raspberry_wireguard
This is an old revision of the document!
Table of Contents
Raspberry Pi 4 as Wireguard VPN server
Introduction
This howto describes how to install a Wireguard VPN server using minimal installation. Everything is done as the root user in this howto.
Installation
Raspberry OS Lite
Download Raspberry OS Lite 64bit at: https://www.raspberrypi.com/software/operating-systems/ Use Etcher or whatever to install the downloaded zip on a SD card.
Initial settings to enable remote configuration
Use raspi-config to set network and change password of the pi user and change the hostname:
raspi-config
systemctl enable ssh.service systemctl start ssh.service
Setting fixed IP on interface
- /etc/dhcpcd.conf
. . . interface eth0 static ip_address=172.16.2.1/24 static routers=172.16.2.254 static domain_name_servers=172.16.1.50 208.67.222.222
Use SSH keys to login
ssh-keygen
- ~/.ssh/authorized_keys
ssh-rsa ... ssh-rsa ... ssh-rsa ...
Making the system as read-only as-possible
apt update apt upgrade -y apt remove -y --purge triggerhappy logrotate dphys-swapfile dc nano apt autoremove --purge -y
Edit the following file and add “fastboot noswap ro” to the end of the line so it looks something like this:
- /boot/cmdline.txt
console=serial0,115200 console=tty1 root=PARTUUID=6c586e13-02 rootfstype=ext4 elevator=deadline fsck.repair=yes rootwait fastboot noswap ro
apt install -y busybox-syslogd apt remove -y --purge rsyslog
Bashrc aliases
Add the following at the end of the following file:
- /etc/bash.bashrc
alias temp='/usr/bin/vcgencmd measure_temp'
Wireguard
Packages
<code> apt install -y wireguard
raspberry_wireguard.1645123392.txt.gz · Last modified: by herwarth
