nealfennimore

# ------------------------------------------------
# Config files are located in /etc/wireguard/wg0
# ------------------------------------------------

# ---------- Server Config ----------
[Interface]
Address = 10.10.0.1/24 # IPV4 CIDR 
Address = fd86:ea04:1111::1/64 # IPV6 CIDR 
PostUp = iptables -A FORWARD -i wg0 -j ACCEPT; iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE; ip6tables -A FORWARD -i wg0 -j ACCEPT; ip6tables -t nat -A POSTROUTING -o eth0 -j MASQUERADE # Add forwarding when VPN is started
PostDown = iptables -D FORWARD -i wg0 -j ACCEPT; iptables -t nat -D POSTROUTING -o eth0 -j MASQUERADE; ip6tables -D FORWARD -i wg0 -j ACCEPT; ip6tables -t nat -D POSTROUTING -o eth0 -j MASQUERADE # Remove forwarding when VPN is shutdown

benscabbia

# This guide will show you how to configure ddclient to dynamically update your DNS at Cloudflare.
# This cookbook makes use of a number of online guides - all of which I will reference at the end.

# Cloudflare requires ddclient to be version 3.8.2 or you will get a 'cloudflare protocol didn't exist'.
# Unfortunately, the package manager at this time makes use of 3.8.1
# My suggestion is to follow the semi-autonomous process, by downloading the out of date package
# and then manually update a few files. If you prefer, you can go down the fully manual route manual route. 
# Installation - Manual (Not Tested: https://www.cloudflare.com/technical-resources/#ddclient)

# Installation - Semi-Autonomous (Recommended, follow below)

eheydrick

nginx conf for proxying the FreeIPA UI. ipa.my.org is the proxy name, realipa.my.org is the master.

server {
  listen 443 ssl;
  server_name ipa.my.org;
  ssl on;
  ssl_certificate /etc/nginx/ssl/ipa.crt;
  ssl_certificate_key /etc/nginx/ssl/ipa.key;
  ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
  ssl_ciphers AES256+EECDH:AES256+EDH:AES128+EECDH!aNULL;