wireguard access server with suricata

wg-access-server w/ suricata

description

based on https://github.com/freifunkmuc/wg-access-server/pkgs/container/wg-access-server + suricata dcron logrotate

build the image

grab those

cd ~/images/wg-access-server/
time docker build -t pbraun9/wg-access-server:v0.11.0 ./
# 1m5.587s on vmetrics
# 1m7,176s on bravo17
# 0m43.099s on powerslack
# 0m38.815s on minikube (v0.11.0)

ready to go

all the same as wg-access-server but the image name

docker rm -f wg-access-server
docker run -d --name wg-access-server \
  --cap-add NET_ADMIN --device /dev/net/tun:/dev/net/tun \
  -v /data/wg-access-server-data:/data \
  -e "WG_VPN_CIDRV6=0" \
  -e "WG_CONFIG=/data/config.yaml" \
  -p 127.0.0.1:8000:8000 \
  -p 0.0.0.0:51820:51820/udp \
  pbraun9/wg-access-server:v0.11.0

docker logs wg-access-server
docker exec -ti wg-access-server bash

ps

troubleshooting

ifconfig: wg0: error fetching interface information: Device not found

==> serve wg-access-server BEFORE starting suricata

setpgid: Operation not permitted

==> cannot use exec (https://github.com/dubiousjim/dcron/issues/13)

resources

https://github.com/freifunkMUC/wg-access-server/tree/master

troubles

https://stackoverflow.com/questions/68177789/setpgid-operation-not-permitted-on-docker


HOME | GUIDES | LECTURES | LAB | SMTP HEALTH | HTML5 | CONTACT
Copyright © 2024 Pierre-Philipp Braun