Differences

This shows you the differences between two versions of the page.

--- raspberry_wireguard [2022/02/17 18:53] – herwarth
+++ raspberry_wireguard [2022/02/17 19:07] (current) – herwarth
@@ Line 53: / Line 53: @@
 <code - /etc/bash.bashrc>
 alias temp='/usr/bin/vcgencmd measure_temp'
+</code>
+====Unattended upgrades====
+I do not want to update manually.
+<code>
+apt install -y unattended-upgrades apt-listchanges
+</code>
+<code>
+cp /etc/apt/apt.conf.d/50unattended-upgrades /etc/apt/apt.conf.d/52unattended-upgrades
+</code>
+<code - /etc/apt/apt.conf.d/52unattended-upgrades>
+.
+.
+Unattended-Upgrade::Origins-Pattern {
+        // Codename based matching:
+        // This will follow the migration of a release through different
+        // archives (e.g. from testing to stable and later oldstable).
+        // Software will be the latest available for the named release,
+        // but the Debian release itself will not be automatically upgraded.
+        "${distro_id}:${distro_codename}";
+        // Archive or Suite based matching:
+        // Note that this will silently match a different release after
+        // migration to the specified archive (e.g. testing becomes the
+        // new stable).
+//      "o=Debian,a=stable";
+//      "o=Debian,a=stable-updates";
+//      "o=Debian,a=proposed-updates";
+//      "o=Debian Backports,a=${distro_codename}-backports,l=Debian Backports";
+};
+.
+.
+.
+// Remove unused automatically installed kernel-related packages
+// (kernel images, kernel headers and kernel version locked tools).
+Unattended-Upgrade::Remove-Unused-Kernel-Packages "true";
+// Do automatic removal of newly unused dependencies after the upgrade
+Unattended-Upgrade::Remove-New-Unused-Dependencies "true";
+// Do automatic removal of unused packages after the upgrade
+// (equivalent to apt-get autoremove)
+Unattended-Upgrade::Remove-Unused-Dependencies "true";
+// Automatically reboot *WITHOUT CONFIRMATION* if
+//  the file /var/run/reboot-required is found after the upgrade
+Unattended-Upgrade::Automatic-Reboot "true";
+// Automatically reboot even if there are users currently logged in
+// when Unattended-Upgrade::Automatic-Reboot is set to true
+Unattended-Upgrade::Automatic-Reboot-WithUsers "true";
+// If automatic reboot is enabled and needed, reboot at the specific
+// time instead of immediately
+//  Default: "now"
+Unattended-Upgrade::Automatic-Reboot-Time "02:00";
+.
+.
+</code>
+Test
+<code>
+unattended-upgrades -d
+</code>
+This should not give any error
+<code>
+dpkg-reconfigure -plow unattended-upgrades
 </code>
 ===== Wireguard =====
 ==== Packages ====
 <code>
-apt install -y wireguard
+apt install -y wireguard qrencode
 </code>
 ==== IP forwarding====
@@ Line 115: / Line 180: @@
 </code>
-</code>
+==== Enable masquerading ====
+Raspberry OS has changed to nftables instead of iptabes
+<code - /etc/nftables.conf>
+.
+.
+.
+add table wireguard-nat
+table ip wireguard-nat {
+        chain prerouting {
+                type nat hook prerouting priority -100; policy accept;
+        }
+        chain postrouting {
+                type nat hook postrouting priority 100; policy accept;
+                oifname "eth0" masquerade
+        }
+}
+</code>
+<code>
+systemctl enable --now nftables
+systemctl start nftables
+</code>
+====Done====
+Do a final reboot
+<code>
+shutdown -r now
+</code>
 {{tag>linux}}

User Tools

Site Tools

Differences

Page Tools