|
|
||
|---|---|---|
| cmd/hvpn-node | ||
| init | ||
| proto | ||
| .gitignore | ||
| go.mod | ||
| go.sum | ||
| handlers.go | ||
| ip_pool_test.go | ||
| ip_pool.go | ||
| LICENSE | ||
| link.go | ||
| node.go | ||
| README.md | ||
hvpn-node3
Build
cd cmd/hvpn-node && go build .
Run
With root (no recommended!)
sudo ./hvpn-node
Without root; using libcap
set_cap.sh && ./hvpn-node
The program creates a keys for the wireguad interface if non are given.
The device name is hvpn0.
Add a peer
curl -X POST \
-d '{"public_key": "TxPfKra6/BQ2tkVXHM/PjeJgzX7j0I07acOn+2re/yI="}' \
localhost:8080/peer
Response body
{
"mtu": 1380,
"public_key": "TxPfKra6/BQ2tkVXHM/PjeJgzX7j0I07acOn+2re/yI=",
"public_key_url_safe": "TxPfKra6%2FBQ2tkVXHM%2FPjeJgzX7j0I07acOn%2B2re%2FyI%3D",
"endpoint": "",
"allowed_ips": "10.42.0.1",
"presistent_keepalive": 25000000000,
"TX": 0,
"RX": 0
}
CLI options
GLOBAL OPTIONS:
--log-level value (default: "INFO") [$LOG_LEVEL]
--private-key value Path to file with private key
--cidr value, -n value The network subnet used for the internal IP Pool (default: "10.42.0.0/16")
--interface value, -i value Name of the Wireguard interface to be created and managed (default: "hvpn0")
--endpoint value Wireguard endpoint domain or address without the port (default: "domain.name.notset")
--port value, -p value UDP Port for wireguard device (default: 6416)
--host value IP address to listen on for HTTP API requests (default: "0.0.0.0")
--http-port value TCP Port for HTTP API (default: 8080)
--help, -h show help
TLS:
--cert value Server x509 certificate file
--cert-private-key value Server x509 certificate private key file
--client-certs value, --ca value Clients x509 file with single or many certificates
--enable-tls, --tls (default: false)