If you don't know what Wireguard is, well, you should. It's fast, easy to setup and highly configurable. We will configure Wireguard for multiple users with various restrictions using iptables.
This should fit most setups (not mine though 😉)
Quentin McGaw qdm12
qdm12
/ pia-checktun.go
Created
February 9, 2020 23:11
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // CheckTUN checks the tunnel device is present and accessible | |
| func (c *configurator) CheckTUN() error { | |
| c.logger.Info("%s: checking for device %s", logPrefix, constants.TunnelDevice) | |
| f, err := c.openFile(string(constants.TunnelDevice), os.O_RDWR, 0) | |
| if err != nil { | |
| return fmt.Errorf("TUN device is not available: %w", err) | |
| } | |
| if err := f.Close(); err != nil { | |
| c.logger.Warn("Could not close TUN device file: %s", err) | |
| } |
qdm12
/ pia-createtun.go
Created
February 9, 2020 23:13
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| func (c *configurator) CreateTUN() error { | |
| c.logger.Info("%s: creating %s", logPrefix, constants.TunnelDevice) | |
| if err := c.fileManager.CreateDir("/dev/net"); err != nil { | |
| return err | |
| } | |
| dev := c.mkDev(10, 200) | |
| if err := c.mkNod(string(constants.TunnelDevice), unix.S_IFCHR, int(dev)); err != nil { | |
| return err | |
| } | |
| if err := c.fileManager.SetUserPermissions(string(constants.TunnelDevice), 666); err != nil { |
qdm12
/ pia-streammerger.go
Created
February 9, 2020 23:16
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| package command | |
| import ( | |
| "bufio" | |
| "context" | |
| "fmt" | |
| "io" | |
| ) | |
| type StreamMerger interface { |
qdm12
/ pia-startcmd.go
Created
February 9, 2020 23:18
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| func (c *commander) Start(name string, arg ...string) (stdoutPipe, stderrPipe io.ReadCloser, waitFn func() error, err error) { | |
| cmd := c.execCommand(name, arg...) | |
| stdout, err := cmd.StdoutPipe() | |
| if err != nil { | |
| return nil, nil, nil, err | |
| } | |
| stderr, err := cmd.StderrPipe() | |
| if err != nil { | |
| return nil, nil, nil, err | |
| } |
qdm12
/ karabiner.json
Created
February 11, 2020 17:37
Karabiner Elements configuration file for Mac OS
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "global": { | |
| "check_for_updates_on_startup": true, | |
| "show_in_menu_bar": true, | |
| "show_profile_name_in_menu_bar": false | |
| }, | |
| "profiles": [ | |
| { | |
| "name": "Default profile", | |
| "selected": true, |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Buildx latest | |
| on: | |
| push: | |
| branches: [master] | |
| paths-ignore: | |
| - .github/workflows/buildx-release.yml | |
| - README.md | |
| jobs: | |
| buildx: | |
| runs-on: ubuntu-latest |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Buildx latest | |
| on: | |
| push: | |
| branches: [master] | |
| paths-ignore: | |
| - .github/workflows/buildx-release.yml | |
| - README.md | |
| jobs: | |
| buildx: | |
| runs-on: ubuntu-latest |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Buildx release | |
| on: | |
| release: | |
| types: [published] | |
| paths-ignore: | |
| - .github/workflows/buildx-latest.yml | |
| - README.md | |
| jobs: | |
| buildx: |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| FROM debian:buster-slim | |
| WORKDIR /domoticz | |
| EXPOSE 8080/tcp 443/tcp 6144 | |
| ENTRYPOINT [ "/domoticz/domoticz" ] | |
| RUN apt-get update -y && \ | |
| apt-get install -y wget libusb-0.1-4 libcurl3-gnutls && \ | |
| wget -q -O domoticz.tgz https://releases.domoticz.com/releases/release/domoticz_linux_x86_64.tgz && \ | |
| tar -xf domoticz.tgz && \ | |
| rm domoticz.tgz *.txt |