels: mesh, mesh-networks

Spruce Network

Decentralized peer-to-peer mesh network.

Stars: ✭ 61 (-50.81%)

Mutual labels: mesh, mesh-networks

View All Similar Projects ➔

Private server to server network with ansible and wireguard

This role allowes you to deploy a fast, secure and provider agnostic private network between multiple servers. This is usefull for providers that do not provide you with a private network or if you want to connect servers that are spread over multiple regions and providers.

How

The role installs wireguard on Debian or Ubuntu, creates a mesh between all servers by adding them all as peers and configures the wg-quick systemd service.

Installation

Installation can be done using ansible galaxy:

$ ansible-galaxy install mawalu.wireguard_private_networking

Setup

Install this role, assign a vpn_ip variable to every host that should be part of the network and run the role. Plese make sure to allow the VPN port (default is 5888) in your firewall. Here is a small example configuration:

Optionally, you can set a public_addr on each host. This address will be used to connect to the wireguard peer instead of the address in the inventory. Useful if you are configuring over a different network than wireguard is using. e.g. ansible connects over a LAN to your peer.

# inventory host file

wireguard:
  hosts:
    1.1.1.1:
      vpn_ip: 10.1.0.1/32
      public_addr: "example.com" # optional
    2.2.2.2:
      vpn_ip: 10.1.0.2/32

# playbook

- name: Configure wireguard mesh
  hosts: wireguard
  remote_user: root
  roles:
    - mawalu.wireguard_private_networking

# playbook (with client config)
- name: Configure wireguard mesh
  hosts: wireguard
  remote_user: root
  vars:
    client_vpn_ip: 10.1.0.100
    client_wireguard_path: "~/my-client-config.conf"
  roles:
    - mawalu.wireguard_private_networking

Additional configuration

There are a small number of role variables that can be overwritten.

wireguard_port: "5888" # the port to use for server to server connections
wireguard_path: "/etc/wireguard" # location of all wireguard configurations

wireguard_network_name: "private" # the name to use for the config file and wg-quick

wireguard_mtu: 1500 # Optionally a MTU to set in the wg-quick file. Not set by default. Can also be set per host

debian_enable_backports: true # if the debian backports repos should be added on debian machines

# Raspberry Pi Zero support
# Needs kernel headers and manual compilation of wireguard, opt in via flag, install `community.general` collection
# Caution: Might trigger a reboot.
allow_build_from_source: true

wireguard_sources_path: "/var/cache" # Location to clone the WireGuard sources if manual build is required

client_vpn_ip: "" # if set an additional wireguard config file will be generated at the specified path on localhost
client_wireguard_path: "~/wg.conf" # path on localhost to write client config, if client_vpn_ip is set

# a list of additional peers that will be added to each server
wireguard_additional_peers:
  - comment: martin
    ip: 10.2.3.4
    key: your_wireguard_public_key
  - comment: other_network
    ip: 10.32.0.0/16
    key: their_wireguard_public_key
    keepalive: 20 
    endpoint: some.endpoint:2230 

wireguard_post_up: "iptables ..." # PostUp hook command
wireguard_post_down: "iptables"   # PostDown hook command

Testing

This role has a small test setup that is created using molecule. To run the tests follow the molecule install guide, ensure that a docker daemon runs on your machine and execute molecule test.

Contributing

Feel free to open issues or MRs if you find problems or have ideas for improvements. I'm especially open for MRs that add support for additional operating systems and more tests.

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].

Stars: ✭ 124

Visit Git Page 🔗Visit User Page 🔗Visit Issues Page (6) 🔗