From 8a8a05b0fe9bf65674b6f5f13ddc9ba7b4c0321d Mon Sep 17 00:00:00 2001 From: tituspijean Date: Tue, 2 Mar 2021 19:00:05 +0100 Subject: [PATCH 1/2] Add instructions to enable port forwarding --- README.md | 15 +++++++++++++-- README_fr.md | 15 +++++++++++++-- 2 files changed, 26 insertions(+), 4 deletions(-) diff --git a/README.md b/README.md index ef2bccc..71221e0 100644 --- a/README.md +++ b/README.md @@ -25,8 +25,19 @@ This app installs WireGuard, a software to create and manage virtual private net WireGuard can be configured via a non-official web UI. Avoid altering the configuration files via the command line interface, though. -If you want to use the server as an endpoint for your clients' Internet connection, add the following commands in `WireGuard Server` menu. -Replace `eth0` with the interface connected to the Internet. +### Make your server share its Internet connection + +#### Enable port forwarding + +```bash +sudo nano /etc/sysctl.conf +# It should have an uncommented line: +net.ipv4.ip_forward = 1 +# Save and quit (CTRL+O, CTRL+X) +sudo sysctl -p +``` + +Add the following commands in `WireGuard Server` menu. Replace `eth0` with the interface connected to the Internet: #### Post Up Script ``` diff --git a/README_fr.md b/README_fr.md index 9cc1ee7..817e7dc 100644 --- a/README_fr.md +++ b/README_fr.md @@ -25,8 +25,19 @@ Cette application installe WireGuard, logiciel permettant de créer des réseaux WireGuard est configurable via une web UI non-officielle. Évitez de toucher aux fichiers de configuration via la ligne de commande. -Si vous souhaitez utiliser votre serveur comme point d'accès pour la connexion Internet de vos clients, ajoutez les commandes suivantes dans le menu `WireGuard Server`. -Remplacez `eth0` par l'interface connectée à l'Internet. +### Partager la connexion Internet de votre serveur + +#### Activer le *port forwarding* + +```bash +sudo nano /etc/sysctl.conf +# It should have an uncommented line: +net.ipv4.ip_forward = 1 +# Save and quit (CTRL+O, CTRL+X) +sudo sysctl -p +``` + +Ajoutez les commandes suivantes dans le menu `WireGuard Server`. Remplacez `eth0` par l'interface connectée à l'Internet. #### Post Up Script ``` From 59d1f06fcca84bb26eecdba91a13b16743956782 Mon Sep 17 00:00:00 2001 From: tituspijean Date: Wed, 3 Mar 2021 19:41:41 +0100 Subject: [PATCH 2/2] Close all ports upon removal Closes #12 --- scripts/remove | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/scripts/remove b/scripts/remove index 0a11336..0befc03 100644 --- a/scripts/remove +++ b/scripts/remove @@ -94,6 +94,12 @@ then ynh_exec_warn_less yunohost firewall disallow TCP $port_wg fi +if yunohost firewall list | grep -q "\- $port$" +then + ynh_script_progression --message="Closing port $port..." --weight=1 + ynh_exec_warn_less yunohost firewall disallow TCP $port +fi + #================================================= # SPECIFIC REMOVE #=================================================