elreydetoda/cmdz.sh

## cmdz.sh
# if you a vanilla install
wget 'https://gist.githubusercontent.com/elreydetoda/bac472aef59fc8d47145c4f25330187b/raw/Vagrantfile'

# if you want my personal config
wget -O Vagrantfile 'https://gist.githubusercontent.com/elreydetoda/bac472aef59fc8d47145c4f25330187b/raw/Vagrantfile.elrey'

## my personal config contains the following customizations
# - pki_in_tmpfs: false - changed to not be in tmpfs so you can continue to use wireguard for long periods of time (although, cool feature checkout more here: https://github.com/trailofbits/algo/issues/145)
# - disables ipsec vpn, to only use wireguard
# - sets the wireguard_PersistentKeepalive to 25 to help with NAT Traversal (https://www.wireguard.com/quickstart/#nat-and-firewall-traversal-persistence)
# - change ip address to 100.66.0.0/24 so it doesn't clash with internal ips: https://en.wikipedia.org/wiki/Reserved_IP_addresses
# - enable unattended_reboot (reboot machine if need to install updates: https://github.com/trailofbits/algo/blob/f8ce1f84a2777f18803d62e4324bbf67989a7450/config.cfg#L99-L103)
# - BetweenClients_DROP: false - Allow clients to communicate to each other (to allow you to ssh or rdp to them)

# start the vm and ssh in
vagrant up && vagrant ssh

# set your users under the user section of config.cfg
nano config.cfg

# run the algo script
./algo

# setup your clients that you generated
	# if you a vanilla install
	wget 'https://gist.githubusercontent.com/elreydetoda/bac472aef59fc8d47145c4f25330187b/raw/Vagrantfile'

	# if you want my personal config
	wget -O Vagrantfile 'https://gist.githubusercontent.com/elreydetoda/bac472aef59fc8d47145c4f25330187b/raw/Vagrantfile.elrey'

	## my personal config contains the following customizations
	# - pki_in_tmpfs: false - changed to not be in tmpfs so you can continue to use wireguard for long periods of time (although, cool feature checkout more here: https://github.com/trailofbits/algo/issues/145)
	# - disables ipsec vpn, to only use wireguard
	# - sets the wireguard_PersistentKeepalive to 25 to help with NAT Traversal (https://www.wireguard.com/quickstart/#nat-and-firewall-traversal-persistence)
	# - change ip address to 100.66.0.0/24 so it doesn't clash with internal ips: https://en.wikipedia.org/wiki/Reserved_IP_addresses
	# - enable unattended_reboot (reboot machine if need to install updates: https://github.com/trailofbits/algo/blob/f8ce1f84a2777f18803d62e4324bbf67989a7450/config.cfg#L99-L103)
	# - BetweenClients_DROP: false - Allow clients to communicate to each other (to allow you to ssh or rdp to them)

	# start the vm and ssh in
	vagrant up && vagrant ssh

	# set your users under the user section of config.cfg
	nano config.cfg

	# run the algo script
	./algo

	# setup your clients that you generated