[edit] I have one concern, how can the user be assured the private keys aren't being stored anywhere that could be stolen and used for attacks later on? I would add some sort of security audit, maybe use GitHub and GitHub actions to publish the site.
[edit 2] Juat saw your reply to someone else that everything generated client-side, carry on!
Thanks! I should probably emphasise the client-side aspect in bold letters on the site.
Very cool. Would this set up allow someone to reach their LAN devices at home too?
I’m currently struggling to do that. I’ve got WireGuard running great on my phone and I can reach home through it but Infuse can’t “see” the SMB share I’ve got at home.
If you choose your CIDR so that the IP addresses of your wireguard clients fall into the same subnet as your home network it should just work. Otherwise you might need to set up some IP routing rules on your wireguard server.
There is a Save as ZIP button just under the 'Generated Config' header. I need to do some polishing up of the UI to make things a bit more intuitive!
Are those endpoints correct in the peer parts of the server config? Wouldn't that be the dynamic hostname of the peers in there? Been a while since I set my WireGuard up but I'm struggling to see why each peer would have the server host defined on the server itself.
Fantastic stuff! Thanks for sharing.
[edit] I have one concern, how can the user be assured the private keys aren't being stored anywhere that could be stolen and used for attacks later on? I would add some sort of security audit, maybe use GitHub and GitHub actions to publish the site.
[edit 2] Juat saw your reply to someone else that everything generated client-side, carry on!
Thanks! I should probably emphasise the client-side aspect in bold letters on the site.
More replies
More replies
This is a very slick tool. I just set up wireguard yesterday. I wrote a bash script, but it only does 25% of what this does.
One suggestion- add preshared keys for the clients.
More replies
Very cool. Would this set up allow someone to reach their LAN devices at home too?
I’m currently struggling to do that. I’ve got WireGuard running great on my phone and I can reach home through it but Infuse can’t “see” the SMB share I’ve got at home.
If you choose your CIDR so that the IP addresses of your wireguard clients fall into the same subnet as your home network it should just work. Otherwise you might need to set up some IP routing rules on your wireguard server.
More replies
More replies
There is a Save as ZIP button just under the 'Generated Config' header. I need to do some polishing up of the UI to make things a bit more intuitive!
Are those
endpointscorrect in thepeerparts of the server config? Wouldn't that be the dynamic hostname of the peers in there? Been a while since I set my WireGuard up but I'm struggling to see why each peer would have the server host defined on the server itself.More replies