61 lines
1.8 KiB
Markdown
61 lines
1.8 KiB
Markdown
# hvpn-node3
|
|
|
|
## Build
|
|
```bash
|
|
cd cmd/hvpn-node && go build .
|
|
```
|
|
|
|
## Run
|
|
With root (no recommended!)
|
|
```bash
|
|
sudo ./hvpn-node
|
|
```
|
|
Without root; using libcap
|
|
```bash
|
|
set_cap.sh && ./hvpn-node
|
|
```
|
|
The program creates a keys for the wireguad interface if non are given.
|
|
The device name is `hvpn0`.
|
|
|
|
## Add a peer
|
|
```bash
|
|
curl -X POST \
|
|
-d '{"public_key": "TxPfKra6/BQ2tkVXHM/PjeJgzX7j0I07acOn+2re/yI="}' \
|
|
localhost:8080/peer
|
|
```
|
|
Response body
|
|
```json
|
|
{
|
|
"mtu": 1380,
|
|
"public_key": "TxPfKra6/BQ2tkVXHM/PjeJgzX7j0I07acOn+2re/yI=",
|
|
"public_key_url_safe": "TxPfKra6%2FBQ2tkVXHM%2FPjeJgzX7j0I07acOn%2B2re%2FyI%3D",
|
|
"endpoint": "",
|
|
"allowed_ips": "10.42.0.1",
|
|
"presistent_keepalive": 25000000000,
|
|
"TX": 0,
|
|
"RX": 0
|
|
}
|
|
```
|
|
|
|
## CLI options
|
|
```
|
|
GLOBAL OPTIONS:
|
|
--log-level value (default: "INFO") [$LOG_LEVEL]
|
|
--private-key value Path to file with private key
|
|
--cidr value, -n value The network subnet used for the internal IP Pool (default: "10.42.0.0/16")
|
|
--interface value, -i value Name of the Wireguard interface to be created and managed (default: "hvpn0")
|
|
--endpoint value Wireguard endpoint domain or address without the port (default: "domain.name.notset")
|
|
--port value, -p value UDP Port for wireguard device (default: 6416)
|
|
--host value IP address to listen on for HTTP API requests (default: "0.0.0.0")
|
|
--http-port value TCP Port for HTTP API (default: 8080)
|
|
--help, -h show help
|
|
|
|
TLS:
|
|
|
|
--cert value Server x509 certificate file
|
|
--cert-private-key value Server x509 certificate private key file
|
|
--client-certs value, --ca value Clients x509 file with single or many certificates
|
|
--enable-tls, --tls (default: false)
|
|
|
|
```
|